Use chunk_clear to memwipe shared secret

author Thomas Egerer <thomas.egerer@secunet.com>

Fri, 4 Nov 2011 08:24:58 +0000 (09:24 +0100)

committer Tobias Brunner <tobias@strongswan.org>

Fri, 4 Nov 2011 10:11:17 +0000 (11:11 +0100)
author Thomas Egerer <thomas.egerer@secunet.com>
Fri, 4 Nov 2011 08:24:58 +0000 (09:24 +0100)
committer Tobias Brunner <tobias@strongswan.org>
Fri, 4 Nov 2011 10:11:17 +0000 (11:11 +0100)
diff --git a/src/libstrongswan/plugins/openssl/openssl_ec_diffie_hellman.c b/src/libstrongswan/plugins/openssl/openssl_ec_diffie_hellman.c

index 78ed281..9e40675 100644 (file)
--- a/src/libstrongswan/plugins/openssl/openssl_ec_diffie_hellman.c
+++ b/src/libstrongswan/plugins/openssl/openssl_ec_diffie_hellman.c
@@ -219,7 +219,7 @@ METHOD(diffie_hellman_t, set_other_public_value, void,
                 return;
         }
  
-       chunk_free(&this->shared_secret);
+       chunk_clear(&this->shared_secret);
  
         if (!compute_shared_key(this, &this->shared_secret)) {
                 DBG1(DBG_LIB, "ECDH shared secret computation failed");
author	Thomas Egerer <thomas.egerer@secunet.com>
	Fri, 4 Nov 2011 08:24:58 +0000 (09:24 +0100)
committer	Tobias Brunner <tobias@strongswan.org>
	Fri, 4 Nov 2011 10:11:17 +0000 (11:11 +0100)