[release-branch.go1.12] crypto/rc4: remove false guarantees from Reset docs and deprecate it

Nothing in Go can truly guarantee a key will be gone from memory (see #21865), so remove that claim. That makes Reset useless, because unlike most Reset methods it doesn't restore the original value state, so deprecate it. Change-Id: I6bb0f7f94c7e6dd4c5ac19761bc8e5df1f9ec618 Reviewed-on: https://go-review.googlesource.com/c/162297Reviewed-by: Brad Fitzpatrick <bradfitz@golang.org> (cherry picked from commit b35dacaa) Reviewed-on: https://go-review.googlesource.com/c/163438

[release-branch.go1.12] crypto/rc4: remove false guarantees from Reset docs and deprecate it
Nothing in Go can truly guarantee a key will be gone from memory (see #21865), so remove that claim. That makes Reset useless, because unlike most Reset methods it doesn't restore the original value state, so deprecate it. Change-Id: I6bb0f7f94c7e6dd4c5ac19761bc8e5df1f9ec618 Reviewed-on: https://go-review.googlesource.com/c/162297Reviewed-by: Brad Fitzpatrick <bradfitz@golang.org> (cherry picked from commit b35dacaa) Reviewed-on: https://go-review.googlesource.com/c/163438
da1f5d37 · Filippo Valsorda · 35e6a10c · da1f5d37
Commit da1f5d37 authored Feb 13, 2019 by Filippo Valsorda
Hide whitespace changes
Inline Side-by-side

Showing with 4 additions and 2 deletions

src/crypto/rc4/rc4.go src/crypto/rc4/rc4.go +4 -2

No files found.
--- a/src/crypto/rc4/rc4.go
+++ b/src/crypto/rc4/rc4.go
@@ -45,8 +45,10 @@ func NewCipher(key []byte) (*Cipher, error) {
 	return &c, nil
 }
-// Reset zeros the key data so that it will no longer appear in the
+// Reset zeros the key data and makes the Cipher unusable.
-// process's memory.
+//
+// Deprecated: Reset can't guarantee that the key will be entirely removed from
+// the process's memory.
 func (c *Cipher) Reset() {
 	for i := range c.s {
 		c.s[i] = 0