don't deallocate keys

libp2p/RLPxFrameIO.cpp

@@ -57,16 +57,19 @@ RLPXFrameIO::RLPXFrameIO(RLPXHandshake const& _init): m_socket(_init.m_socket)
 	
 	// aes-secret = sha3(ecdhe-shared-secret || shared-secret)
 	sha3(keyMaterial, outRef); // output aes-secret
-	SecByteBlock aesSecretEnc(outRef.data(), h128::size);
+	m_frameEncKey.resize(h128::size);
-	SecByteBlock aesSecretDec(outRef.data(), h128::size);
+	memcpy(m_frameEncKey.data(), outRef.data(), h128::size);
-	SecByteBlock emptyIV(h128::size);
+	m_frameDecKey.resize(h128::size);
-	m_frameEnc.SetKeyWithIV(aesSecretEnc, h128::size, emptyIV);
+	memcpy(m_frameDecKey.data(), outRef.data(), h128::size);
-	m_frameDec.SetKeyWithIV(aesSecretDec, h128::size, emptyIV);
+	h128 iv;
+	m_frameEnc.SetKeyWithIV(m_frameEncKey, h128::size, iv.data());
+	m_frameDec.SetKeyWithIV(m_frameDecKey, h128::size, iv.data());
 
 	// mac-secret = sha3(ecdhe-shared-secret || aes-secret)
 	sha3(keyMaterial, outRef); // output mac-secret
-	SecByteBlock macSecret(outRef.data(), h128::size);
+	m_macEncKey.resize(h128::size);
-	m_macEnc.SetKey(macSecret, h128::size);
+	memcpy(m_macEncKey.data(), outRef.data(), h128::size);
+	m_macEnc.SetKey(m_macEncKey, h128::size);
 
 	// Initiator egress-mac: sha3(mac-secret^recipient-nonce || auth-sent-init)
 	//           ingress-mac: sha3(mac-secret^initiator-nonce || auth-recvd-ack)

libp2p/RLPxFrameIO.h

@@ -86,15 +86,18 @@ protected:
 private:
 	void updateMAC(CryptoPP::SHA3_256& _mac, bytesConstRef _seed = bytesConstRef());
 
+	CryptoPP::SecByteBlock m_frameEncKey;
+	CryptoPP::SecByteBlock m_frameDecKey;
 	CryptoPP::CTR_Mode<CryptoPP::AES>::Encryption m_frameEnc;
 	CryptoPP::CTR_Mode<CryptoPP::AES>::Encryption m_frameDec;
-	Mutex x_macEnc;
+	CryptoPP::SecByteBlock m_macEncKey;
 	CryptoPP::ECB_Mode<CryptoPP::AES>::Encryption m_macEnc;
+	Mutex x_macEnc;
 	CryptoPP::SHA3_256 m_egressMac;
 	CryptoPP::SHA3_256 m_ingressMac;
 	
 	std::shared_ptr<RLPXSocket> m_socket;
 };
-	
+
 }
 }