diff options
author | Matthew Dempsky <matthew@cvs.openbsd.org> | 2012-04-25 04:12:28 +0000 |
---|---|---|
committer | Matthew Dempsky <matthew@cvs.openbsd.org> | 2012-04-25 04:12:28 +0000 |
commit | 777da97698e271a6d50d6e1bf950e7f169f16270 (patch) | |
tree | 35bbef47c2ce4e8c16c0498656c26dfe750f7c43 | |
parent | e56727df48b2d2e1c07b46e8070736dcc9955c67 (diff) |
Use explicit_bzero() for clearing key material.
Pointed out by Michael W. Bombardieri on tech@.
ok deraadt
-rw-r--r-- | sys/crypto/cast.c | 9 |
1 files changed, 5 insertions, 4 deletions
diff --git a/sys/crypto/cast.c b/sys/crypto/cast.c index e251dfbc022..378d1576623 100644 --- a/sys/crypto/cast.c +++ b/sys/crypto/cast.c @@ -1,4 +1,4 @@ -/* $OpenBSD: cast.c,v 1.3 2005/03/24 11:45:28 hshoexer Exp $ */ +/* $OpenBSD: cast.c,v 1.4 2012/04/25 04:12:27 matthew Exp $ */ /* * CAST-128 in C @@ -8,6 +8,7 @@ */ #include <sys/types.h> +#include <sys/systm.h> #include <crypto/cast.h> #include <crypto/castsb.h> @@ -268,9 +269,9 @@ cast_setkey(cast_key *key, u_int8_t *rawkey, int keybytes) } } /* Wipe clean */ - for (i = 0; i < 4; i++) { - t[i] = x[i] = z[i] = 0; - } + explicit_bzero(t, sizeof(t)); + explicit_bzero(x, sizeof(x)); + explicit_bzero(z, sizeof(z)); } /* Made in Canada */ |