aboutsummaryrefslogtreecommitdiff
path: root/src
diff options
context:
space:
mode:
authorRichard van der Hoff <richard@matrix.org>2016-10-21 17:19:59 +0100
committerRichard van der Hoff <richard@matrix.org>2016-10-21 17:19:59 +0100
commit21ce3491dd39485eac35ad850257a20fc99f330d (patch)
tree9798efdf94043c662ef7ff6292e59eb0d360b709 /src
parent5a98012c0d3951d2d08e9922ee682fbdecc68f0c (diff)
Clear random buf in olm_init_outbound_group_session
All the other methods clear their random inputs. This one needs to do the same, to reduce the risk of the randomness being used elsewhere and leaking key info.
Diffstat (limited to 'src')
-rw-r--r--src/outbound_group_session.c13
1 files changed, 8 insertions, 5 deletions
diff --git a/src/outbound_group_session.c b/src/outbound_group_session.c
index 4e4561a..ae45694 100644
--- a/src/outbound_group_session.c
+++ b/src/outbound_group_session.c
@@ -154,20 +154,23 @@ size_t olm_init_outbound_group_session_random_length(
size_t olm_init_outbound_group_session(
OlmOutboundGroupSession *session,
- uint8_t const * random, size_t random_length
+ uint8_t *random, size_t random_length
) {
+ const uint8_t *random_ptr = random;
+
if (random_length < olm_init_outbound_group_session_random_length(session)) {
/* Insufficient random data for new session */
session->last_error = OLM_NOT_ENOUGH_RANDOM;
return (size_t)-1;
}
- megolm_init(&(session->ratchet), random, 0);
- random += MEGOLM_RATCHET_LENGTH;
+ megolm_init(&(session->ratchet), random_ptr, 0);
+ random_ptr += MEGOLM_RATCHET_LENGTH;
- _olm_crypto_ed25519_generate_key(random, &(session->signing_key));
- random += ED25519_RANDOM_LENGTH;
+ _olm_crypto_ed25519_generate_key(random_ptr, &(session->signing_key));
+ random_ptr += ED25519_RANDOM_LENGTH;
+ _olm_unset(random, random_length);
return 0;
}