Use OPENSSL_secure_clear_free for secure mem BIOs and X25519 private keys

Reviewed-by: Rich Salz <rsalz@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/4044)
This commit is contained in:
Bernd Edlinger 2017-07-28 21:59:07 +02:00
parent 4dae7cd3f0
commit 5d8f1b1389
2 changed files with 3 additions and 3 deletions

View File

@ -47,7 +47,7 @@ void BUF_MEM_free(BUF_MEM *a)
if (a->data != NULL) {
if (a->flags & BUF_MEM_FLAG_SECURE)
OPENSSL_secure_free(a->data);
OPENSSL_secure_clear_free(a->data, a->max);
else
OPENSSL_clear_free(a->data, a->max);
}
@ -64,7 +64,7 @@ static char *sec_alloc_realloc(BUF_MEM *str, size_t len)
if (str->data != NULL) {
if (ret != NULL) {
memcpy(ret, str->data, str->length);
OPENSSL_secure_free(str->data);
OPENSSL_secure_clear_free(str->data, str->length);
str->data = NULL;
}
}

View File

@ -220,7 +220,7 @@ static void ecx_free(EVP_PKEY *pkey)
X25519_KEY *xkey = pkey->pkey.ptr;
if (xkey)
OPENSSL_secure_free(xkey->privkey);
OPENSSL_secure_clear_free(xkey->privkey, X25519_KEYLEN);
OPENSSL_free(xkey);
}