projects
/
openssl.git
/ commitdiff
commit
grep
author
committer
pickaxe
?
search:
re
summary
|
shortlog
|
log
|
commit
| commitdiff |
tree
raw
|
patch
| inline |
side by side
(parent:
1dfef92
)
try_pkcs12(): cleanse passphrase so it is not left on the stack
author
Tomas Mraz
<tomas@openssl.org>
Wed, 29 Dec 2021 08:26:58 +0000
(09:26 +0100)
committer
Tomas Mraz
<tomas@openssl.org>
Mon, 3 Jan 2022 09:35:36 +0000
(10:35 +0100)
Reviewed-by: Ben Kaduk <kaduk@mit.edu>
(Merged from https://github.com/openssl/openssl/pull/17320)
crypto/store/store_result.c
patch
|
blob
|
history
diff --git
a/crypto/store/store_result.c
b/crypto/store/store_result.c
index 893828ee3ed4c8506464d825bf18a54d6937552f..de00f4f56287f4567ff8402cea12812efe1b932c 100644
(file)
--- a/
crypto/store/store_result.c
+++ b/
crypto/store/store_result.c
@@
-619,9
+619,10
@@
static int try_pkcs12(struct extracted_param_data_st *data, OSSL_STORE_INFO **v,
}
ctx->cached_info = infos;
}
+ p12_end:
+ OPENSSL_cleanse(tpass, sizeof(tpass));
+ PKCS12_free(p12);
}
- p12_end:
- PKCS12_free(p12);
*v = sk_OSSL_STORE_INFO_shift(ctx->cached_info);
}