Clean password buffer on stack for PEM_read_bio_PrivateKey

and d2i_PKCS8PrivateKey_bio before it goes out of scope.

Reviewed-by: Rich Salz <rsalz@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/4047)

(cherry picked from commit 02fd47c8b0930dff9b188fd13bfb9da5e59444a8)

diff --git a/crypto/pem/pem_pk8.c b/crypto/pem/pem_pk8.c
index 5747c7366e3d0ac792caaba09150242960a3e075..daf210fde0f946fd80d7cee3d31d02e2f86d3786 100644 (file)
--- a/crypto/pem/pem_pk8.c
+++ b/crypto/pem/pem_pk8.c
@@ -178,6 +178,7 @@ EVP_PKEY *d2i_PKCS8PrivateKey_bio(BIO *bp, EVP_PKEY **x, pem_password_cb *cb,
     }
     p8inf = PKCS8_decrypt(p8, psbuf, klen);
     X509_SIG_free(p8);
+    OPENSSL_cleanse(psbuf, klen);
     if (!p8inf)
         return NULL;
     ret = EVP_PKCS82PKEY(p8inf);

diff --git a/crypto/pem/pem_pkey.c b/crypto/pem/pem_pkey.c
index 04d6319a225be0f861341909090fb8b3924711a8..e8b3a1b92c8d5101d5211518fc1bfb87f6e45fda 100644 (file)
--- a/crypto/pem/pem_pkey.c
+++ b/crypto/pem/pem_pkey.c
@@ -120,6 +120,7 @@ EVP_PKEY *PEM_read_bio_PrivateKey(BIO *bp, EVP_PKEY **x, pem_password_cb *cb,
         }
         p8inf = PKCS8_decrypt(p8, psbuf, klen);
         X509_SIG_free(p8);
+        OPENSSL_cleanse(psbuf, klen);
         if (!p8inf)
             goto p8err;
         ret = EVP_PKCS82PKEY(p8inf);