stupidgcm: create private copy of the key

Relieves the caller from worrying about whether they can overwrite the key.
2018-02-18 12:33:48 +01:00 · 2018-02-18 12:33:48 +01:00 · 72ddbae1e6
commit 72ddbae1e6
parent 18f6c6106c
2 changed files with 5 additions and 9 deletions
--- a/internal/cryptocore/cryptocore.go
+++ b/internal/cryptocore/cryptocore.go
@ -86,13 +86,7 @@ func New(key []byte, aeadType AEADTypeEnum, IVBitLen int, useHKDF bool, forceDec
 			if IVLen != 16 {
 				log.Panic("stupidgcm only supports 128-bit IVs")
 			}
-			// stupidgcm does not create a private copy of the key, so things
-			// break when initFuseFrontend() overwrites it with zeros. Create
-			// a copy here. This is unnecessary when useHKDF == true, but
-			// does no harm.
-			var stupidgcmKey []byte
-			stupidgcmKey = append(stupidgcmKey, gcmKey...)
-			aeadCipher = stupidgcm.New(stupidgcmKey, forceDecode)
+			aeadCipher = stupidgcm.New(gcmKey, forceDecode)
 		case BackendGoGCM:
 			goGcmBlockCipher, err := aes.NewCipher(gcmKey)
 			if err != nil {
--- a/internal/stupidgcm/stupidgcm.go
+++ b/internal/stupidgcm/stupidgcm.go
@ -33,10 +33,12 @@ type StupidGCM struct {
 var _ cipher.AEAD = &StupidGCM{}

 // New returns a new cipher.AEAD implementation..
-func New(key []byte, forceDecode bool) cipher.AEAD {
-	if len(key) != keyLen {
+func New(keyIn []byte, forceDecode bool) cipher.AEAD {
+	if len(keyIn) != keyLen {
 		log.Panicf("Only %d-byte keys are supported", keyLen)
 	}
+	// Create a private copy of the key
+	key := append([]byte{}, keyIn...)
 	return &StupidGCM{key: key, forceDecode: forceDecode}
 }