Cleanse memory using the new OPENSSL_cleanse() function.

I've covered all the memset()s I felt safe modifying, but may have missed some.

3 files changed, 5 insertions, 5 deletions

diff --git a/crypto/rand/md_rand.c b/crypto/rand/md_rand.c
index a00ed70718..eeffc0df4c 100644
--- a/crypto/rand/md_rand.c
+++ b/crypto/rand/md_rand.c
@@ -177,10 +177,10 @@ RAND_METHOD *RAND_SSLeay(void)
 
 static void ssleay_rand_cleanup(void)
 	{
-	memset(state,0,sizeof(state));
+	OPENSSL_cleanse(state,sizeof(state));
 	state_num=0;
 	state_index=0;
-	memset(md,0,MD_DIGEST_LENGTH);
+	OPENSSL_cleanse(md,MD_DIGEST_LENGTH);
 	md_count[0]=0;
 	md_count[1]=0;
 	entropy=0;
diff --git a/crypto/rand/rand_unix.c b/crypto/rand/rand_unix.c
index 4175576fcc..a776e52243 100644
--- a/crypto/rand/rand_unix.c
+++ b/crypto/rand/rand_unix.c
@@ -215,7 +215,7 @@ int RAND_poll(void)
 	if (n > 0)
 		{
 		RAND_add(tmpbuf,sizeof tmpbuf,n);
-		memset(tmpbuf,0,n);
+		OPENSSL_cleanse(tmpbuf,n);
 		}
 #endif
 
diff --git a/crypto/rand/randfile.c b/crypto/rand/randfile.c
index 7c2673a61f..41574768ab 100644
--- a/crypto/rand/randfile.c
+++ b/crypto/rand/randfile.c
@@ -124,7 +124,7 @@ int RAND_load_file(const char *file, long bytes)
 			}
 		}
 	fclose(in);
-	memset(buf,0,BUFSIZE);
+	OPENSSL_cleanse(buf,BUFSIZE);
 err:
 	return(ret);
 	}
@@ -189,7 +189,7 @@ int RAND_write_file(const char *file)
 #endif /* OPENSSL_SYS_VMS */
 
 	fclose(out);
-	memset(buf,0,BUFSIZE);
+	OPENSSL_cleanse(buf,BUFSIZE);
 err:
 	return (rand_err ? -1 : ret);
 	}