From: Loup Vaillant <loup@loup-vaillant.fr>
Date: Mon, 16 Apr 2018 22:52:14 +0000 (+0200)
Subject: crypto_check does not wipe context
X-Git-Url: https://git.codecow.com/?a=commitdiff_plain;h=ea582c70ef8079b1b5b925930cdb2cd517a2e4ec;p=Monocypher.git

crypto_check does not wipe context
---

diff --git a/doc/man/man3/crypto_sign_init_first_pass.3monocypher b/doc/man/man3/crypto_sign_init_first_pass.3monocypher
index 63f9620..2687bde 100644
--- a/doc/man/man3/crypto_sign_init_first_pass.3monocypher
+++ b/doc/man/man3/crypto_sign_init_first_pass.3monocypher
@@ -102,7 +102,6 @@ Update with
 .It
 Signature verification with
 .Fn crypto_check_final .
-This also wipes the context.
 .El
 .Sh RETURN VALUES
 .Fn crypto_sign_init_first_pass ,
diff --git a/src/monocypher.c b/src/monocypher.c
index ea462e5..04656af 100644
--- a/src/monocypher.c
+++ b/src/monocypher.c
@@ -1676,6 +1676,7 @@ int crypto_check_final(crypto_check_ctx *ctx)
     ge_add(&diff, &p, &sB);                    // diff = s - A*h_ram
     ge_tobytes(R_check, &diff);
     return crypto_verify32(ctx->sig, R_check); // R == s - A*h_ram ? OK : fail
+    // No secret, no wipe
 }
 
 int crypto_check(const u8  signature[64],