projects / oweals / openssl.git / commitdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | patch | inline | side by side (parent: dbf71ae)
Clear the point S before freeing in ec_mul_consttime
authorBernd Edlinger <bernd.edlinger@hotmail.de>
Sun, 17 Mar 2019 16:28:24 +0000 (17:28 +0100)
committerBernd Edlinger <bernd.edlinger@hotmail.de>
Mon, 18 Mar 2019 21:50:08 +0000 (22:50 +0100)
The secret point R can be recovered from S using the equation R = S - P.
The X and Z coordinates should be sufficient for that.

Reviewed-by: Paul Dale <paul.dale@oracle.com>
(Merged from https://github.com/openssl/openssl/pull/8505)

(cherry picked from commit 502b871ad4eacc96a31f89d9a9470ca2858da998)

crypto/ec/ec_mult.c patch | blob | history

diff --git a/crypto/ec/ec_mult.c b/crypto/ec/ec_mult.c
index da71526818f84dd86dc8ef037344dcb1971cf394..fce88822f66682b2a68462d453c6c7d7f0ce5f5c 100644 (file)
--- a/crypto/ec/ec_mult.c
+++ b/crypto/ec/ec_mult.c
@@ -519,7 +519,7 @@ static int ec_mul_consttime(const EC_GROUP *group, EC_POINT *r,
     ret = 1;
 
  err:
-    EC_POINT_free(s);
+    EC_POINT_clear_free(s);
     BN_CTX_end(ctx);
     BN_CTX_free(new_ctx);
 
Unnamed repository; edit this file 'description' to name the repository.