- djm@cvs.openbsd.org 2013/12/02 03:13:14

     [cipher.c]
     correct bzero of chacha20+poly1305 key context. bz#2177 from
     Loganaden Velvindron @ AfriNIC

     Also make it a memset for consistency with the rest of cipher.c

2 files changed, 8 insertions, 2 deletions

diff --git a/ChangeLog b/ChangeLog
index 365af3232..a7fd1d0b1 100644
--- a/ChangeLog
+++ b/ChangeLog
@@ -33,6 +33,12 @@
      [key.c]
      make key_to_blob() return a NULL blob on failure; part of
      bz#2175 from Loganaden Velvindron @ AfriNIC
+   - djm@cvs.openbsd.org 2013/12/02 03:13:14
+     [cipher.c]
+     correct bzero of chacha20+poly1305 key context. bz#2177 from
+     Loganaden Velvindron @ AfriNIC
+     
+     Also make it a memset for consistency with the rest of cipher.c
 
 20131121
  - (djm) OpenBSD CVS Sync
diff --git a/cipher.c b/cipher.c
index c4aec3923..fbb730148 100644
--- a/cipher.c
+++ b/cipher.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: cipher.c,v 1.91 2013/11/21 00:45:44 djm Exp $ */
+/* $OpenBSD: cipher.c,v 1.92 2013/12/02 03:13:14 djm Exp $ */
 /*
  * Author: Tatu Ylonen <ylo@cs.hut.fi>
  * Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland
@@ -414,7 +414,7 @@ void
 cipher_cleanup(CipherContext *cc)
 {
         if ((cc->cipher->flags & CFLAG_CHACHAPOLY) != 0)
-                bzero(&cc->cp_ctx, sizeof(&cc->cp_ctx));
+                memset(&cc->cp_ctx, 0, sizeof(cc->cp_ctx));
         else if (EVP_CIPHER_CTX_cleanup(&cc->evp) == 0)
                 error("cipher_cleanup: EVP_CIPHER_CTX_cleanup failed");
 }