I'm writing a program that implements the Boneh-Franklin Identity Based Encryption. For the actual encryption methods, I use Blowfish which I got from (https://voltar.org/). I'm trying to adapt the blowfish encryption/decryption code to my program. The difference in my program is that I read the message from the standard input, encrypt it and print the encryption, then decrypt it and print the decryption (which should be the original message). Currently, I read the input message up to a "?" character and then try to follow the code from the site. However, the decryption is printed as unreadable characters. I tried to solve this problem but I got stuck. Can you please help me?
//initializations
BF_KEY s_key; //shared key of the blowfish encryption
char plain[1000000]; //the plaintext of the message
char cipher[1000000]; //the ciphertext of the message
char byte; //to hold the byte of the msg
char *token; //points to tokens of the msg
char IV[8]="MY*IV000"; //the initialization vector
int offset = 0; //the offset of encryption
int b_count = 0; //number of bytes in d_buf
char block[8]; //blocks of encryption
char msg[1000000]; //the input msg from the user
int j; //used to read input in a loop with getchar
int i; //for-loop value
int len; //used to calculate lengths different variables
int f; //flag for the setup stage
int q; //used to read input in a loop with getchar
q=0; //reset the index reader
char in; //to read characters
printf("Please enter the message you wish to send:\n");
************ This is my code to read the input message: ***************
//this loop reads the input from the user since C does not
//provide a safe function to read strings with white spaces
while (in != '?'){
in=getchar();
if(in != '?') //dont include the delim character in the string
msg[q++]=in;
}
msg[q]='\0'; //truncate the string by the null character
************ Then I used the code (cited and referenced) for encryption ***************
Of course I modified it as message read from stdin not program args
for(i=0; i<strlen(msg); i++) //copy the input message to plain
plain[i] = msg[i];
//set up the shared key of the BF encryption
BF_set_key(&s_key, strlen(ekey_buf), ekey_buf);
while(1){
for(i=0; i<8; i++) //reinitiate the block of 8 characters each time
block[i] = 0;
strncpy(block, plain+offset, 8);
BF_cbc_encrypt(plain+offset, cipher, 8, &s_key, IV, BF_ENCRYPT);
for(i=0; i<strlen(cipher); i++){
printf("%02x", (unsigned char) cipher[i]);
}
if( strlen(plain+offset)>8 ){ //if there is still more characters
offset += 8; //process the next block of 8 characters
} else
break;
}
//the cipher is correctly printed
************ Then I used the code (cited and referenced) for decryption ***************
Here, I excluded the part where it tokenized the cipher and created the plain char array for decryption, I simply passed the cipher array to be decrypted (as it is output from the encryption function), and stored in the plain char array with length = strlen(cipher)
//set up the shared key of the BF encryption
BF_set_key(&s_key, strlen(dkey_buf), dkey_buf);
BF_cbc_encrypt(cipher, plain, strlen(cipher), &s_key, IV, BF_DECRYPT);
printf("plain after decryption: %s\n", plain);
//HERE IS THE PROBLEM: I get unreadable characters as output of this line
Any help is appreciated. Sorry for the inconvenience and many thanks in advance.
I have a hunch it's a dirty IV, but it's just a guess.
for(i=0; i<8; i++) ivec[i] = 'i';
BF_cbc_encrypt(inputz, outputz, strlen(inputz), &key, ivec, BF_ENCRYPT);
// won't decrypt right:
BF_cbc_encrypt(inputz, outputz, strlen(inputz), &key, ivec, BF_DECRYPT);
// without resetting the ivec to all 'i's, the decryption will fail.
// This would work though:
for(i=0; i<8; i++) ivec[i] = 'i';
BF_cbc_encrypt(inputz, outputz, strlen(inputz), &key, ivec, BF_ENCRYPT);
for(i=0; i<8; i++) ivec[i] = 'i';
BF_cbc_encrypt(inputz, outputz, strlen(inputz), &key, ivec, BF_DECRYPT);
My guess is only correct if every block after the first decrypts correctly though.
Another big problem with strlen(inputz) is that if the strlen() doesn't fall exactly on an 8byte boundary, your decrypt will ultimately fail. I have addressed the problem rather completely as a gist on github.
Check your encoding.
You need to null terminate plain i.e. something like plain[ strlen(dkey_buf) ] = 0 is needed.
