min
/
boring2
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Don't clear BigNums in destructor 

Instead add a clear method.
This commit is contained in:
Steven Fackler 2016-11-01 21:59:07 -07:00
parent 888b8b696c
commit 176348630a
2 changed files with 10 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
openssl-sys/src/lib.rs
View File

@ -1274,6 +1274,8 @@ extern {
pub fn BN_new() -> *mut BIGNUM; pub fn BN_new() -> *mut BIGNUM;
pub fn BN_dup(n: *const BIGNUM) -> *mut BIGNUM; pub fn BN_dup(n: *const BIGNUM) -> *mut BIGNUM;
pub fn BN_clear(bn: *mut BIGNUM);
pub fn BN_free(bn: *mut BIGNUM);
pub fn BN_clear_free(bn: *mut BIGNUM); pub fn BN_clear_free(bn: *mut BIGNUM);
pub fn BN_CTX_new() -> *mut BN_CTX; pub fn BN_CTX_new() -> *mut BN_CTX;

9
openssl/src/bn.rs
View File

@ -225,6 +225,13 @@ impl BnCtx {
} }
impl Ref<BigNum> { impl Ref<BigNum> {
/// Erases the memory used by this `BigNum`, resetting its value to 0.
///
/// This can be used to destroy sensitive data such as keys when they are no longer needed.
pub fn clear(&mut self) {
unsafe { ffi::BN_clear(self.as_ptr()) }
}
/// Adds a `u32` to `self`. /// Adds a `u32` to `self`.
pub fn add_word(&mut self, w: u32) -> Result<(), ErrorStack> { pub fn add_word(&mut self, w: u32) -> Result<(), ErrorStack> {
unsafe { cvt(ffi::BN_add_word(self.as_ptr(), w as ffi::BN_ULONG)).map(|_| ()) } unsafe { cvt(ffi::BN_add_word(self.as_ptr(), w as ffi::BN_ULONG)).map(|_| ()) }
@ -431,7 +438,7 @@ impl Ref<BigNum> {
} }
} }
type_!(BigNum, ffi::BIGNUM, ffi::BN_clear_free); type_!(BigNum, ffi::BIGNUM, ffi::BN_free);
impl BigNum { impl BigNum {
/// Creates a new `BigNum` with the value 0. /// Creates a new `BigNum` with the value 0.