vendor/openssl/1.1.1a

author: Jung-uk Kim <jkim@FreeBSD.org> 2018-11-20 18:59:41 +0000
committer: Jung-uk Kim <jkim@FreeBSD.org> 2018-11-20 18:59:41 +0000
commit: 8c3f9abd70b3f447a4795c1b00b386b044fb322d (patch)
tree: 884976f2693f42bade35b92edc3c1f7f8c53825b /crypto/kdf/hkdf.c
parent: a43ce912fc025d11e1395506111f75fc194d7ba5 (diff)
download: src-test2-8c3f9abd70b3f447a4795c1b00b386b044fb322d.tar.gz
src-test2-8c3f9abd70b3f447a4795c1b00b386b044fb322d.zip
1 files changed, 13 insertions, 1 deletions
diff --git a/crypto/kdf/hkdf.c b/crypto/kdf/hkdf.c
index ec6090ad6a7b..ae46fad609ac 100644
--- a/crypto/kdf/hkdf.c
+++ b/crypto/kdf/hkdf.c
@@ -175,6 +175,18 @@ static int pkey_hkdf_ctrl_str(EVP_PKEY_CTX *ctx, const char *type,
     return -2;
 }
 
+static int pkey_hkdf_derive_init(EVP_PKEY_CTX *ctx)
+{
+    HKDF_PKEY_CTX *kctx = ctx->data;
+
+    OPENSSL_clear_free(kctx->key, kctx->key_len);
+    OPENSSL_clear_free(kctx->salt, kctx->salt_len);
+    OPENSSL_cleanse(kctx->info, kctx->info_len);
+    memset(kctx, 0, sizeof(*kctx));
+
+    return 1;
+}
+
 static int pkey_hkdf_derive(EVP_PKEY_CTX *ctx, unsigned char *key,
                             size_t *keylen)
 {
@@ -236,7 +248,7 @@ const EVP_PKEY_METHOD hkdf_pkey_meth = {
 
     0, 0,
 
-    0,
+    pkey_hkdf_derive_init,
     pkey_hkdf_derive,
     pkey_hkdf_ctrl,
     pkey_hkdf_ctrl_str
author	Jung-uk Kim <jkim@FreeBSD.org>	2018-11-20 18:59:41 +0000
committer	Jung-uk Kim <jkim@FreeBSD.org>	2018-11-20 18:59:41 +0000
commit	8c3f9abd70b3f447a4795c1b00b386b044fb322d (patch)
tree	884976f2693f42bade35b92edc3c1f7f8c53825b /crypto/kdf/hkdf.c
parent	a43ce912fc025d11e1395506111f75fc194d7ba5 (diff)
download	src-test2-8c3f9abd70b3f447a4795c1b00b386b044fb322d.tar.gz src-test2-8c3f9abd70b3f447a4795c1b00b386b044fb322d.zip