Aren't there patent restrictions on using/distributing programs that leverage the IBE algorithm?
Related
Basically, my code is supposed to encrypt a sentence(or word) by taking out all the even numbered index values(starting from 0) and the odd numbered index values and placing the even index values before the odd index values.
For example, a word like "test" (0)t(1)e(2)s(3)t should be printed as (0)t(2)s(1)e(3)t or "tset". There aren't supposed to be any numbers printed, I just used them to show the odd and even index values.
My code works sometimes, depending on where it is run. I seem to be getting differing results between code blocks and an online compiler I tried. I suspect there must be a larger issue to blame for this inconsistency. Can anyone help me to see what I'm doing wrong so I can finally understand and rectify my errors?
I have tried using one counter to input both even and odd index values into one array but I was having errors with that as well so I decided to put them into separate arrays and then use strcat to combine them. Is there a way to make it work with the method I've shown in my code or should I go back to the previous method?
#include <stdio.h>
#include <string.h>
#define SIZE 1000
int main()
{
char message[SIZE];
char even[SIZE];
char odd[SIZE];
int length,j=0;
printf("Enter a word or sentence.\n");
fgets(message,SIZE,stdin);
printf("Your message is: %s\n",message);
message[strcspn(message, "\n")] = 0;
length=strlen(message);
printf("The length of the message is: %d\n",length);
for(int i=0;i<length;i+=2){
even[i/2]=message[i];
// printf("%c\n",even[i/2]);
}
for(int i=1;i<length;i+=2){
odd[j]=message[i];
j++;
}
printf("The even letters are: %s\n",even);
printf("The odd letters are: %s\n",odd);
strcat(even,odd);
printf("%s",even);
/*printf("\nFInalyy.");
for(i=0;i<=count;i++)
for(j=i+1;j<=count;j++){
if(strcmp(allmessages[i],allmessages[j])>0){
strcpy(temp,allmessages[i]);
strcpy(allmessages[i],allmessages[j]);
strcpy(allmessages[j],temp);
}
}
printf("The original messages in alphabetical order are: ");
for(i=0;i<=count;i++)
puts(allmessages[i]);*/
return 0;
}
It works perfectly when I type in words like "test" or "sentence". Sometimes I type in sentences like "this is a test sentence" and it would work perfectly then one time it would print out some random garbage letters along with the encrypted sentence. I would like to know how to fix this and to understand why it works perfectly with the same entry a few times then just stops. I used https://www.onlinegdb.com/online_c_compiler to test it the last few times so my results are based on that.
Successful Result:
Unsuccessful Result using the same entry:
You can take a slightly shorter approach by simply using two indexes to build your encrypted string (like evenstart and oddstart) based on the total length of the message entered by the user. evenstart = 0; and oddstart = (msglen + 1) / 2;
Then just loop over the characters in the message entered by the user writing even characters at encrypt[evenstart++] and odd characters at encrypt[oddstart++]. (don't forget to nul-terminate encrypt if you will be using it as a string for output purposes.
Putting it together you could do:
#include <stdio.h>
#include <string.h>
#define MAXC 1024
int main (void) {
char message[MAXC],
encrypt[MAXC];
size_t len, evenstart = 0, oddstart;
fputs ("enter message: ", stdout);
if (!fgets (message, MAXC, stdin)) { /* validate message entered */
fputs ("(user canceled input)\n", stdout);
return 1;
}
message[(len = strcspn(message, "\r\n"))] = 0; /* trim '\n', get len */
oddstart = (len + 1) / 2; /* get oddstart (add 1 before divide) */
for (size_t i = 0; i < len; i++) /* loop over each char */
if (i & 1) /* if odd, write char at oddstart */
encrypt[oddstart++] = message[i];
else /* if even, write at evenstart */
encrypt[evenstart++] = message[i];
encrypt[len] = 0; /* nul-terminate */
printf ("message : '%s'\nencrypt : '%s'\n", message, encrypt);
}
(note: you can use i % 2 to check even/odd if you like, or simply i & 1 -- in binary, if the ones-bit is 1 it's odd, otherwise its even -- up to you)
Example Use/Output
$ ./bin/encrevenodd
enter message: tes
message : 'tes'
encrypt : 'tse'
$ ./bin/encrevenodd
enter message: test
message : 'test'
encrypt : 'tset'
$ ./bin/encrevenodd
enter message: tests
message : 'tests'
encrypt : 'tsset'
$ ./bin/encrevenodd
enter message: my dog has fleas
message : 'my dog has fleas'
encrypt : 'm o a laydghsfes'
Look things over and let me know if you have questions.
