Zeroize DER buffer in der_to_enc_pem_alloc before free

F-2139

Previously the plaintext private key DER buffer was freed via XFREE
without a preceding ForceZero when no password encryption was requested.
Track the actual allocation size and zeroize the buffer before release.
This commit is contained in:
Juliusz Sosinowicz
2026-04-17 16:44:45 +02:00
parent fb64844924
commit cb495320fe
+6 -1
View File
@@ -480,6 +480,7 @@ static int der_to_enc_pem_alloc(unsigned char* der, int derSz,
byte* tmp = NULL;
byte* cipherInfo = NULL;
int pemSz = 0;
int derAllocSz = derSz;
int hashType = WC_HASH_TYPE_NONE;
#if !defined(NO_MD5)
hashType = WC_MD5;
@@ -515,6 +516,7 @@ static int der_to_enc_pem_alloc(unsigned char* der, int derSz,
}
else {
der = tmpBuf;
derAllocSz = derSz + blockSz;
/* Encrypt DER inline. */
ret = EncryptDerKey(der, &derSz, cipher, passwd, passwdSz,
@@ -562,7 +564,10 @@ static int der_to_enc_pem_alloc(unsigned char* der, int derSz,
XFREE(tmp, NULL, DYNAMIC_TYPE_KEY);
XFREE(cipherInfo, NULL, DYNAMIC_TYPE_STRING);
XFREE(der, heap, DYNAMIC_TYPE_TMP_BUFFER);
if (der != NULL) {
ForceZero(der, (word32)derAllocSz);
XFREE(der, heap, DYNAMIC_TYPE_TMP_BUFFER);
}
return ret;
}