Am Dienstag, 14. Juni 2016, 21:38:06 schrieb Herbert Xu: Hi Herbert, > On Tue, Jun 14, 2016 at 03:20:06PM +0200, Stephan Mueller wrote: > > memzero_explicit(raw_key) should be added here in success and failure code > > paths. > > The raw_key is just a bunch of pointers, do we really need to > zero it? You are correct. But then I need to refine my question: isn't rsa_parse_priv_key allocating the MPIs (at least rsa_parse_priv_key seems to hint to that considering the error code path)? So, shouldn't the MPIs be freed here with free_mpis()? This would apply to parse_pub_key too. Ciao Stephan -- To unsubscribe from this list: send the line "unsubscribe linux-crypto" in the body of a message to majordomo@xxxxxxxxxxxxxxx More majordomo info at http://vger.kernel.org/majordomo-info.html