Strings in C are terminated by the null byte ('\0' or ascii value 0) just so it knows where the string ends. Since the even and odd character arrays were not terminated by the null byte, strcat does not know when to stop appending characters. So the garbage values you see is because strcat keeps appending characters until you luckily find a 0 in memory.
Strings in C do not know their length, they're just pointers. Strings must be terminated with a null character in order for functions like printf and strlen to know when to stop.
char even[SIZE];
char odd[SIZE];
At this point even and odd both contain whatever garbage was in memory at that time.
for(int i=0;i<length;i+=2){
even[i/2]=message[i];
}
for(int i=1;i<length;i+=2){
odd[j]=message[i];
j++;
}
Now the beginning of odd and even have been filled in, but they were not null terminated.
printf("The even letters are: %s\n",even);
printf("The odd letters are: %s\n",odd);
These will start at where even and odd point, print the characters you've put in there, and then keep on printing whatever garbage was in memory until they happen to hit a null character.
The fix is to either zero out the memory with memset.
memset(even, '\0', SIZE);
memset(odd, '\0', SIZE);
Or ensure that even and odd are null terminated once you're done with them.
for(i=0;i<length;i+=2){
even[i/2]=message[i];
}
even[i/2] = '\0';
for(i=1;i<length;i+=2){
odd[j]=message[i];
j++;
}
odd[j] = '\0';
Side note, even and odd loops can be done with the same technique.
for( i=0,j=0; i<length; i+=2,j++ ) {
even[j]=message[i];
}
even[j] = '\0';
for( i=1,j=0; i<length; i+=2,j++ ) {
odd[j]=message[i];
}
odd[j] = '\0';
Then we can observe that the only difference is where we start reading message. That means we can put this in a function and always remember to null terminate the result.
void copy_every_other_character(const char *src, char *dst) {
int i,j,length = 0;
length = strlen(src);
for( i=0,j=0; i<length; i+=2,j++ ) {
dst[j] = src[i];
}
dst[j] = '\0';
}
copy_every_other_character(message, even);
copy_every_other_character(message+1, odd);
Adding 1 to message means copy_every_other_character will get a pointer to the second character of message and go on from there. If message is 01234 it will see 1234.
Closed. This question needs to be more focused. It is not currently accepting answers.
Want to improve this question? Update the question so it focuses on one problem only by editing this post.
Closed 5 years ago.
Improve this question
Im Encrypting the Original Messages using XOR algorithm by following code in C program. And Finally it gives another different value that message has encrypted. It should return same length even after the message has encrypted.
But, Using strlen(encrypted) it gives less value than original message length. I couldn't recognize why the length of XOR encrypted message is showing less than the original message length. Please find the following the code to solve my problem.
Thanks in Advance!
#include<stdio.h>
#include<stdlib.h>
#include<string.h>
char* XORCipher(char* data, char* key, int dataLen, int keyLen) {
char* output = (char*)malloc(sizeof(char)*dataLen);
for(int i = 0; i < dataLen; ++i) {
output[i] = data[i] ^ key[i % keyLen];
}
return output;
}
int main(){
char *msg = "This is a Message from Boss";
char *key = "nandha";
int dataLen = strlen(msg);
int keyLen = strlen(key);
char *encrypt = XORCipher(msg,key,dataLen,keyLen);
printf("\nEncrypted msg is :\n %s",(char*)encrypt);
//The Length of encrypted char size is showing wrongly.
printf("size of Encrypted msg is: %d\n",strlen(encrypt));
encrypt = XORCipher(encrypt,key,strlen(encrypt),keyLen);
printf("\nOriginal msg converted is : %s\n",encrypt);
return 0;
}
When you perform these XOR operations on your string, the resulting values could fall outside the range of printable characters. In particular, if a plaintext character happens to match the key character used to encode it the result will be 0.
In C, a string is actually a sequence of characters terminated by a null byte, i.e. a byte with value 0. Any function that operates on strings looks for this byte to denote the end of the string.
