From ee6f457225bd2b318f0a84cd208c6ad079842f65 Mon Sep 17 00:00:00 2001 From: Frank Denis Date: Sun, 16 Aug 2020 11:35:08 +0200 Subject: [PATCH] argon2 - copy raw hash after possible encoding, not before (irrelevant in libsodium) --- src/libsodium/crypto_pwhash/argon2/argon2.c | 10 +++++----- 1 file changed, 5 insertions(+), 5 deletions(-) diff --git a/src/libsodium/crypto_pwhash/argon2/argon2.c b/src/libsodium/crypto_pwhash/argon2/argon2.c index b3bee574..c6277fc8 100644 --- a/src/libsodium/crypto_pwhash/argon2/argon2.c +++ b/src/libsodium/crypto_pwhash/argon2/argon2.c @@ -134,11 +134,6 @@ argon2_hash(const uint32_t t_cost, const uint32_t m_cost, return result; } - /* if raw hash requested, write it */ - if (hash) { - memcpy(hash, out, hashlen); - } - /* if encoding requested, write it */ if (encoded && encodedlen) { if (argon2_encode_string(encoded, encodedlen, @@ -150,6 +145,11 @@ argon2_hash(const uint32_t t_cost, const uint32_t m_cost, } } + /* if raw hash requested, write it */ + if (hash) { + memcpy(hash, out, hashlen); + } + sodium_memzero(out, hashlen); free(out);