cleanse stack variable in kdf_pbkdf1_do_derive

kdf_pbkdf1_do_derive stores key derivation information in a stack
variable, which is left uncleansed prior to returning.  Ensure that the
stack information is zeroed prior to return to avoid potential leaks of
key information

Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/23194)

(cherry picked from commit 5963aa8c196d7c5a940a979299a07418527932af)

diff --git a/providers/implementations/kdfs/pbkdf1.c b/providers/implementations/kdfs/pbkdf1.c
index 10b27f5a6271a70b7ea6ea6a3b152b25a2622748..9fd76acb5022f996a5aa92b7daa3b3400a99f4c4 100644 (file)
--- a/providers/implementations/kdfs/pbkdf1.c
+++ b/providers/implementations/kdfs/pbkdf1.c
@@ -89,6 +89,7 @@ static int kdf_pbkdf1_do_derive(const unsigned char *pass, size_t passlen,
     memcpy(out, md_tmp, n);
     ret = 1;
 err:
+    OPENSSL_cleanse(md_tmp, EVP_MAX_MD_SIZE);
     EVP_MD_CTX_free(ctx);
     return ret;
 }