9 Dec
2024
9 Dec
'24
10:16 p.m.
On 12/9/24 21:49, Peter Dimov via Boost wrote:
Note that reaching a multiple of block_size is important, because it ensures that the secret key you passed as the seed is not left in the internal buffer of the hash algorithm, visible in memory dumps.
The test
https://github.com/pdimov/hash2/blob/develop/test/plaintext_leak.cpp
tries to catch these mistakes.
That's why this line
https://github.com/pdimov/hash2/blob/7a25f8518692b657e9272884519519fbaca2ec5...
is needed, for example.
Plain memset may be optimized away by the compiler. If you want to guarantee this data doesn't leak, a secure memset should be used.