Clear the shared secret after use

author: Peter Dettman <peter.dettman@bouncycastle.org> 2015-03-08 20:05:10 +0700
committer: Peter Dettman <peter.dettman@bouncycastle.org> 2015-03-08 20:05:10 +0700
commit: 8caafc0e62002b81df21a5c9af91fb93f974537b (patch)
tree: 36c21c08cffa493a4fddaefe67341a33321f9bdd /crypto/src
parent: Add newer TLS test data from Java build (diff)
download: BouncyCastle.NET-ed25519-8caafc0e62002b81df21a5c9af91fb93f974537b.tar.xz
1 files changed, 10 insertions, 4 deletions
diff --git a/crypto/src/crypto/engines/IesEngine.cs b/crypto/src/crypto/engines/IesEngine.cs
index 961e3b038..a2004a9d6 100644
--- a/crypto/src/crypto/engines/IesEngine.cs
+++ b/crypto/src/crypto/engines/IesEngine.cs
@@ -224,10 +224,16 @@ namespace Org.BouncyCastle.Crypto.Engines
 
             byte[] zBytes = BigIntegers.AsUnsignedByteArray(agree.GetFieldSize(), z);
 
-            return forEncryption
-                ?	EncryptBlock(input, inOff, inLen, zBytes)
-                :	DecryptBlock(input, inOff, inLen, zBytes);
+            try
+            {
+                return forEncryption
+                    ?	EncryptBlock(input, inOff, inLen, zBytes)
+                    :	DecryptBlock(input, inOff, inLen, zBytes);
+            }
+            finally
+            {
+                Array.Clear(zBytes, 0, zBytes.Length);
+            }
         }
     }
-
 }
author	Peter Dettman <peter.dettman@bouncycastle.org>	2015-03-08 20:05:10 +0700
committer	Peter Dettman <peter.dettman@bouncycastle.org>	2015-03-08 20:05:10 +0700
commit	8caafc0e62002b81df21a5c9af91fb93f974537b (patch)
tree	36c21c08cffa493a4fddaefe67341a33321f9bdd /crypto/src
parent	Add newer TLS test data from Java build (diff)
download	BouncyCastle.NET-ed25519-8caafc0e62002b81df21a5c9af91fb93f974537b.tar.xz