2 files changed, 20 insertions, 1 deletions

diff --git a/src/lib/modes/cbc/cbc.cpp b/src/lib/modes/cbc/cbc.cpp
index 7e1fe4d0f..592ff95e9 100644
--- a/src/lib/modes/cbc/cbc.cpp
+++ b/src/lib/modes/cbc/cbc.cpp
@@ -1,6 +1,7 @@
 /*
 * CBC Mode
 * (C) 1999-2007,2013 Jack Lloyd
+* (C) 2016 Daniel Neus, Rohde & Schwarz Cybersecurity
 *
 * Botan is released under the Simplified BSD License (see license.txt)
 */
@@ -25,7 +26,12 @@ CBC_Mode::CBC_Mode(BlockCipher* cipher, BlockCipherModePaddingMethod* padding) :
 void CBC_Mode::clear()
    {
    m_cipher->clear();
-   m_state.clear();
+   reset();
+   }
+
+void CBC_Mode::reset()
+   {
+   zeroise(m_state);
    }
 
 std::string CBC_Mode::name() const
@@ -239,6 +245,12 @@ void CBC_Decryption::finish(secure_vector<byte>& buffer, size_t offset)
    buffer.resize(buffer.size() - pad_bytes); // remove padding
    }
 
+void CBC_Decryption::reset()
+   {
+   zeroise(state());
+   zeroise(m_tempbuf);
+   }
+
 bool CTS_Decryption::valid_nonce_length(size_t n) const
    {
    return (n == cipher().block_size());
diff --git a/src/lib/modes/cbc/cbc.h b/src/lib/modes/cbc/cbc.h
index c6b6e4e4b..1b7cbd323 100644
--- a/src/lib/modes/cbc/cbc.h
+++ b/src/lib/modes/cbc/cbc.h
@@ -1,6 +1,7 @@
 /*
 * CBC mode
 * (C) 1999-2007,2013 Jack Lloyd
+* (C) 2016 Daniel Neus, Rohde & Schwarz Cybersecurity
 *
 * Botan is released under the Simplified BSD License (see license.txt)
 */
@@ -31,6 +32,9 @@ class BOTAN_DLL CBC_Mode : public Cipher_Mode
       bool valid_nonce_length(size_t n) const override;
 
       void clear() override;
+
+      void reset() override;
+
    protected:
       CBC_Mode(BlockCipher* cipher, BlockCipherModePaddingMethod* padding);
 
@@ -118,6 +122,9 @@ class BOTAN_DLL CBC_Decryption : public CBC_Mode
       size_t output_length(size_t input_length) const override;
 
       size_t minimum_final_size() const override;
+
+      void reset() override;
+
    private:
       secure_vector<byte> m_tempbuf;
    };