diff options
author | Justus Winter <justus@sequoia-pgp.org> | 2023-03-14 14:22:00 +0100 |
---|---|---|
committer | Justus Winter <justus@sequoia-pgp.org> | 2023-03-14 16:17:26 +0100 |
commit | 4989669caddf46613d17ccc08b5471eeaa25ac43 (patch) | |
tree | 9b69be8ea64e4983b42e41c48f3feb767ef04108 | |
parent | f01de4c06369d5d2f1ddea71843915312515ceb6 (diff) |
openpgp: Avoid leaking secrets when constructing ProtectedMPIs.
-rw-r--r-- | openpgp/src/crypto/mpi.rs | 18 |
1 files changed, 13 insertions, 5 deletions
diff --git a/openpgp/src/crypto/mpi.rs b/openpgp/src/crypto/mpi.rs index e9b65bf6..fe1bebff 100644 --- a/openpgp/src/crypto/mpi.rs +++ b/openpgp/src/crypto/mpi.rs @@ -325,23 +325,31 @@ assert_send_and_sync!(ProtectedMPI); impl From<Vec<u8>> for ProtectedMPI { fn from(m: Vec<u8>) -> Self { - let p = MPI::new(&m).into(); + let value = Protected::from(MPI::trim_leading_zeros(&m)); drop(Protected::from(m)); // Erase source. - p + ProtectedMPI { + value, + } } } impl From<Box<[u8]>> for ProtectedMPI { fn from(m: Box<[u8]>) -> Self { - let p = MPI::new(&m).into(); + let value = Protected::from(MPI::trim_leading_zeros(&m)); drop(Protected::from(m)); // Erase source. - p + ProtectedMPI { + value, + } } } impl From<Protected> for ProtectedMPI { fn from(m: Protected) -> Self { - MPI::new(&m).into() + let value = Protected::from(MPI::trim_leading_zeros(&m)); + drop(m); // Erase source. + ProtectedMPI { + value, + } } } |