From e05097e413b2dfaaf595ecc98e59080433e48459 Mon Sep 17 00:00:00 2001
From: Steffen Jaeckel <s@jaeckel.eu>
Date: Fri, 10 Nov 2017 16:55:45 +0100
Subject: [PATCH 1/2] fix segfault in ccm_memory() with LTC_CLEAN_STACK

we shouldn't clean user-supplied variables
---
 src/encauth/ccm/ccm_memory.c | 4 +++-
 1 file changed, 3 insertions(+), 1 deletion(-)

diff --git a/src/encauth/ccm/ccm_memory.c b/src/encauth/ccm/ccm_memory.c
index 45d6b6fb4..3326ce5c1 100644
--- a/src/encauth/ccm/ccm_memory.c
+++ b/src/encauth/ccm/ccm_memory.c
@@ -333,6 +333,9 @@ int ccm_memory(int cipher,
 
    if (skey != uskey) {
       cipher_descriptor[cipher].done(skey);
+#ifdef LTC_CLEAN_STACK
+      zeromem(skey,   sizeof(*skey));
+#endif
    }
 
    if (direction == CCM_ENCRYPT) {
@@ -380,7 +383,6 @@ int ccm_memory(int cipher,
    fastMask = 0;
 #endif
    mask = 0;
-   zeromem(skey,   sizeof(*skey));
    zeromem(PAD,    sizeof(PAD));
    zeromem(CTRPAD, sizeof(CTRPAD));
    if (pt_work != NULL) {

From 2a5f5cff16af950649ab22588fba2116cc65b48d Mon Sep 17 00:00:00 2001
From: Steffen Jaeckel <s@jaeckel.eu>
Date: Fri, 10 Nov 2017 17:01:13 +0100
Subject: [PATCH 2/2] test that ccm_memory() doesn't touch user-supplied key

---
 src/encauth/ccm/ccm_test.c | 11 +++++++++++
 1 file changed, 11 insertions(+)

diff --git a/src/encauth/ccm/ccm_test.c b/src/encauth/ccm/ccm_test.c
index d96cfac56..6d1e1e66f 100644
--- a/src/encauth/ccm/ccm_test.c
+++ b/src/encauth/ccm/ccm_test.c
@@ -145,6 +145,17 @@ int ccm_test(void)
                                tag, &taglen, 0)) != CRYPT_OK) {
             return err;
          }
+         /* run a second time to make sure skey is not touched */
+         if ((err = ccm_memory(idx,
+                               tests[x].key, 16,
+                               &skey,
+                               tests[x].nonce, tests[x].noncelen,
+                               tests[x].header, tests[x].headerlen,
+                               (unsigned char*)tests[x].pt, tests[x].ptlen,
+                               buf,
+                               tag, &taglen, 0)) != CRYPT_OK) {
+            return err;
+         }
       } else {
          if ((err = ccm_init(&ccm, idx, tests[x].key, 16, tests[x].ptlen, tests[x].taglen, tests[x].headerlen)) != CRYPT_OK) {
             return err;