aboutsummaryrefslogtreecommitdiff
path: root/src/crypter.cpp
diff options
context:
space:
mode:
authorPhilip Kaufmann <phil.kaufmann@t-online.de>2012-11-08 19:38:49 +0100
committerPhilip Kaufmann <phil.kaufmann@t-online.de>2012-11-09 12:53:53 +0100
commit0f8a6477825fbaad0d37233bdd3011d748f607ab (patch)
treee4ef0256d9b5bccac47b3e9c901960d403bbdcbe /src/crypter.cpp
parent16d9d61f99c2e081585e6634d25da3523804eabf (diff)
don't use memset() in privacy/security relevant code parts
As memset() can be optimized out by a compiler it should not be used in privacy/security relevant code parts. OpenSSL provides the safe OPENSSL_cleanse() function in crypto.h, which perfectly does the job of clean and overwrite data. For details see: http://www.viva64.com/en/b/0178/ - change memset() to OPENSSL_cleanse() where appropriate - change a hard-coded number from netbase.cpp into a sizeof()
Diffstat (limited to 'src/crypter.cpp')
-rw-r--r--src/crypter.cpp4
1 files changed, 2 insertions, 2 deletions
diff --git a/src/crypter.cpp b/src/crypter.cpp
index 181b8fa00a..a2b62a87c8 100644
--- a/src/crypter.cpp
+++ b/src/crypter.cpp
@@ -24,8 +24,8 @@ bool CCrypter::SetKeyFromPassphrase(const SecureString& strKeyData, const std::v
if (i != (int)WALLET_CRYPTO_KEY_SIZE)
{
- memset(&chKey, 0, sizeof chKey);
- memset(&chIV, 0, sizeof chIV);
+ OPENSSL_cleanse(chKey, sizeof(chKey));
+ OPENSSL_cleanse(chIV, sizeof(chIV));
return false;
}