Crypto: zeroing the context after usage.

Regardless of the compiler optimisation.

This closes #181 pull request.

diff --git a/nxt/nxt_md5.c b/nxt/nxt_md5.c
index 5382021f448b21cc18d47bebf277732f901b0d95..1f488cf6750fda7c16fdfb0f6b5e004dcf6ce216 100644 (file)
--- a/nxt/nxt_md5.c
+++ b/nxt/nxt_md5.c
@@ -110,7 +110,7 @@ nxt_md5_final(u_char result[16], nxt_md5_t *ctx)
     result[14] = (u_char) (ctx->d >> 16);
     result[15] = (u_char) (ctx->d >> 24);
 
-    nxt_memzero(ctx, sizeof(*ctx));
+    nxt_explicit_memzero(ctx, sizeof(*ctx));
 }
 
 

diff --git a/nxt/nxt_sha1.c b/nxt/nxt_sha1.c
index 2b96cdc33d9bed430e7ebc3537e09c6b7cf7dfce..500b47ef684171504baf741a8dc009947fb99f15 100644 (file)
--- a/nxt/nxt_sha1.c
+++ b/nxt/nxt_sha1.c
@@ -116,7 +116,7 @@ nxt_sha1_final(u_char result[20], nxt_sha1_t *ctx)
     result[18] = (u_char) (ctx->e >> 8);
     result[19] = (u_char)  ctx->e;
 
-    nxt_memzero(ctx, sizeof(*ctx));
+    nxt_explicit_memzero(ctx, sizeof(*ctx));
 }
 
 

diff --git a/nxt/nxt_sha2.c b/nxt/nxt_sha2.c
index 9a52ae4dc3d0665bb8ae5bb78563dbbf0905e69c..5824395252c8d2533b3492e1c70d6cc626d2561b 100644 (file)
--- a/nxt/nxt_sha2.c
+++ b/nxt/nxt_sha2.c
@@ -131,7 +131,7 @@ nxt_sha2_final(u_char result[32], nxt_sha2_t *ctx)
     result[30] = (u_char) (ctx->h >> 8);
     result[31] = (u_char)  ctx->h;
 
-    nxt_memzero(ctx, sizeof(*ctx));
+    nxt_explicit_memzero(ctx, sizeof(*ctx));
 }
 
 

diff --git a/nxt/nxt_string.h b/nxt/nxt_string.h
index 3859e0acd6f2aa1ea6a595b69f0470e76d392a9e..5c3086e6afda16a67928ce16a4ab51c46c123123 100644 (file)
--- a/nxt/nxt_string.h
+++ b/nxt/nxt_string.h
@@ -97,7 +97,7 @@ nxt_explicit_memzero(buf, length)                                             \
     (void) explicit_memset(buf, 0, length)
 #else
 nxt_inline void
-nxt_explicit_memzero(u_char *buf, size_t length)
+nxt_explicit_memzero(void *buf, size_t length)
 {
     volatile u_char  *p = (volatile u_char *) buf;