summaryrefslogtreecommitdiff
path: root/cipher.c
diff options
context:
space:
mode:
authorDamien Miller <djm@mindrot.org>2014-02-04 11:20:14 +1100
committerDamien Miller <djm@mindrot.org>2014-02-04 11:20:14 +1100
commita5103f413bde6f31bff85d6e1fd29799c647d765 (patch)
tree0b35ad9292b2ca8d58229435865d0ec3818e5981 /cipher.c
parent1d2c4564265ee827147af246a16f3777741411ed (diff)
- djm@cvs.openbsd.org 2014/02/02 03:44:32
[auth1.c auth2-chall.c auth2-passwd.c authfile.c bufaux.c bufbn.c] [buffer.c cipher-3des1.c cipher.c clientloop.c gss-serv.c kex.c] [kexdhc.c kexdhs.c kexecdhc.c kexgexc.c kexecdhs.c kexgexs.c key.c] [monitor.c monitor_wrap.c packet.c readpass.c rsa.c serverloop.c] [ssh-add.c ssh-agent.c ssh-dss.c ssh-ecdsa.c ssh-ed25519.c] [ssh-keygen.c ssh-rsa.c sshconnect.c sshconnect1.c sshconnect2.c] [sshd.c] convert memset of potentially-private data to explicit_bzero()
Diffstat (limited to 'cipher.c')
-rw-r--r--cipher.c8
1 files changed, 4 insertions, 4 deletions
diff --git a/cipher.c b/cipher.c
index 98961be1a..ee79a1ef4 100644
--- a/cipher.c
+++ b/cipher.c
@@ -1,4 +1,4 @@
1/* $OpenBSD: cipher.c,v 1.95 2014/01/27 19:18:54 markus Exp $ */ 1/* $OpenBSD: cipher.c,v 1.96 2014/02/02 03:44:31 djm Exp $ */
2/* 2/*
3 * Author: Tatu Ylonen <ylo@cs.hut.fi> 3 * Author: Tatu Ylonen <ylo@cs.hut.fi>
4 * Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland 4 * Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland
@@ -337,7 +337,7 @@ cipher_init(CipherContext *cc, const Cipher *cipher,
337 if (EVP_Cipher(&cc->evp, discard, junk, 337 if (EVP_Cipher(&cc->evp, discard, junk,
338 cipher->discard_len) == 0) 338 cipher->discard_len) == 0)
339 fatal("evp_crypt: EVP_Cipher failed during discard"); 339 fatal("evp_crypt: EVP_Cipher failed during discard");
340 memset(discard, 0, cipher->discard_len); 340 explicit_bzero(discard, cipher->discard_len);
341 free(junk); 341 free(junk);
342 free(discard); 342 free(discard);
343 } 343 }
@@ -422,7 +422,7 @@ void
422cipher_cleanup(CipherContext *cc) 422cipher_cleanup(CipherContext *cc)
423{ 423{
424 if ((cc->cipher->flags & CFLAG_CHACHAPOLY) != 0) 424 if ((cc->cipher->flags & CFLAG_CHACHAPOLY) != 0)
425 memset(&cc->cp_ctx, 0, sizeof(cc->cp_ctx)); 425 explicit_bzero(&cc->cp_ctx, sizeof(cc->cp_ctx));
426 else if (EVP_CIPHER_CTX_cleanup(&cc->evp) == 0) 426 else if (EVP_CIPHER_CTX_cleanup(&cc->evp) == 0)
427 error("cipher_cleanup: EVP_CIPHER_CTX_cleanup failed"); 427 error("cipher_cleanup: EVP_CIPHER_CTX_cleanup failed");
428} 428}
@@ -444,7 +444,7 @@ cipher_set_key_string(CipherContext *cc, const Cipher *cipher,
444 444
445 cipher_init(cc, cipher, digest, 16, NULL, 0, do_encrypt); 445 cipher_init(cc, cipher, digest, 16, NULL, 0, do_encrypt);
446 446
447 memset(digest, 0, sizeof(digest)); 447 explicit_bzero(digest, sizeof(digest));
448} 448}
449 449
450/* 450/*