projects / oweals / openssl.git / commitdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | patch | inline | side by side (parent: 18c1f99)
Clear the point S before freeing in ec_scalar_mul_ladder
authorBernd Edlinger <bernd.edlinger@hotmail.de>
Sun, 17 Mar 2019 16:28:24 +0000 (17:28 +0100)
committerBernd Edlinger <bernd.edlinger@hotmail.de>
Mon, 18 Mar 2019 21:42:23 +0000 (22:42 +0100)
The secret point R can be recovered from S using the equation R = S - P.
The X and Z coordinates should be sufficient for that.

Reviewed-by: Paul Dale <paul.dale@oracle.com>
(Merged from https://github.com/openssl/openssl/pull/8504)

(cherry picked from commit 8a74bb5c7becbd7492f4445b852602c3e88ba143)

crypto/ec/ec_mult.c patch | blob | history

diff --git a/crypto/ec/ec_mult.c b/crypto/ec/ec_mult.c
index 0e0a5e1394affb4bd1976ed0f65ae833d7f0ba1c..f8832e94e0f2e22be1436b07668b94f0f0d8abbd 100644 (file)
--- a/crypto/ec/ec_mult.c
+++ b/crypto/ec/ec_mult.c
@@ -378,7 +378,7 @@ int ec_scalar_mul_ladder(const EC_GROUP *group, EC_POINT *r,
 
  err:
     EC_POINT_free(p);
-    EC_POINT_free(s);
+    EC_POINT_clear_free(s);
     BN_CTX_end(ctx);
 
     return ret;
Unnamed repository; edit this file 'description' to name the repository.