summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorMatthew Dempsky <matthew@cvs.openbsd.org>2012-04-25 04:12:28 +0000
committerMatthew Dempsky <matthew@cvs.openbsd.org>2012-04-25 04:12:28 +0000
commit777da97698e271a6d50d6e1bf950e7f169f16270 (patch)
tree35bbef47c2ce4e8c16c0498656c26dfe750f7c43
parente56727df48b2d2e1c07b46e8070736dcc9955c67 (diff)
Use explicit_bzero() for clearing key material.
Pointed out by Michael W. Bombardieri on tech@. ok deraadt
-rw-r--r--sys/crypto/cast.c9
1 files changed, 5 insertions, 4 deletions
diff --git a/sys/crypto/cast.c b/sys/crypto/cast.c
index e251dfbc022..378d1576623 100644
--- a/sys/crypto/cast.c
+++ b/sys/crypto/cast.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: cast.c,v 1.3 2005/03/24 11:45:28 hshoexer Exp $ */
+/* $OpenBSD: cast.c,v 1.4 2012/04/25 04:12:27 matthew Exp $ */
/*
* CAST-128 in C
@@ -8,6 +8,7 @@
*/
#include <sys/types.h>
+#include <sys/systm.h>
#include <crypto/cast.h>
#include <crypto/castsb.h>
@@ -268,9 +269,9 @@ cast_setkey(cast_key *key, u_int8_t *rawkey, int keybytes)
}
}
/* Wipe clean */
- for (i = 0; i < 4; i++) {
- t[i] = x[i] = z[i] = 0;
- }
+ explicit_bzero(t, sizeof(t));
+ explicit_bzero(x, sizeof(x));
+ explicit_bzero(z, sizeof(z));
}
/* Made in Canada */