From ae19a113fa07285c76f0ae73bcab2b018fccdd1e Mon Sep 17 00:00:00 2001 From: tb Date: Sun, 2 Jul 2023 11:29:36 +0000 Subject: [PATCH] Unconditionally zero the ECDH key While memset() is quite expensive, we can afford zeroing a few extra bytes to make this code more readable. ok beck jsing --- lib/libcrypto/ecdh/ech_key.c | 9 +++------ 1 file changed, 3 insertions(+), 6 deletions(-) diff --git a/lib/libcrypto/ecdh/ech_key.c b/lib/libcrypto/ecdh/ech_key.c index d93e95b2394..bac5b6e28da 100644 --- a/lib/libcrypto/ecdh/ech_key.c +++ b/lib/libcrypto/ecdh/ech_key.c @@ -1,4 +1,4 @@ -/* $OpenBSD: ech_key.c,v 1.31 2023/07/02 03:11:51 tb Exp $ */ +/* $OpenBSD: ech_key.c,v 1.32 2023/07/02 11:29:36 tb Exp $ */ /* ==================================================================== * Copyright 2002 Sun Microsystems, Inc. ALL RIGHTS RESERVED. * @@ -68,7 +68,6 @@ */ #include -#include #include #include @@ -163,11 +162,9 @@ ossl_ecdh_compute_key(void *out, size_t outlen, const EC_POINT *pub_key, goto err; } } else { - /* No KDF, just copy out the key and zero the rest. */ - if (outlen > buflen) { - memset((void *)((uintptr_t)out + buflen), 0, outlen - buflen); + memset(out, 0, outlen); + if (outlen > buflen) outlen = buflen; - } memcpy(out, buf, outlen); } -- 2.20.1