Because your encoding can generate null bytes, your encrypted message is not a string but an array of bytes. Attempting to use a string function on the encrypted message can cause it to stop processing in the middle of the message if it contains a null byte. If the message does not contain a null byte, these string functions will continue to read past the end of the character array until it finds one. Reading past the end of an array or dynamically allocated block of memory invoked undefined behavior.
You need some other way to know how long the encrypted message is. In the case of the XOR encoding you're doing this is easy: the length of the ciphertext is the same as the length of the plaintext. So when decoding, pass in dataLen for the ciphertext length. To print the ciphertext, you need to loop through the bytes and print each one individually rather that trying to print it as a string (which it is not).
Also, after you've decoded, you still don't have a string because there was no null terminating byte added to the end of the decrypted message. You can do this manually after calling decrypting:
// pass in plaintext length as ciphertext length since they are the same
encrypt = XORCipher(encrypt,key,dataLen,keyLen);
// null terminate decrypted string
encrypt[dataLen] = '\0';
The buffer allocated inside of XORCipher doesn't currently allocate enough space for the null terminator, so you need to increase this by 1 to allow for this:
// no need to cast the return value of malloc
// sizeof(char) is guaranteed to be 1, so no need to multiply by it
char* output = malloc(dataLen + 1);
C strings are character arrays that are null terminated. When you allocate your encrypted array with the length of the string, you don't leave room for null termination, so strlen is unable to tell when the string ends, thinking the string ends outside of the actual memory that you allocated. This modification to your xor function will make it work.
char* XORCipher(char* data, char* key, int dataLen, int keyLen) {
char* output = (char*)malloc(sizeof(char)*dataLen+1);
output[dateLen] = 0;
for(int i = 0; i < dataLen; ++i) {
output[i] = data[i] ^ key[i % keyLen];
}
return output;
}
Additionally, if you're xor function gives 0 as an output, strlen will see that as the end of the string, which would give you a string length shorter than the expected output.
Update: I have tested the code and it works.
char* XORCipher(char* data, char* key, unsigned long dataLen, unsigned long keyLen) {
char* output = (char*)malloc(sizeof(char)*dataLen+1);
output[dataLen] = 0;
for(int i = 0; i < dataLen; ++i) {
output[i] = data[i] ^ key[i % keyLen];
}
return output;
}
void printLn(char* toPrint, unsigned long len){
for (unsigned long i = 0; i < len; i++) {
printf("%c", toPrint[i]);
}
printf("\n");
}
int main(){
char *msg = "This is a Message from Boss";
char *key = "nandha";
unsigned long dataLen = strlen(msg);
unsigned long keyLen = strlen(key);
printLn(msg, dataLen);
char* xorMessage = XORCipher(msg, key, dataLen, keyLen);
printLn(xorMessage, dataLen);
xorMessage = XORCipher(xorMessage, key, dataLen, keyLen);
printLn(xorMessage, dataLen);
return 0;
}
Be reminded that xoring can result in null characters in the array that you've allocated, resulting in a terminating character which you might have not intended. To compensate for this, I have added a function to print out based on length since you know this information based on your msg. After xoring twice you should have your original string back, which I my code verified.
So I was wondering how I could decrypt an encrypted textfile that is opened through a command line argument using ASCII and with an unknown key and then printing it all out and with the answer key. I seem to have been able to actually print out the encrypted message but don't have a clue on how to determine how to find the key and print it out.
int main( int argc, char *argv[]) {
FILE *fp = stdin; // defaults
int n = 13;
int shift;
// process command line
switch (argc) {
default:
fp = fopen(argv[1], "r"); // should check for problems
n = atoi(argv[2]);
break;
}
// rotate text
int c, key;
int i;
while( (c = fgetc(fp)) != EOF) {
// This is where I have managed to make C an integer
// and print out the encrypted message using the printf function.
Usually, decryption without knowing the key is impossible. Luckily, your message is encrypted with one of the simplest methods possible...
Caesar cipher encryption works like so:
* Choose offset K
* For every letter in message do
** Letter = Letter+K
So if we wanted to break that code, we could just go over all possible values of K (255) and rule out every possibility that generates ASCII codes that are not letters or numbers (assuming the original message is in plain English).
You might still need some user interaction to decide if there is more than one option, but the options will be limited.
I am trying to send a message with a check sum from an USB to serial port converter and back again.
