From 55018aa2b8f3b0ce045e262a05127d49308710b4 Mon Sep 17 00:00:00 2001
From: Justus Winter <justus@sequoia-pgp.org>
Date: Wed, 6 Feb 2019 14:06:32 +0100
Subject: openpgp: Improve secret key handling.

  - Use curve25519::secret_key() to generate keys in crypto::ecdh.

  - Wrap the secret keys into SessionKey objects to make sure they are
    zeroed when dropped.
---
 openpgp/src/crypto/mod.rs | 8 +++++++-
 1 file changed, 7 insertions(+), 1 deletion(-)

(limited to 'openpgp/src/crypto/mod.rs')

diff --git a/openpgp/src/crypto/mod.rs b/openpgp/src/crypto/mod.rs
index 33f27078..9dfec48e 100644
--- a/openpgp/src/crypto/mod.rs
+++ b/openpgp/src/crypto/mod.rs
@@ -1,7 +1,7 @@
 //! Cryptographic primitives.
 
 use std::io::Read;
-use std::ops::Deref;
+use std::ops::{Deref, DerefMut};
 use std::fmt;
 use std::cmp::Ordering;
 
@@ -54,6 +54,12 @@ impl Deref for SessionKey {
     }
 }
 
+impl DerefMut for SessionKey {
+    fn deref_mut(&mut self) -> &mut [u8] {
+        &mut self.0
+    }
+}
+
 impl From<Vec<u8>> for SessionKey {
     fn from(v: Vec<u8>) -> Self {
         SessionKey(v.into_boxed_slice())
-- 
cgit v1.2.3