From c24b694fb2f06a0193a7bed3283d5da2c0c5c48d Mon Sep 17 00:00:00 2001 From: Luke Parker Date: Mon, 25 Aug 2025 04:54:08 -0400 Subject: [PATCH] Correct secq256k1/embedwards25519 Zeroize implementations --- crypto/evrf/embedwards25519/src/point.rs | 14 +++++++++++++- crypto/evrf/secq256k1/src/point.rs | 14 +++++++++++++- 2 files changed, 26 insertions(+), 2 deletions(-) diff --git a/crypto/evrf/embedwards25519/src/point.rs b/crypto/evrf/embedwards25519/src/point.rs index 2335f144..fb7fc9a3 100644 --- a/crypto/evrf/embedwards25519/src/point.rs +++ b/crypto/evrf/embedwards25519/src/point.rs @@ -30,7 +30,7 @@ fn recover_y(x: FieldElement) -> CtOption { } /// Point. -#[derive(Clone, Copy, Debug, Zeroize)] +#[derive(Clone, Copy, Debug)] #[repr(C)] pub struct Point { x: FieldElement, // / Z @@ -38,6 +38,18 @@ pub struct Point { z: FieldElement, } +impl Zeroize for Point { + fn zeroize(&mut self) { + self.x.zeroize(); + self.y.zeroize(); + self.z.zeroize(); + let identity = Self::identity(); + self.x = identity.x; + self.y = identity.y; + self.z = identity.z; + } +} + impl ConstantTimeEq for Point { fn ct_eq(&self, other: &Self) -> Choice { let x1 = self.x * other.z; diff --git a/crypto/evrf/secq256k1/src/point.rs b/crypto/evrf/secq256k1/src/point.rs index 0b47f0ae..b22decb7 100644 --- a/crypto/evrf/secq256k1/src/point.rs +++ b/crypto/evrf/secq256k1/src/point.rs @@ -24,7 +24,7 @@ fn recover_y(x: FieldElement) -> CtOption { } /// Point. -#[derive(Clone, Copy, Debug, Zeroize)] +#[derive(Clone, Copy, Debug)] #[repr(C)] pub struct Point { x: FieldElement, // / Z @@ -32,6 +32,18 @@ pub struct Point { z: FieldElement, } +impl Zeroize for Point { + fn zeroize(&mut self) { + self.x.zeroize(); + self.y.zeroize(); + self.z.zeroize(); + let identity = Self::identity(); + self.x = identity.x; + self.y = identity.y; + self.z = identity.z; + } +} + impl ConstantTimeEq for Point { fn ct_eq(&self, other: &Self) -> Choice { let x1 = self.x * other.z;