Memwipe more keys after tor has finished with them

Ensure we securely wipe keys from memory after crypto_digest_get_digest and init_curve25519_keypair_from_file have finished using them. Fixes bug 13477.
author: teor <teor2345@gmail.com> 2014-10-20 03:06:28 +1100
committer: teor <teor2345@gmail.com> 2014-10-20 03:06:28 +1100
commit: 2e1f5c1fc0f6239a8bb9f409f1f170fb21ce1a37 (patch)
tree: 106aa23854a7aea7cf166548300fcd7c3e69f263 /src/common/crypto.c
parent: fc5cab44724e8328e2186f22114625388f1c8f0d (diff)
download: tor-2e1f5c1fc0f6239a8bb9f409f1f170fb21ce1a37.tar.gz
tor-2e1f5c1fc0f6239a8bb9f409f1f170fb21ce1a37.zip
1 files changed, 1 insertions, 1 deletions
diff --git a/src/common/crypto.c b/src/common/crypto.c
index f128336e50..58f20aeb85 100644
--- a/src/common/crypto.c
+++ b/src/common/crypto.c
@@ -1684,7 +1684,7 @@ crypto_digest_get_digest(crypto_digest_t *digest,
       log_warn(LD_BUG, "Called with unknown algorithm %d", digest->algorithm);
       /* If fragile_assert is not enabled, then we should at least not
        * leak anything. */
-      memset(r, 0xff, sizeof(r));
+      memwipe(r, 0xff, sizeof(r));
       tor_fragile_assert();
       break;
   }
author	teor <teor2345@gmail.com>	2014-10-20 03:06:28 +1100
committer	teor <teor2345@gmail.com>	2014-10-20 03:06:28 +1100
commit	2e1f5c1fc0f6239a8bb9f409f1f170fb21ce1a37 (patch)
tree	106aa23854a7aea7cf166548300fcd7c3e69f263 /src/common/crypto.c
parent	fc5cab44724e8328e2186f22114625388f1c8f0d (diff)
download	tor-2e1f5c1fc0f6239a8bb9f409f1f170fb21ce1a37.tar.gz tor-2e1f5c1fc0f6239a8bb9f409f1f170fb21ce1a37.zip