diff options
| author | Alex Gaynor <alex.gaynor@gmail.com> | 2013-08-09 10:11:29 -0700 |
|---|---|---|
| committer | Alex Gaynor <alex.gaynor@gmail.com> | 2013-08-09 10:11:29 -0700 |
| commit | 66d368b3e75898a0d1067a6713eec63d639081dd (patch) | |
| tree | 2670b52ea6962aa69877b5c1ebbe685b8d01b0f0 | |
| parent | f48cb8601449f6d658fd996bff9de3a1b1b70ae8 (diff) | |
| download | cryptography-66d368b3e75898a0d1067a6713eec63d639081dd.tar.gz cryptography-66d368b3e75898a0d1067a6713eec63d639081dd.tar.bz2 cryptography-66d368b3e75898a0d1067a6713eec63d639081dd.zip | |
Clear the sensitive data
| -rw-r--r-- | cryptography/bindings/openssl/api.py | 6 |
1 files changed, 6 insertions, 0 deletions
diff --git a/cryptography/bindings/openssl/api.py b/cryptography/bindings/openssl/api.py index abdaef02..20a85cad 100644 --- a/cryptography/bindings/openssl/api.py +++ b/cryptography/bindings/openssl/api.py @@ -42,6 +42,7 @@ class API(object): int EVP_EncryptUpdate(EVP_CIPHER_CTX *, unsigned char *, int *, unsigned char *, int); int EVP_EncryptFinal_ex(EVP_CIPHER_CTX *, unsigned char *, int *); + int EVP_CIPHER_CTX_cleanup(EVP_CIPHER_CTX *); """) def create_block_cipher_context(self, cipher, mode): @@ -78,6 +79,11 @@ class API(object): if res == 0: # TODO: figure out openssl errors raise Exception + # TODO: this should also be called if the cipher isn't finalized. + res = self._lib.EVP_CIPHER_CTX_cleanup(ctx) + if res == 0: + # TODO: figure out openssl errors + raise Exception return self._ffi.buffer(buf)[:outlen[0]] |