From 7df4760801dc5f854672e7db0ad2fa10dda7bc8e Mon Sep 17 00:00:00 2001 From: tb Date: Tue, 9 Jul 2024 16:29:27 +0000 Subject: [PATCH] OPENSSL_clear_free() -> freezero() --- lib/libcrypto/kdf/tls1_prf.c | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) diff --git a/lib/libcrypto/kdf/tls1_prf.c b/lib/libcrypto/kdf/tls1_prf.c index 6d3d49cd251..d08c32d270a 100644 --- a/lib/libcrypto/kdf/tls1_prf.c +++ b/lib/libcrypto/kdf/tls1_prf.c @@ -49,7 +49,7 @@ static int pkey_tls1_prf_init(EVP_PKEY_CTX *ctx) static void pkey_tls1_prf_cleanup(EVP_PKEY_CTX *ctx) { TLS1_PRF_PKEY_CTX *kctx = ctx->data; - OPENSSL_clear_free(kctx->sec, kctx->seclen); + freezero(kctx->sec, kctx->seclen); OPENSSL_cleanse(kctx->seed, kctx->seedlen); OPENSSL_free(kctx); } @@ -66,7 +66,7 @@ static int pkey_tls1_prf_ctrl(EVP_PKEY_CTX *ctx, int type, int p1, void *p2) if (p1 < 0) return 0; if (kctx->sec != NULL) - OPENSSL_clear_free(kctx->sec, kctx->seclen); + freezero(kctx->sec, kctx->seclen); OPENSSL_cleanse(kctx->seed, kctx->seedlen); kctx->seedlen = 0; kctx->sec = OPENSSL_memdup(p2, p1); @@ -263,12 +263,12 @@ static int tls1_prf_alg(const EVP_MD *md, } if (!tls1_prf_P_hash(EVP_sha1(), sec + slen/2, slen/2 + (slen & 1), seed, seed_len, tmp, olen)) { - OPENSSL_clear_free(tmp, olen); + freezero(tmp, olen); return 0; } for (i = 0; i < olen; i++) out[i] ^= tmp[i]; - OPENSSL_clear_free(tmp, olen); + freezero(tmp, olen); return 1; } if (!tls1_prf_P_hash(md, sec, slen, seed, seed_len, out, olen)) -- 2.20.1