diff options
Diffstat (limited to 'crypto/asn1')
-rw-r--r-- | crypto/asn1/a_sign.c | 6 | ||||
-rw-r--r-- | crypto/asn1/a_verify.c | 2 | ||||
-rw-r--r-- | crypto/asn1/n_pkey.c | 4 | ||||
-rw-r--r-- | crypto/asn1/p8_pkey.c | 4 |
4 files changed, 8 insertions, 8 deletions
diff --git a/crypto/asn1/a_sign.c b/crypto/asn1/a_sign.c index 94829d889e..c5cf0e3133 100644 --- a/crypto/asn1/a_sign.c +++ b/crypto/asn1/a_sign.c @@ -199,10 +199,10 @@ int ASN1_sign(int (*i2d)(), X509_ALGOR *algor1, X509_ALGOR *algor2, signature->flags&= ~(ASN1_STRING_FLAG_BITS_LEFT|0x07); signature->flags|=ASN1_STRING_FLAG_BITS_LEFT; err: - memset(&ctx,0,sizeof(ctx)); + OPENSSL_cleanse(&ctx,sizeof(ctx)); if (buf_in != NULL) - { memset((char *)buf_in,0,(unsigned int)inl); OPENSSL_free(buf_in); } + { OPENSSL_cleanse((char *)buf_in,(unsigned int)inl); OPENSSL_free(buf_in); } if (buf_out != NULL) - { memset((char *)buf_out,0,outll); OPENSSL_free(buf_out); } + { OPENSSL_cleanse((char *)buf_out,outll); OPENSSL_free(buf_out); } return(outl); } diff --git a/crypto/asn1/a_verify.c b/crypto/asn1/a_verify.c index 2a11927e5c..faa34501b9 100644 --- a/crypto/asn1/a_verify.c +++ b/crypto/asn1/a_verify.c @@ -100,7 +100,7 @@ int ASN1_verify(int (*i2d)(), X509_ALGOR *a, ASN1_BIT_STRING *signature, EVP_VerifyInit(&ctx,type); EVP_VerifyUpdate(&ctx,(unsigned char *)buf_in,inl); - memset(buf_in,0,(unsigned int)inl); + OPENSSL_cleanse(buf_in,(unsigned int)inl); OPENSSL_free(buf_in); if (EVP_VerifyFinal(&ctx,(unsigned char *)signature->data, diff --git a/crypto/asn1/n_pkey.c b/crypto/asn1/n_pkey.c index 9840193538..5f8ba3cc32 100644 --- a/crypto/asn1/n_pkey.c +++ b/crypto/asn1/n_pkey.c @@ -181,7 +181,7 @@ int i2d_RSA_NET(RSA *a, unsigned char **pp, int (*cb)(), int sgckey) } EVP_BytesToKey(EVP_rc4(),EVP_md5(),NULL,buf,i,1,key,NULL); - memset(buf,0,256); + OPENSSL_cleanse(buf,256); EVP_CIPHER_CTX_init(&ctx); EVP_EncryptInit(&ctx,EVP_rc4(),key,NULL); @@ -292,7 +292,7 @@ RSA *d2i_RSA_NET_2(RSA **a, unsigned char **pp, long length, } EVP_BytesToKey(EVP_rc4(),EVP_md5(),NULL,buf,i,1,key,NULL); - memset(buf,0,256); + OPENSSL_cleanse(buf,256); EVP_CIPHER_CTX_init(&ctx); EVP_DecryptInit(&ctx,EVP_rc4(),key,NULL); diff --git a/crypto/asn1/p8_pkey.c b/crypto/asn1/p8_pkey.c index fa6cbfb6f8..3e0ebef507 100644 --- a/crypto/asn1/p8_pkey.c +++ b/crypto/asn1/p8_pkey.c @@ -119,8 +119,8 @@ void PKCS8_PRIV_KEY_INFO_free (PKCS8_PRIV_KEY_INFO *a) X509_ALGOR_free(a->pkeyalg); /* Clear sensitive data */ if (a->pkey->value.octet_string) - memset (a->pkey->value.octet_string->data, - 0, a->pkey->value.octet_string->length); + OPENSSL_cleanse(a->pkey->value.octet_string->data, + a->pkey->value.octet_string->length); ASN1_TYPE_free (a->pkey); sk_X509_ATTRIBUTE_pop_free (a->attributes, X509_ATTRIBUTE_free); OPENSSL_free (a); |