From a5b1ee282aeb0c5e6754fd102609677bdfe621fa Mon Sep 17 00:00:00 2001
From: Bence Mali <bence.mali@tresorit.com>
Date: Mon, 29 Apr 2024 18:51:35 +0200
Subject: [PATCH] use OPENSSL_cleanse if OpenSSL is used

Signed-off-by: Bence Mali <bence.mali@tresorit.com>
---
 src/common/common.c | 6 ++++--
 1 file changed, 4 insertions(+), 2 deletions(-)

diff --git a/src/common/common.c b/src/common/common.c
index 7de1e6581..d4daab231 100644
--- a/src/common/common.c
+++ b/src/common/common.c
@@ -1,6 +1,6 @@
 // SPDX-License-Identifier: Apache-2.0 AND MIT
 
-#if !defined(_WIN32) && !defined(OQS_HAVE_EXPLICIT_BZERO)
+#if !defined(OQS_USE_OPENSSL) && !defined(_WIN32) && !defined(OQS_HAVE_EXPLICIT_BZERO)
 // Request memset_s
 #define __STDC_WANT_LIB_EXT1__ 1
 #endif
@@ -256,7 +256,9 @@ OQS_API int OQS_MEM_secure_bcmp(const void *a, const void *b, size_t len) {
 }
 
 OQS_API void OQS_MEM_cleanse(void *ptr, size_t len) {
-#if defined(_WIN32)
+#if defined(OQS_USE_OPENSSL)
+	OPENSSL_cleanse(ptr, len);
+#elif defined(_WIN32)
 	SecureZeroMemory(ptr, len);
 #elif defined(OQS_HAVE_EXPLICIT_BZERO)
 	explicit_bzero(ptr, len);