From 244881b87d7ac113356ede1b3788c9a40b533778 Mon Sep 17 00:00:00 2001
From: Andreas Schneider <asn@cryptomilk.org>
Date: Mon, 4 May 2015 17:23:13 +0200
Subject: [PATCH] external: Make sure we burn buffers in bcrypt

Signed-off-by: Andreas Schneider <asn@cryptomilk.org>
---
 src/external/bcrypt_pbkdf.c | 9 ++++-----
 1 file changed, 4 insertions(+), 5 deletions(-)

diff --git a/src/external/bcrypt_pbkdf.c b/src/external/bcrypt_pbkdf.c
index 27094744..79eee9a4 100644
--- a/src/external/bcrypt_pbkdf.c
+++ b/src/external/bcrypt_pbkdf.c
@@ -96,9 +96,9 @@ bcrypt_hash(uint8_t *sha2pass, uint8_t *sha2salt, uint8_t *out)
 	}
 
 	/* zap */
-	memset(ciphertext, 0, sizeof(ciphertext));
-	memset(cdata, 0, sizeof(cdata));
-	memset(&state, 0, sizeof(state));
+	BURN_BUFFER(ciphertext, sizeof(ciphertext));
+	BURN_BUFFER(cdata, sizeof(cdata));
+	BURN_BUFFER(&state, sizeof(state));
 }
 
 int
@@ -173,8 +173,7 @@ bcrypt_pbkdf(const char *pass, size_t passlen, const uint8_t *salt, size_t saltl
 	}
 
 	/* zap */
-	memset(out, 0, sizeof(out));
-	memset(countsalt, 0, saltlen + 4);
+	BURN_BUFFER(out, sizeof(out));
 	free(countsalt);
 
 	return 0;