1 files changed, 14 insertions, 5 deletions

diff --git a/libcmix-crypto/elgamal/gcrypt/gcrypt_elgamal.c b/libcmix-crypto/elgamal/gcrypt/gcrypt_elgamal.c
index 1dd0690..a0512dd 100644
--- a/libcmix-crypto/elgamal/gcrypt/gcrypt_elgamal.c
+++ b/libcmix-crypto/elgamal/gcrypt/gcrypt_elgamal.c
@@ -67,7 +67,7 @@ struct KeyPair gcrypt_elgamal_create_keypair() {
 	gcry_error_t error;
 	
 	void* bytes = gcry_random_bytes_secure(2048/8, GCRY_VERY_STRONG_RANDOM);
-	gcry_mpi_t x = gcry_mpi_snew(2048);
+	gcry_mpi_t x;
 	error = gcry_mpi_scan(&x, GCRYMPI_FMT_USG, bytes, 2048/8, &parse_error_offset);
 	check(error);
 	
@@ -105,12 +105,17 @@ void gcrypt_elgamal_element_to_array(unsigned char** buffer, size_t* len, void*
 	check(error);
 }
 
+void gcrypt_elgamal_free_buffer(void* buffer) {
+	gcry_free(buffer);
+}
+
 void* gcrypt_elgamal_array_to_element(char const* buffer, size_t len, bool secure) {
 	size_t error_pos;
 	gcry_error_t error;
 	
-	gcry_mpi_t mpi = secure ? gcry_mpi_snew(0) : gcry_mpi_new(0);
+	gcry_mpi_t mpi;
 	error = gcry_mpi_scan(&mpi, GCRYMPI_FMT_USG, buffer, len, &error_pos);
+	gcry_mpi_set_flag(mpi, GCRYMPI_FLAG_SECURE);
 	check(error);
 	
 	return mpi;
@@ -121,8 +126,10 @@ void* gcrypt_elgamal_get_group_element(bool secure) {
 	gcry_error_t error;
 	
 	void* bytes = gcry_random_bytes_secure(2048/8, GCRY_VERY_STRONG_RANDOM);
-	gcry_mpi_t a = secure ? gcry_mpi_snew(2048) : gcry_mpi_new(2048);
+	gcry_mpi_t a;
 	error = gcry_mpi_scan(&a, GCRYMPI_FMT_USG, bytes, 2048/8, &parse_error_offset);
+	//random bytes generated with GCRY{,_VERY}_STRONG_RANDOM are generated in "secure memory"
+	//so secure is unused.
 	check(error);
 	
 	gcry_free(bytes);
@@ -149,8 +156,6 @@ void gcrypt_elgamal_delete_group_element(void* el) {
 	gcry_mpi_release((gcry_mpi_t) el);
 }
 
-
-
 void gcrypt_elgamal_add_public_share(char** buffer, size_t* out_len, char const* share, size_t in_len, void* pubkey) {
 	
 	gcry_error_t error;
@@ -167,6 +172,9 @@ void gcrypt_elgamal_add_public_share(char** buffer, size_t* out_len, char const*
 	
 	error = gcry_mpi_aprint(GCRYMPI_FMT_USG, (unsigned char**) buffer, out_len, result);
 	check(error);
+	
+	gcry_mpi_release(mpi_share);
+	gcry_mpi_release(result);
 }
 
 struct SharedKey gcrypt_elgamal_derive_shared_key(struct KeyPair keypair, unsigned char const* other_pub, size_t pub_len, unsigned char const* value, size_t value_len, void* priv_value, bool swap) {
@@ -227,6 +235,7 @@ Initializer elgamal_initialize = &gcrypt_elgamal_initialize;
 KeyPairCreator elgamal_create_keypair = &gcrypt_elgamal_create_keypair;
 KeyPairDeleter elgamal_delete_keypair = &gcrypt_elgamal_delete_keypair;
 ElementToArray elgamal_element_to_array = &gcrypt_elgamal_element_to_array;
+BufferDeleter elgamal_free_buffer = &gcrypt_elgamal_free_buffer;
 ArrayToElement elgamal_array_to_element = &gcrypt_elgamal_array_to_element;
 GroupElementGetter elgamal_get_group_element = &gcrypt_elgamal_get_group_element;
 GroupElementDeleter elgamal_delete_group_element = &gcrypt_elgamal_delete_group_element;