Zeroize RSA DER buffer in CTX_use_RSAPrivateKey before free

julek-wolfssl · julek-wolfssl · commit a82828b3ac51 · 2026-04-17T16:47:19.000+02:00
F-2145

wolfSSL_CTX_use_RSAPrivateKey staged the RSA private key DER (PKCS#1:
n, e, d, p, q, dP, dQ, qInv) in a heap buffer and freed it without
ForceZero. Zeroize before XFREE.
diff --git a/src/ssl_load.c b/src/ssl_load.c
@@ -5365,6 +5365,9 @@ int wolfSSL_CTX_use_RSAPrivateKey(WOLFSSL_CTX* ctx, WOLFSSL_RSA* rsa)
     }
 
     /* Dispos of dynamically allocated data. */
+    if (der != NULL) {
+        ForceZero(der, (word32)derSize);
+    }
     XFREE(der, NULL, DYNAMIC_TYPE_TMP_BUFFER);
     return ret;
 }

Original file line number	Diff line number	Diff line change
`@@ -5365,6 +5365,9 @@ int wolfSSL_CTX_use_RSAPrivateKey(WOLFSSL_CTX* ctx, WOLFSSL_RSA* rsa)`
`5365`	`5365`	`}`
`5366`	`5366`
`5367`	`5367`	`/* Dispos of dynamically allocated data. */`
	`5368`	`+ if (der != NULL) {`
	`5369`	`+ ForceZero(der, (word32)derSize);`
	`5370`	`+ }`
`5368`	`5371`	`XFREE(der, NULL, DYNAMIC_TYPE_TMP_BUFFER);`
`5369`	`5372`	`return ret;`
`5370`	`5373`	`}`