openpgp: Clear the array after copying it to protected memory.

author: Justus Winter <justus@sequoia-pgp.org> 2023-09-22 14:05:37 +0200
committer: Justus Winter <justus@sequoia-pgp.org> 2023-09-22 15:32:46 +0200
commit: 2639423fa06dfa9a3d13a5962c3cb8db68a412fd (patch)
tree: 92007748f7d53a510c21bb5f1a040dc8d212999f /openpgp
parent: c6662d0a51868dca2d12a76f21670a890a045cbe (diff)
1 files changed, 4 insertions, 1 deletions
diff --git a/openpgp/src/crypto/mem.rs b/openpgp/src/crypto/mem.rs
index aaec1da6..c86c6731 100644
--- a/openpgp/src/crypto/mem.rs
+++ b/openpgp/src/crypto/mem.rs
@@ -185,9 +185,12 @@ impl From<&[u8]> for Protected {
 }
 
 impl<const N: usize> From<[u8; N]> for Protected {
-    fn from(v: [u8; N]) -> Self {
+    fn from(mut v: [u8; N]) -> Self {
         let mut p = Protected::new(v.len());
         careful_memcpy(&v, &mut p);
+        unsafe {
+            memsec::memzero(v.as_mut_ptr(), v.len());
+        }
         p
     }
 }
author	Justus Winter <justus@sequoia-pgp.org>	2023-09-22 14:05:37 +0200
committer	Justus Winter <justus@sequoia-pgp.org>	2023-09-22 15:32:46 +0200
commit	2639423fa06dfa9a3d13a5962c3cb8db68a412fd (patch)
tree	92007748f7d53a510c21bb5f1a040dc8d212999f /openpgp
parent	c6662d0a51868dca2d12a76f21670a890a045cbe (diff)