Clear the sensitive data

commit: 66d368b3e75898a0d1067a6713eec63d639081dd [log] [tgz]
author: Alex Gaynor <alex.gaynor@gmail.com> Fri Aug 09 10:11:29 2013 -0700
committer: Alex Gaynor <alex.gaynor@gmail.com> Fri Aug 09 10:11:29 2013 -0700
tree: 2670b52ea6962aa69877b5c1ebbe685b8d01b0f0
parent: f48cb8601449f6d658fd996bff9de3a1b1b70ae8 [diff]
diff --git a/cryptography/bindings/openssl/api.py b/cryptography/bindings/openssl/api.py
index abdaef0..20a85ca 100644
--- a/cryptography/bindings/openssl/api.py
+++ b/cryptography/bindings/openssl/api.py

@@ -42,6 +42,7 @@
         int EVP_EncryptUpdate(EVP_CIPHER_CTX *, unsigned char *, int *,
                               unsigned char *, int);
         int EVP_EncryptFinal_ex(EVP_CIPHER_CTX *, unsigned char *, int *);
+        int EVP_CIPHER_CTX_cleanup(EVP_CIPHER_CTX *);
         """)
 
     def create_block_cipher_context(self, cipher, mode):
@@ -78,6 +79,11 @@
         if res == 0:
             # TODO: figure out openssl errors
             raise Exception
+        # TODO: this should also be called if the cipher isn't finalized.
+        res = self._lib.EVP_CIPHER_CTX_cleanup(ctx)
+        if res == 0:
+            # TODO: figure out openssl errors
+            raise Exception
         return self._ffi.buffer(buf)[:outlen[0]]
commit	66d368b3e75898a0d1067a6713eec63d639081dd	[log] [tgz]
author	Alex Gaynor <alex.gaynor@gmail.com>	Fri Aug 09 10:11:29 2013 -0700
committer	Alex Gaynor <alex.gaynor@gmail.com>	Fri Aug 09 10:11:29 2013 -0700
tree	2670b52ea6962aa69877b5c1ebbe685b8d01b0f0
parent	f48cb8601449f6d658fd996bff9de3a1b1b70ae8 [diff]