des_key_setup(GET_32BIT_MSB_FIRST(key),
GET_32BIT_MSB_FIRST(key + 4), &ourkeys[2]);
des_3cbc_decrypt(blk, len, ourkeys);
- memset(ourkeys, 0, sizeof(ourkeys));
+ smemclr(ourkeys, sizeof(ourkeys));
}
void des3_encrypt_pubkey(unsigned char *key, unsigned char *blk, int len)
des_key_setup(GET_32BIT_MSB_FIRST(key),
GET_32BIT_MSB_FIRST(key + 4), &ourkeys[2]);
des_3cbc_encrypt(blk, len, ourkeys);
- memset(ourkeys, 0, sizeof(ourkeys));
+ smemclr(ourkeys, sizeof(ourkeys));
}
void des3_decrypt_pubkey_ossh(unsigned char *key, unsigned char *iv,
ourkeys[0].iv0 = GET_32BIT_MSB_FIRST(iv);
ourkeys[0].iv1 = GET_32BIT_MSB_FIRST(iv+4);
des_cbc3_decrypt(blk, len, ourkeys);
- memset(ourkeys, 0, sizeof(ourkeys));
+ smemclr(ourkeys, sizeof(ourkeys));
}
void des3_encrypt_pubkey_ossh(unsigned char *key, unsigned char *iv,
ourkeys[0].iv0 = GET_32BIT_MSB_FIRST(iv);
ourkeys[0].iv1 = GET_32BIT_MSB_FIRST(iv+4);
des_cbc3_encrypt(blk, len, ourkeys);
- memset(ourkeys, 0, sizeof(ourkeys));
+ smemclr(ourkeys, sizeof(ourkeys));
}
static void des_keysetup_xdmauth(unsigned char *keydata, DESContext *dc)
/*
* Single DES in SSH-2. "des-cbc" is marked as HISTORIC in
- * draft-ietf-secsh-assignednumbers-04.txt, referring to
+ * RFC 4250, referring to
* FIPS-46-3. ("Single DES (i.e., DES) will be permitted
* for legacy systems only.") , but ssh.com support it and
* apparently aren't the only people to do so, so we sigh