From b8adaa72672fc21a17c44baf5ab66efb66e8c6f1 Mon Sep 17 00:00:00 2001
From: Theo de Raadt <deraadt@cvs.openbsd.org>
Date: Tue, 11 Jan 2011 15:42:07 +0000
Subject: for key material that is being being discarded, convert bzero() to
 explicit_bzero() where required ok markus mikeb

---
 sys/crypto/key_wrap.c | 6 +++---
 1 file changed, 3 insertions(+), 3 deletions(-)

(limited to 'sys/crypto/key_wrap.c')

diff --git a/sys/crypto/key_wrap.c b/sys/crypto/key_wrap.c
index b9009ad54b3..4605bd6b3e7 100644
--- a/sys/crypto/key_wrap.c
+++ b/sys/crypto/key_wrap.c
@@ -1,4 +1,4 @@
-/*	$OpenBSD: key_wrap.c,v 1.2 2010/07/20 15:36:03 matthew Exp $	*/
+/*	$OpenBSD: key_wrap.c,v 1.3 2011/01/11 15:42:05 deraadt Exp $	*/
 
 /*-
  * Copyright (c) 2008 Damien Bergamini <damien.bergamini@free.fr>
@@ -72,7 +72,7 @@ aes_key_wrap(aes_key_wrap_ctx *ctx, const u_int8_t *P, size_t n, u_int8_t *C)
 			R += 8;
 		}
 	}
-	memset(B, 0, sizeof B);
+	explicit_bzero(B, sizeof B);
 }
 
 int
@@ -105,7 +105,7 @@ aes_key_unwrap(aes_key_wrap_ctx *ctx, const u_int8_t *C, u_int8_t *P, size_t n)
 			R -= 8;
 		}
 	}
-	memset(B, 0, sizeof B);
+	explicit_bzero(B, sizeof B);
 
 	/* check that A is an appropriate initial value */
 	return timingsafe_bcmp(A, IV, 8) != 0;
-- 
cgit v1.2.3