But I can't make it work for some reason even tough I have tried for a hole day. I am starting to think that there is something wrong with the hardware but I thought that it would be a good idea to ask you guys before giving up... I am using cygwin for executing and compiling programs on a windows computer.
I would have liked to attach a picture of the terminal when the program is running but you have to have an reputation of >10 which I ain't :(. So I will have to describe it instead.....
I get the following information from the terminal when I try to send 'a'.
Enter a message: a
The checksum for your message to send is: 97
Your message to send is: a
a#
The checksum of the received message is: 97
The message wasn't properly received!
You received the following: a
a#
I receive what I send, but the check sum for 'a' should be 'a' right? So the string that should have been sent is "aa" instead of "a
a#" or am I completely lost here.
I have attached the relevant parts of the code below (printWhite() etc. change the color of the text and nothing more)
void main(){
regularSend();
regularReceive();
}
void regularSend(){
char buff2s[20];
unsigned char calculatedCS;
printf("Enter a message: ");
fgets(buff2s,15,stdin); // string input from keyboard
calculatedCS=checkSum(buff2s,strlen(buff2s));
printf("The checksum for your message to send is: %i\n",calculatedCS);
buff2s[strlen(buff2s)]=calculatedCS; //adds a checksum
buff2s[strlen(buff2s)]='\0'; //adds a new string terminator
printf("Your message to send is: %s\n",buff2s);
bytes_written=write(fd,buff2s,strlen(buff2s));
sleep(1);
}
void regularReceive(){
unsigned char buffR[20];
unsigned char rCS;
bytes_read=read(fd,buffR,sizeof(buffR)-1);
if(strlen(buffR)<1){
printRed();
printf(" No reply from the serial device! \n");
printWhite();
}
else{
rCS=checkSum(buffR,strlen(buffR)-2); //1 byte extra now
printf("The checksum of the received message is: %i\n", rCS);
true_or_false=check_checkSum(buffR,strlen(buffR)-1);
if(true_or_false==1){
buffR[strlen(buffR)-1]='\0'; //removes checksum
printf("Your message was: %s\n",buffR);
}
else{
printRed();
printf("The message wasn't properly received!\n");
printWhite();
printf("You received the following: %s\n\n",buffR);
}
}
}
unsigned char checkSum(char buff[], unsigned char nbrOfBytes){
unsigned char ic;
unsigned int t_cSum=0;
for (ic=0;ic<nbrOfBytes-1;ic++){
t_cSum=t_cSum+buff[ic];
}
return (unsigned char) t_cSum; //returns a 8bit checksum
}
unsigned char check_checkSum(char buffR_t[], unsigned char nbrOfBytes){ //<- check this
unsigned char r_cSum=checkSum(buffR_t,nbrOfBytes-1); //calculates the expected value of the checksum byte
if(r_cSum==(unsigned char)buffR_t[nbrOfBytes-2]){
printGreen();
printf("A message has been received! \n");
printWhite();
return 1;
}
else{
return 0;
}
}
Is someone able to spot my mistakes(I am almost sure that there is at least 2)? I would appreciate any help in this matter!
Best regards Henrik
As #Roddy pointed out, code is bad for it overwrites the string's \0 with the checksum, then tries to find the string length in the next line of a potentially unterminated string!
buff2s[strlen(buff2s)]=calculatedCS; //adds a checksum
buff2s[strlen(buff2s)]='\0'; //adds a new string terminator
Suggest:
size_t len = strlen(buff2s);
calculatedCS = checkSum(buff2s, len);
buff2s[len] = calculatedCS; //adds a checksum
buff2s[++len] = '\0'; //adds a new string terminator
bytes_written=write(fd, buff2s, len + 1);
Since working with strings, change checksum generator and checker to insure it does not create a '\0'.
unsigned char checkSum(char buff[], size_t nbrOfBytes){
size_t ic;
unsigned int t_cSum = 0;
for (ic=0; ic<nbrOfBytes-1; ic++){
t_cSum += buff[ic];
}
return (unsigned char) (t_cSum % 255 + 1);
}
RegularReceive() will not work. Suggest reading via fgetc() until a '\0' occurs. (or timeout or buffer full). In particular the following is dangerous as it is not known that buffR ends with a '\0' and the next function is strlen(buffR).
bytes_read = read(fd, buffR, sizeof(buffR)-1);
if(strlen(buffR)<1){
buff2s[strlen(buff2s)]=calculatedCS; //adds a checksum
buff2s[strlen(buff2s)]='\0'; //adds a new string terminator
Bad :-(
Just because your string has a null terminator doesn't mean it's nulls all the way beyond. Your first 'strlen' tells you where the current end is. You overwrite that with the checksum, but where the 'new terminator' goes could be anywhere. Do this instead.
int len = strlen(buff2s);
buff2s[len]=calculatedCS; //adds a checksum
buff2s[len+1]='\0'; //adds a new string terminator
(ideally, checking for buffer overflow as well...)
