hkdf: change FIPS zeroization to use the OPENSSL_PEDANTIC_ZEROIZATION define

Reviewed-by: Richard Levitte <levitte@openssl.org> Reviewed-by: Tim Hudson <tjh@openssl.org> (Merged from https://github.com/openssl/openssl/pull/26068)
2024-12-21 06:09:35 +08:00 · 2024-11-27 11:19:19 +11:00 · 2024-11-27 11:19:19 +11:00 · db1d8c90d5
commit db1d8c90d5
parent e73c1faa53
1 changed files with 1 additions and 1 deletions
--- a/providers/implementations/kdfs/hkdf.c
+++ b/providers/implementations/kdfs/hkdf.c
@ -128,7 +128,7 @@ static void kdf_hkdf_reset(void *vctx)
    void *provctx = ctx->provctx;

    ossl_prov_digest_reset(&ctx->digest);
-#ifdef FIPS_MODULE
+#ifdef OPENSSL_PEDANTIC_ZEROIZATION
    OPENSSL_clear_free(ctx->salt, ctx->salt_len);
 #else
    OPENSSL_free(ctx->salt);