Do not overwrite IVs slice memory

[gogost.git] / src / cypherpunks.ru / gogost / gost28147 / cfb.go

diff --git a/src/cypherpunks.ru/gogost/gost28147/cfb.go b/src/cypherpunks.ru/gogost/gost28147/cfb.go
index 5c39ffa8b76195c3e94f4ad7fa7757a5fc9afc41..902d12dc85713332b9fbb90a656b976c88cd8658 100644 (file)
--- a/src/cypherpunks.ru/gogost/gost28147/cfb.go
+++ b/src/cypherpunks.ru/gogost/gost28147/cfb.go
@@ -1,5 +1,5 @@
 // GoGOST -- Pure Go GOST cryptographic functions library
-// Copyright (C) 2015-2017 Sergey Matveev <stargrave@stargrave.org>
+// Copyright (C) 2015-2019 Sergey Matveev <stargrave@stargrave.org>
 //
 // This program is free software: you can redistribute it and/or modify
 // it under the terms of the GNU General Public License as published by
@@ -21,8 +21,13 @@ type CFBEncrypter struct {
        iv []byte
 }
 
-func (c *Cipher) NewCFBEncrypter(iv [BlockSize]byte) *CFBEncrypter {
-       return &CFBEncrypter{c, iv[:]}
+func (c *Cipher) NewCFBEncrypter(iv []byte) *CFBEncrypter {
+       if len(iv) != BlockSize {
+               panic("iv length is not equal to blocksize")
+       }
+       encrypter := CFBEncrypter{c: c, iv: make([]byte, BlockSize)}
+       copy(encrypter.iv, iv)
+       return &encrypter
 }
 
 func (c *CFBEncrypter) XORKeyStream(dst, src []byte) {
@@ -48,8 +53,13 @@ type CFBDecrypter struct {
        iv []byte
 }
 
-func (c *Cipher) NewCFBDecrypter(iv [BlockSize]byte) *CFBDecrypter {
-       return &CFBDecrypter{c, iv[:]}
+func (c *Cipher) NewCFBDecrypter(iv []byte) *CFBDecrypter {
+       if len(iv) != BlockSize {
+               panic("iv length is not equal to blocksize")
+       }
+       decrypter := CFBDecrypter{c: c, iv: make([]byte, BlockSize)}
+       copy(decrypter.iv, iv)
+       return &decrypter
 }
 
 func (c *CFBDecrypter) XORKeyStream(dst, src []byte) {