Zeroize buffer used in Scalar::from_hash

from_hash is frequently used for private key/nonce generation, making this buffer a copy of private keys/nonces.
2025-12-08 12:19:24 +00:00 · 2022-08-04 14:40:54 -04:00
parent 797be71eb3
commit 42a3d38b48
1 changed files with 3 additions and 1 deletions
--- a/crypto/dalek-ff-group/src/lib.rs
+++ b/crypto/dalek-ff-group/src/lib.rs
@@ -185,7 +185,9 @@ impl Scalar {
  pub fn from_hash<D: Digest<OutputSize = U64>>(hash: D) -> Scalar {
    let mut output = [0u8; 64];
    output.copy_from_slice(&hash.finalize());
-    Scalar(DScalar::from_bytes_mod_order_wide(&output))
+    let res = Scalar(DScalar::from_bytes_mod_order_wide(&output));
+    output.zeroize();
+    res
  }
 }