Cleanse memory using the new OPENSSL_cleanse() function.

[openssl.git] / crypto / rc4 / rc4.c

diff --git a/crypto/rc4/rc4.c b/crypto/rc4/rc4.c
index c2165b0b7592e1e2bed3bab7fcc2a737f4f21985..b39c070292c98de583bc0aa26cd3db8a55795db3 100644 (file)
--- a/crypto/rc4/rc4.c
+++ b/crypto/rc4/rc4.c
@@ -155,7 +155,7 @@ bad:
                i=EVP_read_pw_string(buf,BUFSIZ,"Enter RC4 password:",0);
                if (i != 0)
                        {
-                       memset(buf,0,BUFSIZ);
+                       OPENSSL_cleanse(buf,BUFSIZ);
                        fprintf(stderr,"bad password read\n");
                        exit(1);
                        }
@@ -163,7 +163,7 @@ bad:
                }
 
        EVP_Digest((unsigned char *)keystr,(unsigned long)strlen(keystr),md,NULL,EVP_md5());
-       memset(keystr,0,strlen(keystr));
+       OPENSSL_cleanse(keystr,strlen(keystr));
        RC4_set_key(&key,MD5_DIGEST_LENGTH,md);
        
        for(;;)