From 7914568a309b7692bdcb9cebd1b8820c34e71c87 Mon Sep 17 00:00:00 2001
From: Justus Winter <justus@sequoia-pgp.org>
Date: Tue, 14 Mar 2023 16:07:13 +0100
Subject: openpgp: Immediately create ProtectedMPIs for secrets.

  - Avoid creating an MPI first, as this may leak the secrets.
---
 openpgp/src/crypto/backend/cng/asymmetric.rs | 14 +++++++-------
 1 file changed, 7 insertions(+), 7 deletions(-)

(limited to 'openpgp/src/crypto/backend/cng/asymmetric.rs')

diff --git a/openpgp/src/crypto/backend/cng/asymmetric.rs b/openpgp/src/crypto/backend/cng/asymmetric.rs
index 1d412476..d0a5fd9b 100644
--- a/openpgp/src/crypto/backend/cng/asymmetric.rs
+++ b/openpgp/src/crypto/backend/cng/asymmetric.rs
@@ -770,7 +770,7 @@ where
                 q: mpi::MPI::new(&public)
             },
             mpi::SecretKeyMaterial::EdDSA {
-                scalar: mpi::MPI::new(&private_key).into(),
+                scalar: private_key.into(),
             }.into()
         )
     }
@@ -810,10 +810,10 @@ where
                 n: mpi::MPI::new(&n.to_bytes_be()),
             },
             mpi::SecretKeyMaterial::RSA {
-                d: mpi::MPI::new(d).into(),
-                p: mpi::MPI::new(p).into(),
-                q: mpi::MPI::new(q).into(),
-                u: mpi::MPI::new(&u.to_bytes_be()).into(),
+                d: d.into(),
+                p: p.into(),
+                q: q.into(),
+                u: u.to_bytes_be().into(),
             }.into()
         )
     }
@@ -847,8 +847,8 @@ where
         let private = mpi::SecretKeyMaterial::RSA {
             p: p.into(),
             q: q.into(),
-            d: mpi::MPI::new(blob.priv_exp()).into(),
-            u: mpi::MPI::new(&u.to_bytes_be()).into(),
+            d: blob.priv_exp().into(),
+            u: u.to_bytes_be().into(),
         };
 
         Self::with_secret(
-- 
cgit v1.2.3