ml-kem: wipe full seed buffer in ml_kem_gen_cleanup
The gen ctx stores seed material in uint8_t seedbuf[ML_KEM_SEED_BYTES],
where ML_KEM_SEED_BYTES = ML_KEM_RANDOM_BYTES * 2.
When cleanup runs and gctx->seed != NULL, it wiped ML_KEM_RANDOM_BYTES
so clearing only half of the seed buffer.
This change wipes the entire buffer instead.
CLA: trivial
Reviewed-by: Paul Dale <paul.dale@oracle.com> Reviewed-by: Eugene Syromiatnikov <esyr@openssl.org>
MergeDate: Fri Mar 13 08:42:00 2026
(Merged from https://github.com/openssl/openssl/pull/30355)
projects / thirdparty / openssl.git / commit
