Correct secq256k1/embedwards25519 Zeroize implementations

crypto/evrf/embedwards25519/src/point.rs

@@ -30,7 +30,7 @@ fn recover_y(x: FieldElement) -> CtOption<FieldElement> {
 }
 
 /// Point.
-#[derive(Clone, Copy, Debug, Zeroize)]
+#[derive(Clone, Copy, Debug)]
 #[repr(C)]
 pub struct Point {
   x: FieldElement, // / Z
@@ -38,6 +38,18 @@ pub struct Point {
   z: FieldElement,
 }
 
+impl Zeroize for Point {
+  fn zeroize(&mut self) {
+    self.x.zeroize();
+    self.y.zeroize();
+    self.z.zeroize();
+    let identity = Self::identity();
+    self.x = identity.x;
+    self.y = identity.y;
+    self.z = identity.z;
+  }
+}
+
 impl ConstantTimeEq for Point {
   fn ct_eq(&self, other: &Self) -> Choice {
     let x1 = self.x * other.z;

crypto/evrf/secq256k1/src/point.rs

@@ -24,7 +24,7 @@ fn recover_y(x: FieldElement) -> CtOption<FieldElement> {
 }
 
 /// Point.
-#[derive(Clone, Copy, Debug, Zeroize)]
+#[derive(Clone, Copy, Debug)]
 #[repr(C)]
 pub struct Point {
   x: FieldElement, // / Z
@@ -32,6 +32,18 @@ pub struct Point {
   z: FieldElement,
 }
 
+impl Zeroize for Point {
+  fn zeroize(&mut self) {
+    self.x.zeroize();
+    self.y.zeroize();
+    self.z.zeroize();
+    let identity = Self::identity();
+    self.x = identity.x;
+    self.y = identity.y;
+    self.z = identity.z;
+  }
+}
+
 impl ConstantTimeEq for Point {
   fn ct_eq(&self, other: &Self) -> Choice {
     let x1 = self.x * other.z;