diff options
| author | Theo de Raadt <deraadt@cvs.openbsd.org> | 2017-05-02 03:59:46 +0000 |
|---|---|---|
| committer | Theo de Raadt <deraadt@cvs.openbsd.org> | 2017-05-02 03:59:46 +0000 |
| commit | cc4b23eafa00f2d02bd6a5aeb37a603e5616a1b5 (patch) | |
| tree | 0c263850a80e2d5ef373e8dffa7717aaaa1e4a4a /lib/libcrypto/hmac/hm_pmeth.c | |
| parent | cc386e2f2850053dd843b8a7630c3162a953abc8 (diff) | |
use freezero() instead of memset/explicit_bzero + free. Substantially
reduces conditional logic (-218, +82).
MOD_EXP_CTIME_MIN_CACHE_LINE_WIDTH cache alignment calculation bn/bn_exp.c
wasn'tt quite right. Two other tricky bits with ASN1_STRING_FLAG_NDEF and
BN_FLG_STATIC_DATA where the condition cannot be collapsed completely.
Passes regress. ok beck
Diffstat (limited to 'lib/libcrypto/hmac/hm_pmeth.c')
| -rw-r--r-- | lib/libcrypto/hmac/hm_pmeth.c | 9 |
1 files changed, 2 insertions, 7 deletions
diff --git a/lib/libcrypto/hmac/hm_pmeth.c b/lib/libcrypto/hmac/hm_pmeth.c index c5ac6c00c0f..390725fa251 100644 --- a/lib/libcrypto/hmac/hm_pmeth.c +++ b/lib/libcrypto/hmac/hm_pmeth.c @@ -1,4 +1,4 @@ -/* $OpenBSD: hm_pmeth.c,v 1.9 2015/09/10 15:56:25 jsing Exp $ */ +/* $OpenBSD: hm_pmeth.c,v 1.10 2017/05/02 03:59:44 deraadt Exp $ */ /* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL * project 2007. */ @@ -122,12 +122,7 @@ pkey_hmac_cleanup(EVP_PKEY_CTX *ctx) HMAC_PKEY_CTX *hctx = ctx->data; HMAC_CTX_cleanup(&hctx->ctx); - if (hctx->ktmp.data) { - if (hctx->ktmp.length) - explicit_bzero(hctx->ktmp.data, hctx->ktmp.length); - free(hctx->ktmp.data); - hctx->ktmp.data = NULL; - } + freezero(hctx->ktmp.data, hctx->ktmp.length); free(hctx); } |