Fix missing error check in X448 (#181)

When encapsulating, we generate an ephemeral key. If the randomness provider returns an error, the key material should be discarded
ProtonMail · Sep 23, 2023 · afb1ddc · afb1ddc
1 parent 3c4c8a2
commit afb1ddc
Showing 1 changed file with 3 additions and 1 deletion.
diff --git a/openpgp/internal/ecc/x448.go b/openpgp/internal/ecc/x448.go
@@ -73,7 +73,9 @@ func (c *x448) GenerateECDH(rand io.Reader) (point []byte, secret []byte, err er
 func (c *x448) Encaps(rand io.Reader, point []byte) (ephemeral, sharedSecret []byte, err error) {
 	var pk, ss x448lib.Key
 	seed, e, err := c.generateKeyPairBytes(rand)
-
+	if err != nil {
+		return nil, nil, err
+	}
 	copy(pk[:], point)
 	x448lib.Shared(&ss, &seed, &pk)