From a5103f413bde6f31bff85d6e1fd29799c647d765 Mon Sep 17 00:00:00 2001
From: Damien Miller <djm@mindrot.org>
Date: Tue, 4 Feb 2014 11:20:14 +1100
Subject:    - djm@cvs.openbsd.org 2014/02/02 03:44:32      [auth1.c
 auth2-chall.c auth2-passwd.c authfile.c bufaux.c bufbn.c]      [buffer.c
 cipher-3des1.c cipher.c clientloop.c gss-serv.c kex.c]      [kexdhc.c
 kexdhs.c kexecdhc.c kexgexc.c kexecdhs.c kexgexs.c key.c]      [monitor.c
 monitor_wrap.c packet.c readpass.c rsa.c serverloop.c]      [ssh-add.c
 ssh-agent.c ssh-dss.c ssh-ecdsa.c ssh-ed25519.c]      [ssh-keygen.c ssh-rsa.c
 sshconnect.c sshconnect1.c sshconnect2.c]      [sshd.c]      convert memset
 of potentially-private data to explicit_bzero()

---
 rsa.c | 10 +++++-----
 1 file changed, 5 insertions(+), 5 deletions(-)

(limited to 'rsa.c')

diff --git a/rsa.c b/rsa.c
index a9ee6b0ed..d0b5bbf5e 100644
--- a/rsa.c
+++ b/rsa.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: rsa.c,v 1.30 2013/05/17 00:13:14 djm Exp $ */
+/* $OpenBSD: rsa.c,v 1.31 2014/02/02 03:44:31 djm Exp $ */
 /*
  * Author: Tatu Ylonen <ylo@cs.hut.fi>
  * Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland
@@ -94,8 +94,8 @@ rsa_public_encrypt(BIGNUM *out, BIGNUM *in, RSA *key)
 	if (BN_bin2bn(outbuf, len, out) == NULL)
 		fatal("rsa_public_encrypt: BN_bin2bn failed");
 
-	memset(outbuf, 0, olen);
-	memset(inbuf, 0, ilen);
+	explicit_bzero(outbuf, olen);
+	explicit_bzero(inbuf, ilen);
 	free(outbuf);
 	free(inbuf);
 }
@@ -120,8 +120,8 @@ rsa_private_decrypt(BIGNUM *out, BIGNUM *in, RSA *key)
 		if (BN_bin2bn(outbuf, len, out) == NULL)
 			fatal("rsa_private_decrypt: BN_bin2bn failed");
 	}
-	memset(outbuf, 0, olen);
-	memset(inbuf, 0, ilen);
+	explicit_bzero(outbuf, olen);
+	explicit_bzero(inbuf, ilen);
 	free(outbuf);
 	free(inbuf);
 	return len;
-- 
cgit v1.2.3