From 3540926b98813e5e5daed709f820f06f6f9ac2ae Mon Sep 17 00:00:00 2001
From: manuroe <manu@matrix.org>
Date: Mon, 19 Dec 2016 18:10:37 +0100
Subject: [PATCH] OLMKit: Reset intermediate buffers to zeroes

---
 xcode/OLMKit/OLMAccount.m              | 2 ++
 xcode/OLMKit/OLMOutboundGroupSession.m | 2 ++
 xcode/OLMKit/OLMSession.m              | 2 ++
 3 files changed, 6 insertions(+)

diff --git a/xcode/OLMKit/OLMAccount.m b/xcode/OLMKit/OLMAccount.m
index 2f30fb6..af1e308 100644
--- a/xcode/OLMKit/OLMAccount.m
+++ b/xcode/OLMKit/OLMAccount.m
@@ -66,6 +66,7 @@
     size_t randomLength = olm_create_account_random_length(_account);
     NSMutableData *random = [OLMUtility randomBytesOfLength:randomLength];
     size_t accountResult = olm_create_account(_account, random.mutableBytes, random.length);
+    [random resetBytesInRange:NSMakeRange(0, random.length)];
     if (accountResult == olm_error()) {
         const char *error = olm_account_last_error(_account);
         NSLog(@"error creating account: %s", error);
@@ -147,6 +148,7 @@
     size_t randomLength = olm_account_generate_one_time_keys_random_length(_account, numberOfKeys);
     NSMutableData *random = [OLMUtility randomBytesOfLength:randomLength];
     size_t result = olm_account_generate_one_time_keys(_account, numberOfKeys, random.mutableBytes, random.length);
+    [random resetBytesInRange:NSMakeRange(0, random.length)];
     if (result == olm_error()) {
         const char *error = olm_account_last_error(_account);
         NSLog(@"error generating keys: %s", error);
diff --git a/xcode/OLMKit/OLMOutboundGroupSession.m b/xcode/OLMKit/OLMOutboundGroupSession.m
index d838ebc..a3421fd 100644
--- a/xcode/OLMKit/OLMOutboundGroupSession.m
+++ b/xcode/OLMKit/OLMOutboundGroupSession.m
@@ -55,6 +55,7 @@
         NSMutableData *random = [OLMUtility randomBytesOfLength:olm_init_outbound_group_session_random_length(session)];
 
         size_t result = olm_init_outbound_group_session(session, random.mutableBytes, random.length);
+        [random resetBytesInRange:NSMakeRange(0, random.length)];
         if (result == olm_error())   {
             const char *error = olm_outbound_group_session_last_error(session);
             NSLog(@"olm_init_outbound_group_session error: %s", error);
@@ -97,6 +98,7 @@
         return nil;
     }
     NSString *sessionKey = [[NSString alloc] initWithData:sessionKeyData encoding:NSUTF8StringEncoding];
+    [sessionKeyData resetBytesInRange:NSMakeRange(0, sessionKeyData.length)];
     return sessionKey;
 }
 
diff --git a/xcode/OLMKit/OLMSession.m b/xcode/OLMKit/OLMSession.m
index 7cbd358..2111c1c 100644
--- a/xcode/OLMKit/OLMSession.m
+++ b/xcode/OLMKit/OLMSession.m
@@ -78,6 +78,7 @@
     NSData *idKey = [theirIdentityKey dataUsingEncoding:NSUTF8StringEncoding];
     NSData *otKey = [theirOneTimeKey dataUsingEncoding:NSUTF8StringEncoding];
     size_t result = olm_create_outbound_session(_session, account.account, idKey.bytes, idKey.length, otKey.bytes, otKey.length, random.mutableBytes, random.length);
+    [random resetBytesInRange:NSMakeRange(0, random.length)];
     if (result == olm_error()) {
         const char *olm_error = olm_session_last_error(_session);
 
@@ -215,6 +216,7 @@
         return nil;
     }
     size_t result = olm_encrypt(_session, plaintextData.bytes, plaintextData.length, random.mutableBytes, random.length, ciphertext.mutableBytes, ciphertext.length);
+    [random resetBytesInRange:NSMakeRange(0, random.length)];
     if (result == olm_error()) {
         const char *olm_error = olm_session_last_error(_session);
 
-- 
GitLab