mirror
/
go
mirror of https://github.com/golang/go.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

crypto/rc4: remove false guarantees from Reset docs and deprecate it 

Nothing in Go can truly guarantee a key will be gone from memory (see
#21865), so remove that claim. That makes Reset useless, because
unlike most Reset methods it doesn't restore the original value state,
so deprecate it.

Change-Id: I6bb0f7f94c7e6dd4c5ac19761bc8e5df1f9ec618
Reviewed-on: https://go-review.googlesource.com/c/162297
Reviewed-by: Brad Fitzpatrick <bradfitz@golang.org>
This commit is contained in:
Filippo Valsorda 2019-02-13 03:37:57 -05:00
parent 56e4b0b3a2
commit b35dacaac5
1 changed files with 4 additions and 2 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

6
src/crypto/rc4/rc4.go
View File

@ -45,8 +45,10 @@ func NewCipher(key []byte) (*Cipher, error) {
return &c, nil
}
// Reset zeros the key data so that it will no longer appear in the
// process's memory.
// Reset zeros the key data and makes the Cipher unusable.
//
// Deprecated: Reset can't guarantee that the key will be entirely removed from
// the process's memory.
func (c *Cipher) Reset() {
for i := range c.s {
c.s[i] = 0