]> granicus.if.org Git - pdns/commitdiff
projects / pdns / commitdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | patch | inline | side by side (parent: 88ca889)
Clear the OpenSSL BN holding the private key before releasing them
authorRemi Gacogne <remi.gacogne@powerdns.com>
Fri, 8 Jan 2016 11:30:18 +0000 (12:30 +0100)
committerRemi Gacogne <remi.gacogne@powerdns.com>
Fri, 8 Jan 2016 11:30:18 +0000 (12:30 +0100)
pdns/opensslsigners.cc patch | blob | history

diff --git a/pdns/opensslsigners.cc b/pdns/opensslsigners.cc
index 5f116b049f20cb270e172baa633bb82f78c93644..1c5278c08a57db56365cb5e05b8cbdd55ed0a8b1 100644 (file)
--- a/pdns/opensslsigners.cc
+++ b/pdns/opensslsigners.cc
@@ -244,24 +244,24 @@ void OpenSSLECDSADNSCryptoKeyEngine::fromISCMap(DNSKEYRecordContent& drc, std::m
 
   int ret = EC_KEY_set_private_key(d_eckey, prv_key);
   if (ret != 1) {
-    BN_free(prv_key);
+    BN_clear_free(prv_key);
     throw runtime_error(getName()+" setting private key failed");
   }
 
   EC_POINT *pub_key = EC_POINT_new(d_ecgroup);
   if (pub_key == NULL) {
-    BN_free(prv_key);
+    BN_clear_free(prv_key);
     throw runtime_error(getName()+" allocation of public key point failed");
   }
 
   ret = EC_POINT_mul(d_ecgroup, pub_key, prv_key, NULL, NULL, d_ctx);
   if (ret != 1) {
     EC_POINT_free(pub_key);
-    BN_free(prv_key);
+    BN_clear_free(prv_key);
     throw runtime_error(getName()+" computing public key from private failed");
   }
 
-  BN_free(prv_key);
+  BN_clear_free(prv_key);
 
   ret = EC_KEY_set_public_key(d_eckey, pub_key);
   if (ret != 1) {
Unnamed repository; edit this file 'description' to name the repository.