From 72ddbae1e60470943aaae0bfce74ebdc88c07cd2 Mon Sep 17 00:00:00 2001
From: Jakob Unterwurzacher
Date: Sun, 18 Feb 2018 12:33:48 +0100
Subject: stupidgcm: create private copy of the key

Relieves the caller from worrying about whether they
can overwrite the key.
---
 internal/stupidgcm/stupidgcm.go | 6 ++++--
 1 file changed, 4 insertions(+), 2 deletions(-)

(limited to 'internal/stupidgcm')

diff --git a/internal/stupidgcm/stupidgcm.go b/internal/stupidgcm/stupidgcm.go
index 77d6770..c8aecca 100644
--- a/internal/stupidgcm/stupidgcm.go
+++ b/internal/stupidgcm/stupidgcm.go
@@ -33,10 +33,12 @@ type StupidGCM struct {
 var _ cipher.AEAD = &StupidGCM{}
 
 // New returns a new cipher.AEAD implementation..
-func New(key []byte, forceDecode bool) cipher.AEAD {
-	if len(key) != keyLen {
+func New(keyIn []byte, forceDecode bool) cipher.AEAD {
+	if len(keyIn) != keyLen {
 		log.Panicf("Only %d-byte keys are supported", keyLen)
 	}
+	// Create a private copy of the key
+	key := append([]byte{}, keyIn...)
 	return &StupidGCM{key: key, forceDecode: forceDecode}
 }
 
-- 
cgit v1.2.3