key_share: zeroize derived shared secret after compositing

author Daiki Ueno <ueno@gnu.org>

Wed, 15 Apr 2026 12:21:46 +0000 (21:21 +0900)

committer Alexander Sosedkin <asosedkin@redhat.com>

Wed, 29 Apr 2026 14:26:23 +0000 (16:26 +0200)
author Daiki Ueno <ueno@gnu.org>
Wed, 15 Apr 2026 12:21:46 +0000 (21:21 +0900)
committer Alexander Sosedkin <asosedkin@redhat.com>
Wed, 29 Apr 2026 14:26:23 +0000 (16:26 +0200)
diff --git a/lib/ext/key_share.c b/lib/ext/key_share.c

index 84cb031ae5a372470eb75abde3643f999f111e5d..85c1e46ecd314b53651f56be35a82b6f8c8e1207 100644 (file)
--- a/lib/ext/key_share.c
+++ b/lib/ext/key_share.c
@@ -462,7 +462,7 @@ static int server_use_key_share_single(gnutls_session_t session,
                         return gnutls_assert_val(ret);
  
                 ret = append_key_datum(&session->key.key, &key);
-               _gnutls_free_datum(&key);
+               _gnutls_free_key_datum(&key);
                 if (ret < 0)
                         return gnutls_assert_val(ret);
  
@@ -506,7 +506,7 @@ static int server_use_key_share_single(gnutls_session_t session,
                         return gnutls_assert_val(ret);
  
                 ret = append_key_datum(&session->key.key, &key);
-               _gnutls_free_datum(&key);
+               _gnutls_free_key_datum(&key);
                 if (ret < 0)
                         return gnutls_assert_val(ret);
  
@@ -603,7 +603,7 @@ static int server_use_key_share_single(gnutls_session_t session,
                         return gnutls_assert_val(GNUTLS_E_ILLEGAL_PARAMETER);
  
                 ret = append_key_datum(&session->key.key, &key);
-               _gnutls_free_datum(&key);
+               _gnutls_free_key_datum(&key);
                 if (ret < 0)
                         return gnutls_assert_val(ret);
  
@@ -700,7 +700,7 @@ static int client_use_key_share_single(gnutls_session_t session,
                         return gnutls_assert_val(ret);
  
                 ret = append_key_datum(&session->key.key, &key);
-               _gnutls_free_datum(&key);
+               _gnutls_free_key_datum(&key);
                 if (ret < 0)
                         return gnutls_assert_val(ret);
  
@@ -739,7 +739,7 @@ static int client_use_key_share_single(gnutls_session_t session,
                         return gnutls_assert_val(ret);
  
                 ret = append_key_datum(&session->key.key, &key);
-               _gnutls_free_datum(&key);
+               _gnutls_free_key_datum(&key);
                 if (ret < 0)
                         return gnutls_assert_val(ret);
  
@@ -776,7 +776,7 @@ static int client_use_key_share_single(gnutls_session_t session,
                         return gnutls_assert_val(ret);
  
                 ret = append_key_datum(&session->key.key, &key);
-               _gnutls_free_datum(&key);
+               _gnutls_free_key_datum(&key);
                 if (ret < 0)
                         return gnutls_assert_val(ret);
  
@@ -797,7 +797,7 @@ static int client_use_key_share_single(gnutls_session_t session,
                         return gnutls_assert_val(GNUTLS_E_ILLEGAL_PARAMETER);
  
                 ret = append_key_datum(&session->key.key, &key);
-               _gnutls_free_datum(&key);
+               _gnutls_free_key_datum(&key);
                 if (ret < 0)
                         return gnutls_assert_val(ret);
author	Daiki Ueno <ueno@gnu.org>
	Wed, 15 Apr 2026 12:21:46 +0000 (21:21 +0900)
committer	Alexander Sosedkin <asosedkin@redhat.com>
	Wed, 29 Apr 2026 14:26:23 +0000 (16:26 +0200)