pbkdf2: change FIPS zeroization to use the OPENSSL_PEDANTIC_ZEROIZATION define

author Pauli <ppzgs1@gmail.com>

Wed, 27 Nov 2024 00:19:32 +0000 (11:19 +1100)

committer Tomas Mraz <tomas@openssl.org>

Thu, 28 Nov 2024 14:13:35 +0000 (15:13 +0100)
author Pauli <ppzgs1@gmail.com>
Wed, 27 Nov 2024 00:19:32 +0000 (11:19 +1100)
committer Tomas Mraz <tomas@openssl.org>
Thu, 28 Nov 2024 14:13:35 +0000 (15:13 +0100)
diff --git a/providers/implementations/kdfs/pbkdf2.c b/providers/implementations/kdfs/pbkdf2.c

index d1398461482c86e457beb72f456937fc694a2a51..b38331406412dacd580dc33d6a4c153b0b314724 100644 (file)
--- a/providers/implementations/kdfs/pbkdf2.c
+++ b/providers/implementations/kdfs/pbkdf2.c
@@ -93,7 +93,7 @@ static void *kdf_pbkdf2_new(void *provctx)
  static void kdf_pbkdf2_cleanup(KDF_PBKDF2 *ctx)
  {
      ossl_prov_digest_reset(&ctx->digest);
-#ifdef FIPS_MODULE
+#ifdef OPENSSL_PEDANTIC_ZEROIZATION
      OPENSSL_clear_free(ctx->salt, ctx->salt_len);
  #else
      OPENSSL_free(ctx->salt);
author	Pauli <ppzgs1@gmail.com>
	Wed, 27 Nov 2024 00:19:32 +0000 (11:19 +1100)
committer	Tomas Mraz <tomas@openssl.org>
	Thu, 28 Nov 2024 14:13:35 +0000 (15:13 +0100)