projects / openssl.git / commit
? search:
summary | shortlog | log | commit | commitdiff | tree
(parent: bd598cc) | patch
Ensure HMAC key gets cleansed after use
authorMatt Caswell <matt@openssl.org>
Fri, 24 Jun 2016 09:31:08 +0000 (10:31 +0100)
committerMatt Caswell <matt@openssl.org>
Fri, 24 Jun 2016 12:28:29 +0000 (13:28 +0100)
commit1bb0918c3d272900612d15781bb26c20b6a87601
treeb18c3a998b0267aea3379035b66dde6dbdb40cf5tree | snapshot
parentbd598cc405e981de259a07558e600b5a9ef64bd6commit | diff
Ensure HMAC key gets cleansed after use

aesni_cbc_hmac_sha256_ctrl() and aesni_cbc_hmac_sha1_ctrl() cleanse the
HMAC key after use, but static int rc4_hmac_md5_ctrl() doesn't.

Fixes an OCAP Audit issue.

Reviewed-by: Andy Polyakov <appro@openssl.org>
(cherry picked from commit 0def528bc502a888a3f4ef3c38ea4c5e69fd7375)
crypto/evp/e_rc4_hmac_md5.c diff | blob | history
Unnamed repository; edit this file 'description' to name the repository.