diff options
author | Filippo Valsorda <filippo@golang.org> | 2019-02-13 03:37:57 -0500 |
---|---|---|
committer | Filippo Valsorda <filippo@golang.org> | 2019-02-22 18:31:50 +0000 |
commit | da1f5d376a74dc75b641ae0beb4b98519d57c59a (patch) | |
tree | 47133f3bdeb0dac1c634947b377c274276bfe204 | |
parent | 35e6a10c903ad642fa5aaefccf04329e46649da9 (diff) | |
download | go-da1f5d376a74dc75b641ae0beb4b98519d57c59a.tar.gz go-da1f5d376a74dc75b641ae0beb4b98519d57c59a.zip |
[release-branch.go1.12] crypto/rc4: remove false guarantees from Reset docs and deprecate it
Nothing in Go can truly guarantee a key will be gone from memory (see
#21865), so remove that claim. That makes Reset useless, because
unlike most Reset methods it doesn't restore the original value state,
so deprecate it.
Change-Id: I6bb0f7f94c7e6dd4c5ac19761bc8e5df1f9ec618
Reviewed-on: https://go-review.googlesource.com/c/162297
Reviewed-by: Brad Fitzpatrick <bradfitz@golang.org>
(cherry picked from commit b35dacaac57b039205d9b07ea24098e2c3fcb12e)
Reviewed-on: https://go-review.googlesource.com/c/163438
-rw-r--r-- | src/crypto/rc4/rc4.go | 6 |
1 files changed, 4 insertions, 2 deletions
diff --git a/src/crypto/rc4/rc4.go b/src/crypto/rc4/rc4.go index d5e6ebcd71..c2df0db2dc 100644 --- a/src/crypto/rc4/rc4.go +++ b/src/crypto/rc4/rc4.go @@ -45,8 +45,10 @@ func NewCipher(key []byte) (*Cipher, error) { return &c, nil } -// Reset zeros the key data so that it will no longer appear in the -// process's memory. +// Reset zeros the key data and makes the Cipher unusable. +// +// Deprecated: Reset can't guarantee that the key will be entirely removed from +// the process's memory. func (c *Cipher) Reset() { for i := range c.s { c.s[i] = 0 |