Merge pull request #41 from untoldwind/master

Ensure that all data of StaticSecret is cleared on drop
dalek-cryptography · Apr 23, 2019 · 1cc37a1 · 1cc37a1
2 parents 9a637d4 + 0f187b4
commit 1cc37a1
Showing 1 changed file with 5 additions and 7 deletions.
diff --git a/src/x25519.rs b/src/x25519.rs
@@ -164,14 +164,12 @@ impl SharedSecret {
 /// # Returns
 ///
 /// A `Scalar`.
-fn clamp_scalar(scalar: [u8; 32]) -> Scalar {
-    let mut s: [u8; 32] = scalar.clone();
+fn clamp_scalar(mut scalar: [u8; 32]) -> Scalar {
+    scalar[0]  &= 248;
+    scalar[31] &= 127;
+    scalar[31] |= 64;
 
-    s[0]  &= 248;
-    s[31] &= 127;
-    s[31] |= 64;
-
-    Scalar::from_bits(s)
+    Scalar::from_bits(scalar)
 }
 
 /// The bare, byte-oriented x25519 function, exactly as specified in RFC7748.