From: Joachim Vandersmissen <git@jvdsn.com>
Date: Sun, 27 Oct 2024 04:48:55 +0000 (-0500)
Subject: fips: zeroization of ECX public keys
X-Git-Tag: openssl-3.5.0-alpha1~857
X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=04812ed1de6db39f2a5cc758151ddb167afe4965;p=thirdparty%2Fopenssl.git

fips: zeroization of ECX public keys

Commit fa338aa7cd added zeroization of public security parameters as
required by ISO 19790:2012/Cor.1:2015 7.9. However, that commit
overlooked ECX keys, which are used for EdDSA and X25519/X448.

Reviewed-by: Paul Dale <ppzgs1@gmail.com>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/25807)
---

diff --git a/crypto/ec/ecx_key.c b/crypto/ec/ecx_key.c
index ba725eb573c..98f68cd0134 100644
--- a/crypto/ec/ecx_key.c
+++ b/crypto/ec/ecx_key.c
@@ -75,6 +75,9 @@ void ossl_ecx_key_free(ECX_KEY *key)
     REF_ASSERT_ISNT(i < 0);
 
     OPENSSL_free(key->propq);
+#ifdef OPENSSL_PEDANTIC_ZEROIZATION
+    OPENSSL_cleanse(&key->pubkey, sizeof(key->pubkey));
+#endif
     OPENSSL_secure_clear_free(key->privkey, key->keylen);
     CRYPTO_FREE_REF(&key->references);
     OPENSSL_free(key);