crypto/openssl: fix free of asymmetric crypto keys

In case big number need to be freed, data it contains should
also be cleared before especially if it is critical data like
private keys.

Fixes: 3e9d6bd447fb ("crypto/openssl: add RSA and mod asym operations")
Cc: stable@dpdk.org
Signed-off-by: Arek Kusztal <arkadiuszx.kusztal@intel.com>
Acked-by: Fiona Trahe <fiona.trahe@intel.com>

diff --git a/drivers/crypto/openssl/rte_openssl_pmd_ops.c b/drivers/crypto/openssl/rte_openssl_pmd_ops.c
index 40217cf..a307c91 100644 (file)
--- a/drivers/crypto/openssl/rte_openssl_pmd_ops.c
+++ b/drivers/crypto/openssl/rte_openssl_pmd_ops.c
@@ -912,14 +912,14 @@ static int openssl_set_asym_session_parameters(
                asym_session->xfrm_type = RTE_CRYPTO_ASYM_XFORM_RSA;
                break;
 err_rsa:
-               BN_free(n);
-               BN_free(e);
-               BN_free(d);
-               BN_free(p);
-               BN_free(q);
-               BN_free(dmp1);
-               BN_free(dmq1);
-               BN_free(iqmp);
+               BN_clear_free(n);
+               BN_clear_free(e);
+               BN_clear_free(d);
+               BN_clear_free(p);
+               BN_clear_free(q);
+               BN_clear_free(dmp1);
+               BN_clear_free(dmq1);
+               BN_clear_free(iqmp);
 
                return -1;
        }