Don't clear BigNums in destructor

Instead add a clear method.
author: Steven Fackler <[email protected]> 2016-11-01 21:59:07 -0700
committer: Steven Fackler <[email protected]> 2016-11-01 21:59:07 -0700
commit: 176348630a07f53808b33dae05c61b6dd0d8ef7f (patch)
tree: 8c263ed598966fc2eb069eb632f354b7ffecbfc5 /openssl/src
parent: Fix docs (diff)
download: rust-openssl-176348630a07f53808b33dae05c61b6dd0d8ef7f.tar.xz
rust-openssl-176348630a07f53808b33dae05c61b6dd0d8ef7f.zip
1 files changed, 8 insertions, 1 deletions
diff --git a/openssl/src/bn.rs b/openssl/src/bn.rs
index 7bc8b2c9..989f65e0 100644
--- a/openssl/src/bn.rs
+++ b/openssl/src/bn.rs
@@ -225,6 +225,13 @@ impl BnCtx {
 }
 
 impl Ref<BigNum> {
+    /// Erases the memory used by this `BigNum`, resetting its value to 0.
+    ///
+    /// This can be used to destroy sensitive data such as keys when they are no longer needed.
+    pub fn clear(&mut self) {
+        unsafe { ffi::BN_clear(self.as_ptr()) }
+    }
+
     /// Adds a `u32` to `self`.
     pub fn add_word(&mut self, w: u32) -> Result<(), ErrorStack> {
         unsafe { cvt(ffi::BN_add_word(self.as_ptr(), w as ffi::BN_ULONG)).map(|_| ()) }
@@ -431,7 +438,7 @@ impl Ref<BigNum> {
     }
 }
 
-type_!(BigNum, ffi::BIGNUM, ffi::BN_clear_free);
+type_!(BigNum, ffi::BIGNUM, ffi::BN_free);
 
 impl BigNum {
     /// Creates a new `BigNum` with the value 0.
author	Steven Fackler <[email protected]>	2016-11-01 21:59:07 -0700
committer	Steven Fackler <[email protected]>	2016-11-01 21:59:07 -0700
commit	176348630a07f53808b33dae05c61b6dd0d8ef7f (patch)
tree	8c263ed598966fc2eb069eb632f354b7ffecbfc5 /openssl/src
parent	Fix docs (diff)
download	rust-openssl-176348630a07f53808b33dae05c61b6dd0d8ef7f.tar.xz rust-openssl-176348630a07f53808b33dae05c61b6dd0d8ef7f.zip