diff options
author | Matt Caswell <matt@openssl.org> | 2016-06-24 23:37:27 +0100 |
---|---|---|
committer | Matt Caswell <matt@openssl.org> | 2016-06-30 15:51:57 +0100 |
commit | 3ce2fdabe6e33952bf3011acf5b68107e6352603 (patch) | |
tree | 1db552127f77d0e0615ea2e3019183fd64b9e8dd /crypto/poly1305/poly1305.c | |
parent | 6f4ae777f5100715a96b45355a1195c2efa96b4e (diff) |
Convert memset calls to OPENSSL_cleanse
Ensure things really do get cleared when we intend them to.
Addresses an OCAP Audit issue.
Reviewed-by: Andy Polyakov <appro@openssl.org>
Diffstat (limited to 'crypto/poly1305/poly1305.c')
-rw-r--r-- | crypto/poly1305/poly1305.c | 3 |
1 files changed, 2 insertions, 1 deletions
diff --git a/crypto/poly1305/poly1305.c b/crypto/poly1305/poly1305.c index 55de19b7ed..eec4d67f0c 100644 --- a/crypto/poly1305/poly1305.c +++ b/crypto/poly1305/poly1305.c @@ -9,6 +9,7 @@ #include <stdlib.h> #include <string.h> +#include <openssl/crypto.h> #include "internal/poly1305.h" @@ -545,7 +546,7 @@ void Poly1305_Final(POLY1305 *ctx, unsigned char mac[16]) poly1305_emit(ctx->opaque, mac, ctx->nonce); /* zero out the state */ - memset(ctx, 0, sizeof(*ctx)); + OPENSSL_cleanse(ctx, sizeof(*ctx)); } #ifdef SELFTEST |