X-Git-Url: https://tinc-vpn.org/git/browse?a=blobdiff_plain;f=src%2Fed25519%2Fecdh.c;h=cfb2077b3f59a41e0ba421bf853814628bdc7838;hb=ce4d55b72fd4290d4710f10e755f6dd9ed039d88;hp=9adf19fe1fb3b2ece8d90c1725197229d6b0f9d5;hpb=5822f817aa802c2c5a83e9d99a8ae78cb822799b;p=tinc

diff --git a/src/ed25519/ecdh.c b/src/ed25519/ecdh.c
index 9adf19fe..cfb2077b 100644
--- a/src/ed25519/ecdh.c
+++ b/src/ed25519/ecdh.c
@@ -18,6 +18,7 @@
 */
 
 #include "../system.h"
+#include "../random.h"
 
 #include "ed25519.h"
 
@@ -26,26 +27,26 @@ typedef struct ecdh_t {
 	uint8_t private[64];
 } ecdh_t;
 
-#include "../crypto.h"
 #include "../ecdh.h"
 #include "../xalloc.h"
 
 ecdh_t *ecdh_generate_public(void *pubkey) {
-	ecdh_t *ecdh = xzalloc(sizeof *ecdh);
+	ecdh_t *ecdh = xzalloc(sizeof(*ecdh));
 
 	uint8_t seed[32];
-	randomize(seed, sizeof seed);
+	randomize(seed, sizeof(seed));
 	ed25519_create_keypair(pubkey, ecdh->private, seed);
+	memzero(seed, sizeof(seed));
 
 	return ecdh;
 }
 
 bool ecdh_compute_shared(ecdh_t *ecdh, const void *pubkey, void *shared) {
 	ed25519_key_exchange(shared, pubkey, ecdh->private);
-	free(ecdh);
+	ecdh_free(ecdh);
 	return true;
 }
 
 void ecdh_free(ecdh_t *ecdh) {
-	free(ecdh);
+	xzfree(ecdh, sizeof(ecdh_t));
 }