From 72ddbae1e60470943aaae0bfce74ebdc88c07cd2 Mon Sep 17 00:00:00 2001
From: Jakob Unterwurzacher
Date: Sun, 18 Feb 2018 12:33:48 +0100
Subject: stupidgcm: create private copy of the key

Relieves the caller from worrying about whether they
can overwrite the key.
---
 internal/cryptocore/cryptocore.go | 8 +-------
 1 file changed, 1 insertion(+), 7 deletions(-)

(limited to 'internal/cryptocore')

diff --git a/internal/cryptocore/cryptocore.go b/internal/cryptocore/cryptocore.go
index a355342..43cfdbc 100644
--- a/internal/cryptocore/cryptocore.go
+++ b/internal/cryptocore/cryptocore.go
@@ -86,13 +86,7 @@ func New(key []byte, aeadType AEADTypeEnum, IVBitLen int, useHKDF bool, forceDec
 			if IVLen != 16 {
 				log.Panic("stupidgcm only supports 128-bit IVs")
 			}
-			// stupidgcm does not create a private copy of the key, so things
-			// break when initFuseFrontend() overwrites it with zeros. Create
-			// a copy here. This is unnecessary when useHKDF == true, but
-			// does no harm.
-			var stupidgcmKey []byte
-			stupidgcmKey = append(stupidgcmKey, gcmKey...)
-			aeadCipher = stupidgcm.New(stupidgcmKey, forceDecode)
+			aeadCipher = stupidgcm.New(gcmKey, forceDecode)
 		case BackendGoGCM:
 			goGcmBlockCipher, err := aes.NewCipher(gcmKey)
 			if err != nil {
-- 
cgit v1.2.3