Forgot to wipe a temporary buffer

author Loup Vaillant <loup@loup-vaillant.fr>

Fri, 3 Nov 2017 11:10:23 +0000 (12:10 +0100)

committer Loup Vaillant <loup@loup-vaillant.fr>

Fri, 3 Nov 2017 11:10:23 +0000 (12:10 +0100)
author Loup Vaillant <loup@loup-vaillant.fr>
Fri, 3 Nov 2017 11:10:23 +0000 (12:10 +0100)
committer Loup Vaillant <loup@loup-vaillant.fr>
Fri, 3 Nov 2017 11:10:23 +0000 (12:10 +0100)
diff --git a/src/monocypher.c b/src/monocypher.c

index 744ac1ae75f86b61e29ee0794c82ba2ffc266d52..e0389d0ed1b614acb098bba932539afed1e5c7cc 100644 (file)
--- a/src/monocypher.c
+++ b/src/monocypher.c
@@ -1695,7 +1695,9 @@ int crypto_unlock_final(crypto_lock_ctx *ctx, const u8 mac[16])
  {
      u8 real_mac[16];
      crypto_lock_final(ctx, real_mac);
-    return crypto_verify16(real_mac, mac);
+    int mismatch = crypto_verify16(real_mac, mac);
+    crypto_wipe(real_mac, 16);
+    return mismatch;
  }
  
  void crypto_aead_lock(u8        mac[16],
author	Loup Vaillant <loup@loup-vaillant.fr>
	Fri, 3 Nov 2017 11:10:23 +0000 (12:10 +0100)
committer	Loup Vaillant <loup@loup-vaillant.fr>
	Fri, 3 Nov 2017 11:10:23 +0000 (12:10 +0100)