Wipe (some) secrets from memory after use

[tinc] / src / ed25519 / ecdh.c

diff --git a/src/ed25519/ecdh.c b/src/ed25519/ecdh.c
index 9adf19f..cfb2077 100644 (file)
--- a/src/ed25519/ecdh.c
+++ b/src/ed25519/ecdh.c
@@ -18,6 +18,7 @@
 */
 
 #include "../system.h"
+#include "../random.h"
 
 #include "ed25519.h"
 
@@ -26,26 +27,26 @@ typedef struct ecdh_t {
        uint8_t private[64];
 } ecdh_t;
 
-#include "../crypto.h"
 #include "../ecdh.h"
 #include "../xalloc.h"
 
 ecdh_t *ecdh_generate_public(void *pubkey) {
-       ecdh_t *ecdh = xzalloc(sizeof *ecdh);
+       ecdh_t *ecdh = xzalloc(sizeof(*ecdh));
 
        uint8_t seed[32];
-       randomize(seed, sizeof seed);
+       randomize(seed, sizeof(seed));
        ed25519_create_keypair(pubkey, ecdh->private, seed);
+       memzero(seed, sizeof(seed));
 
        return ecdh;
 }
 
 bool ecdh_compute_shared(ecdh_t *ecdh, const void *pubkey, void *shared) {
        ed25519_key_exchange(shared, pubkey, ecdh->private);
-       free(ecdh);
+       ecdh_free(ecdh);
        return true;
 }
 
 void ecdh_free(ecdh_t *ecdh) {
-       free(ecdh);
+       xzfree(ecdh, sizeof(ecdh_t));
 }