From: Daiki Ueno Date: Wed, 15 Apr 2026 12:21:46 +0000 (+0900) Subject: key_share: zeroize derived shared secret after compositing X-Git-Tag: 3.8.13^2~7 X-Git-Url: http://git.ipfire.org/gitweb/?a=commitdiff_plain;h=dcdce673516f4c578f37ae1c503f369d385ceb18;p=thirdparty%2Fgnutls.git key_share: zeroize derived shared secret after compositing Signed-off-by: Daiki Ueno --- diff --git a/lib/ext/key_share.c b/lib/ext/key_share.c index 84cb031ae5..85c1e46ecd 100644 --- a/lib/ext/key_share.c +++ b/lib/ext/key_share.c @@ -462,7 +462,7 @@ static int server_use_key_share_single(gnutls_session_t session, return gnutls_assert_val(ret); ret = append_key_datum(&session->key.key, &key); - _gnutls_free_datum(&key); + _gnutls_free_key_datum(&key); if (ret < 0) return gnutls_assert_val(ret); @@ -506,7 +506,7 @@ static int server_use_key_share_single(gnutls_session_t session, return gnutls_assert_val(ret); ret = append_key_datum(&session->key.key, &key); - _gnutls_free_datum(&key); + _gnutls_free_key_datum(&key); if (ret < 0) return gnutls_assert_val(ret); @@ -603,7 +603,7 @@ static int server_use_key_share_single(gnutls_session_t session, return gnutls_assert_val(GNUTLS_E_ILLEGAL_PARAMETER); ret = append_key_datum(&session->key.key, &key); - _gnutls_free_datum(&key); + _gnutls_free_key_datum(&key); if (ret < 0) return gnutls_assert_val(ret); @@ -700,7 +700,7 @@ static int client_use_key_share_single(gnutls_session_t session, return gnutls_assert_val(ret); ret = append_key_datum(&session->key.key, &key); - _gnutls_free_datum(&key); + _gnutls_free_key_datum(&key); if (ret < 0) return gnutls_assert_val(ret); @@ -739,7 +739,7 @@ static int client_use_key_share_single(gnutls_session_t session, return gnutls_assert_val(ret); ret = append_key_datum(&session->key.key, &key); - _gnutls_free_datum(&key); + _gnutls_free_key_datum(&key); if (ret < 0) return gnutls_assert_val(ret); @@ -776,7 +776,7 @@ static int client_use_key_share_single(gnutls_session_t session, return gnutls_assert_val(ret); ret = append_key_datum(&session->key.key, &key); - _gnutls_free_datum(&key); + _gnutls_free_key_datum(&key); if (ret < 0) return gnutls_assert_val(ret); @@ -797,7 +797,7 @@ static int client_use_key_share_single(gnutls_session_t session, return gnutls_assert_val(GNUTLS_E_ILLEGAL_PARAMETER); ret = append_key_datum(&session->key.key, &key); - _gnutls_free_datum(&key); + _gnutls_free_key_datum(&key); if (ret < 0) return gnutls_assert_val(ret);