Key rollover: rewrite the PGP keys manual appendix.

[PuTTY.git] / sshsha.c

diff --git a/sshsha.c b/sshsha.c
index 31d6daa992d11988ab68ebe24caeddbe9041c440..747e44140ad4cb47997c36ab68bc67705fd7936e 100644 (file)
--- a/sshsha.c
+++ b/sshsha.c
@@ -214,6 +214,7 @@ void SHA_Simple(const void *p, int len, unsigned char *output)
     SHA_Init(&s);
     SHA_Bytes(&s, p, len);
     SHA_Final(&s, output);
+    smemclr(&s, sizeof(s));
 }
 
 /*
@@ -241,6 +242,7 @@ static void sha1_final(void *handle, unsigned char *output)
     SHA_State *s = handle;
 
     SHA_Final(s, output);
+    smemclr(s, sizeof(*s));
     sfree(s);
 }
 
@@ -260,6 +262,7 @@ static void *sha1_make_context(void)
 
 static void sha1_free_context(void *handle)
 {
+    smemclr(handle, 3 * sizeof(SHA_State));
     sfree(handle);
 }