diff options
| author | Peter Dettman <peter.dettman@bouncycastle.org> | 2015-03-08 20:05:10 +0700 |
|---|---|---|
| committer | Peter Dettman <peter.dettman@bouncycastle.org> | 2015-03-08 20:05:10 +0700 |
| commit | 8caafc0e62002b81df21a5c9af91fb93f974537b (patch) | |
| tree | 36c21c08cffa493a4fddaefe67341a33321f9bdd | |
| parent | Add newer TLS test data from Java build (diff) | |
| download | BouncyCastle.NET-ed25519-8caafc0e62002b81df21a5c9af91fb93f974537b.tar.xz | |
Clear the shared secret after use
| -rw-r--r-- | crypto/src/crypto/engines/IesEngine.cs | 14 |
1 files changed, 10 insertions, 4 deletions
diff --git a/crypto/src/crypto/engines/IesEngine.cs b/crypto/src/crypto/engines/IesEngine.cs index 961e3b038..a2004a9d6 100644 --- a/crypto/src/crypto/engines/IesEngine.cs +++ b/crypto/src/crypto/engines/IesEngine.cs @@ -224,10 +224,16 @@ namespace Org.BouncyCastle.Crypto.Engines byte[] zBytes = BigIntegers.AsUnsignedByteArray(agree.GetFieldSize(), z); - return forEncryption - ? EncryptBlock(input, inOff, inLen, zBytes) - : DecryptBlock(input, inOff, inLen, zBytes); + try + { + return forEncryption + ? EncryptBlock(input, inOff, inLen, zBytes) + : DecryptBlock(input, inOff, inLen, zBytes); + } + finally + { + Array.Clear(zBytes, 0, zBytes.Length); + } } } - } |