Cleanse memory using the new OPENSSL_cleanse() function.

I've covered all the memset()s I felt safe modifying, but may have missed some.
author: Richard Levitte <levitte@openssl.org> 2002-11-28 08:04:36 +0000
committer: Richard Levitte <levitte@openssl.org> 2002-11-28 08:04:36 +0000
commit: 4579924b7e55fccc7013e6de196f2e2ab175ce39 (patch)
tree: fa19611a704cc901d3ba338cefbbb98878de7ee5 /ssl/s3_enc.c
parent: 2047bda6fb8bedab1103b7bd5df5ea55eb7ccc9b (diff)
1 files changed, 4 insertions, 4 deletions
diff --git a/ssl/s3_enc.c b/ssl/s3_enc.c
index cec8fcd376..35fde29c8a 100644
--- a/ssl/s3_enc.c
+++ b/ssl/s3_enc.c
@@ -182,7 +182,7 @@ static int ssl3_generate_key_block(SSL *s, unsigned char *km, int num)
 
 		km+=MD5_DIGEST_LENGTH;
 		}
-	memset(smd,0,SHA_DIGEST_LENGTH);
+	OPENSSL_cleanse(smd,SHA_DIGEST_LENGTH);
 	EVP_MD_CTX_cleanup(&m5);
 	EVP_MD_CTX_cleanup(&s1);
 	return 1;
@@ -333,8 +333,8 @@ int ssl3_change_cipher_state(SSL *s, int which)
 
 	EVP_CipherInit_ex(dd,c,NULL,key,iv,(which & SSL3_CC_WRITE));
 
-	memset(&(exp_key[0]),0,sizeof(exp_key));
-	memset(&(exp_iv[0]),0,sizeof(exp_iv));
+	OPENSSL_cleanse(&(exp_key[0]),sizeof(exp_key));
+	OPENSSL_cleanse(&(exp_iv[0]),sizeof(exp_iv));
 	EVP_MD_CTX_cleanup(&md);
 	return(1);
 err:
@@ -408,7 +408,7 @@ void ssl3_cleanup_key_block(SSL *s)
 	{
 	if (s->s3->tmp.key_block != NULL)
 		{
-		memset(s->s3->tmp.key_block,0,
+		OPENSSL_cleanse(s->s3->tmp.key_block,
 			s->s3->tmp.key_block_length);
 		OPENSSL_free(s->s3->tmp.key_block);
 		s->s3->tmp.key_block=NULL;
author	Richard Levitte <levitte@openssl.org>	2002-11-28 08:04:36 +0000
committer	Richard Levitte <levitte@openssl.org>	2002-11-28 08:04:36 +0000
commit	4579924b7e55fccc7013e6de196f2e2ab175ce39 (patch)
tree	fa19611a704cc901d3ba338cefbbb98878de7ee5 /ssl/s3_enc.c
parent	2047bda6fb8bedab1103b7bd5df5ea55eb7ccc9b (diff)