diff options
Diffstat (limited to 'ssh-dss.c')
-rw-r--r-- | ssh-dss.c | 10 |
1 files changed, 5 insertions, 5 deletions
@@ -1,4 +1,4 @@ | |||
1 | /* $OpenBSD: ssh-dss.c,v 1.30 2014/01/09 23:20:00 djm Exp $ */ | 1 | /* $OpenBSD: ssh-dss.c,v 1.31 2014/02/02 03:44:31 djm Exp $ */ |
2 | /* | 2 | /* |
3 | * Copyright (c) 2000 Markus Friedl. All rights reserved. | 3 | * Copyright (c) 2000 Markus Friedl. All rights reserved. |
4 | * | 4 | * |
@@ -65,7 +65,7 @@ ssh_dss_sign(const Key *key, u_char **sigp, u_int *lenp, | |||
65 | } | 65 | } |
66 | 66 | ||
67 | sig = DSA_do_sign(digest, dlen, key->dsa); | 67 | sig = DSA_do_sign(digest, dlen, key->dsa); |
68 | memset(digest, 'd', sizeof(digest)); | 68 | explicit_bzero(digest, sizeof(digest)); |
69 | 69 | ||
70 | if (sig == NULL) { | 70 | if (sig == NULL) { |
71 | error("ssh_dss_sign: sign failed"); | 71 | error("ssh_dss_sign: sign failed"); |
@@ -79,7 +79,7 @@ ssh_dss_sign(const Key *key, u_char **sigp, u_int *lenp, | |||
79 | DSA_SIG_free(sig); | 79 | DSA_SIG_free(sig); |
80 | return -1; | 80 | return -1; |
81 | } | 81 | } |
82 | memset(sigblob, 0, SIGBLOB_LEN); | 82 | explicit_bzero(sigblob, SIGBLOB_LEN); |
83 | BN_bn2bin(sig->r, sigblob+ SIGBLOB_LEN - INTBLOB_LEN - rlen); | 83 | BN_bn2bin(sig->r, sigblob+ SIGBLOB_LEN - INTBLOB_LEN - rlen); |
84 | BN_bn2bin(sig->s, sigblob+ SIGBLOB_LEN - slen); | 84 | BN_bn2bin(sig->s, sigblob+ SIGBLOB_LEN - slen); |
85 | DSA_SIG_free(sig); | 85 | DSA_SIG_free(sig); |
@@ -168,7 +168,7 @@ ssh_dss_verify(const Key *key, const u_char *signature, u_int signaturelen, | |||
168 | fatal("%s: BN_bin2bn failed", __func__); | 168 | fatal("%s: BN_bin2bn failed", __func__); |
169 | 169 | ||
170 | /* clean up */ | 170 | /* clean up */ |
171 | memset(sigblob, 0, len); | 171 | explicit_bzero(sigblob, len); |
172 | free(sigblob); | 172 | free(sigblob); |
173 | 173 | ||
174 | /* sha1 the data */ | 174 | /* sha1 the data */ |
@@ -179,7 +179,7 @@ ssh_dss_verify(const Key *key, const u_char *signature, u_int signaturelen, | |||
179 | } | 179 | } |
180 | 180 | ||
181 | ret = DSA_do_verify(digest, dlen, sig, key->dsa); | 181 | ret = DSA_do_verify(digest, dlen, sig, key->dsa); |
182 | memset(digest, 'd', sizeof(digest)); | 182 | explicit_bzero(digest, sizeof(digest)); |
183 | 183 | ||
184 | DSA_SIG_free(sig); | 184 | DSA_SIG_free(sig); |
185 | 185 | ||