I'm trying to create a long string that is produced out of encrypted substrings. For the encryption I'm using AES128 and libmcrypt. The code is working, but I get a shorter output then I should and a beeping sound. I guess it's because I'm using strlen, but I have no idea, how I can avoid that. I will be very grateful for some suggestions. Here is my code:
char *Encrypt( char *key, char *message){
static char *Res;
MCRYPT mfd;
char *IV;
int i, blocks, key_size = 16, block_size = 16;
blocks = (int) (strlen(message) / block_size) + 1;
Res = calloc(1, (blocks * block_size));
mfd = mcrypt_module_open(MCRYPT_RIJNDAEL_128, NULL, "ecb", NULL);
mcrypt_generic_init(mfd, key, key_size, IV);
strncpy(Res, message, strlen(message));
mcrypt_generic(mfd, Res, block_size);
//printf("the encrypted %s\n", Res);
mcrypt_generic_deinit(mfd);
mcrypt_module_close(mfd);
return (Res);
}
char *mkline ( int cols) {
int j;
char seed[] = "thesecretmessage", key1[]="dontusethisinput", key2[]="abadinputforthis";
char *encrypted, *encrypted2, *in = malloc(cols * 16);
encrypted = Encrypt(key1, seed);
sprintf(in, "%s", encrypted);
encrypted2= Encrypt(key2, encrypted);
printf("encrypted2 before for-loop %s\n", encrypted2);
printf("encrypted2 before for loop len %d\n", strlen(encrypted2));
for (j=1; j<cols; j++) {
strcat(in, encrypted2);
memmove(encrypted2, Encrypt(key2, encrypted2),strlen(seed));
printf("encrypted2 %s on position %d\n" , encrypted2,j);
printf("encrypted2 len %d\n", strlen(encrypted2));
}
free(encrypted);
free(encrypted2);
return in;
}
int main(int argc, char *argv[]) {
char *line = mkline(15);
printf("line %s\n", line);
printf("line lenght %d\n", strlen(line));
return 0;
}
You get the beep sound because you are printing control character.
Also strlen return the size until the first '\0' character (because strings are zero terminated). That's why you get length less than you expect since the encrypted message may contain zeroes.
You can do something like this to return the result length:
char *Encrypt(const char *key, const char *message, int *result_len)
{
*result_len = blocks * block_size;
}
Also
memmove(encrypted2, Encrypt(key2, encrypted2),strlen(seed));
This line should produce a memory leak since every time you call Encrypt you call calloc (allocate new memory) which you need to free after you are done.
You probably should use memcpy, memmove is primarly used if there is a chance destination and source may overlap.
The encrypted string you are trying to print contains a stream of bytes where the value of the individual byte ranges from 0 to 255. Because you are using a cryptographically secure algorithm, the distribution of values is very close to even.
Since you are trying to print the encrypted string through a console, the console interprets some of the bytes as control characters (see Bell character) that are unprintable but have other effects instead, such as playing beeps.
Furthermore, strlen isn't doing what you think it should be doing because the encrypted string is not null-terminated, but instead contains zeroes amongst other bytes and they have no special meaning unlike in NULL terminated strings. You need to store the length of the string elsewhere.
Simple, you are treating binary output (any byte value) directly as printable text. Any character wit a code point below 32 (hex 20) isn't. E.g. the ASCII value for BELL (look it up) could be meaningful to you. Print the resulting bytes in hexadecimals and you should be ok.
I should like to add that in general it is good practice to clear any memory that held the plaintext/unencrypted message after you encrypt it if you can. This is not good coding practice, but good cryptology practice.
This can be done by:
memset(buffer, 0, length_of_buffer);
Don't worry, that won't be optimized out by your compiler. It's actually not smart enough to tell if you'll be using that area again or not.