diff options
author | Richard Levitte <levitte@openssl.org> | 2002-11-28 08:04:36 +0000 |
---|---|---|
committer | Richard Levitte <levitte@openssl.org> | 2002-11-28 08:04:36 +0000 |
commit | 4579924b7e55fccc7013e6de196f2e2ab175ce39 (patch) | |
tree | fa19611a704cc901d3ba338cefbbb98878de7ee5 /crypto/pkcs12 | |
parent | 2047bda6fb8bedab1103b7bd5df5ea55eb7ccc9b (diff) |
Cleanse memory using the new OPENSSL_cleanse() function.
I've covered all the memset()s I felt safe modifying, but may have missed some.
Diffstat (limited to 'crypto/pkcs12')
-rw-r--r-- | crypto/pkcs12/p12_crpt.c | 4 | ||||
-rw-r--r-- | crypto/pkcs12/p12_decr.c | 4 | ||||
-rw-r--r-- | crypto/pkcs12/p12_key.c | 2 |
3 files changed, 5 insertions, 5 deletions
diff --git a/crypto/pkcs12/p12_crpt.c b/crypto/pkcs12/p12_crpt.c index 97be6a5fb5..5e8958612b 100644 --- a/crypto/pkcs12/p12_crpt.c +++ b/crypto/pkcs12/p12_crpt.c @@ -118,7 +118,7 @@ int PKCS12_PBE_keyivgen (EVP_CIPHER_CTX *ctx, const char *pass, int passlen, } PBEPARAM_free(pbe); EVP_CipherInit_ex(ctx, cipher, NULL, key, iv, en_de); - memset(key, 0, EVP_MAX_KEY_LENGTH); - memset(iv, 0, EVP_MAX_IV_LENGTH); + OPENSSL_cleanse(key, EVP_MAX_KEY_LENGTH); + OPENSSL_cleanse(iv, EVP_MAX_IV_LENGTH); return 1; } diff --git a/crypto/pkcs12/p12_decr.c b/crypto/pkcs12/p12_decr.c index 394af368f4..b5684a83ba 100644 --- a/crypto/pkcs12/p12_decr.c +++ b/crypto/pkcs12/p12_decr.c @@ -136,7 +136,7 @@ void * PKCS12_item_decrypt_d2i(X509_ALGOR *algor, const ASN1_ITEM *it, } #endif ret = ASN1_item_d2i(NULL, &p, outlen, it); - if (zbuf) memset(out, 0, outlen); + if (zbuf) OPENSSL_cleanse(out, outlen); if(!ret) PKCS12err(PKCS12_F_PKCS12_DECRYPT_D2I,PKCS12_R_DECODE_ERROR); OPENSSL_free(out); return ret; @@ -168,7 +168,7 @@ ASN1_OCTET_STRING *PKCS12_item_i2d_encrypt(X509_ALGOR *algor, const ASN1_ITEM *i OPENSSL_free(in); return NULL; } - if (zbuf) memset(in, 0, inlen); + if (zbuf) OPENSSL_cleanse(in, inlen); OPENSSL_free(in); return oct; } diff --git a/crypto/pkcs12/p12_key.c b/crypto/pkcs12/p12_key.c index 0d39ebde8c..9196a34b4a 100644 --- a/crypto/pkcs12/p12_key.c +++ b/crypto/pkcs12/p12_key.c @@ -91,7 +91,7 @@ int PKCS12_key_gen_asc(const char *pass, int passlen, unsigned char *salt, ret = PKCS12_key_gen_uni(unipass, uniplen, salt, saltlen, id, iter, n, out, md_type); if(unipass) { - memset(unipass, 0, uniplen); /* Clear password from memory */ + OPENSSL_cleanse(unipass, uniplen); /* Clear password from memory */ OPENSSL_free(unipass); } return ret; |