X-Git-Url: https://tinc-vpn.org/git/browse?a=blobdiff_plain;f=src%2Fed25519%2Fecdsagen.c;h=1edc945a365589b41f746016805972b4b809cc26;hb=72091d5c770856870bb8cd51bcc5641078c7562c;hp=06b41c86ed6190fcd9bcc065b071a5c5e77a9ae7;hpb=b2701c7c54b11cda71461c5dbbc985476bf5b221;p=tinc

diff --git a/src/ed25519/ecdsagen.c b/src/ed25519/ecdsagen.c
index 06b41c86..1edc945a 100644
--- a/src/ed25519/ecdsagen.c
+++ b/src/ed25519/ecdsagen.c
@@ -27,10 +27,10 @@ typedef struct {
 	uint8_t public[32];
 } ecdsa_t;
 
-#include "../crypto.h"
 #include "../ecdsagen.h"
 #include "../utils.h"
 #include "../xalloc.h"
+#include "../random.h"
 
 // Generate ECDSA key
 
@@ -40,6 +40,7 @@ ecdsa_t *ecdsa_generate(void) {
 	uint8_t seed[32];
 	randomize(seed, sizeof(seed));
 	ed25519_create_keypair(ecdsa->public, ecdsa->private, seed);
+	memzero(seed, sizeof(seed));
 
 	return ecdsa;
 }
@@ -60,6 +61,8 @@ static bool write_pem(FILE *fp, const char *type, void *vbuf, size_t size) {
 		size -= todo;
 	}
 
+	memzero(base64, sizeof(base64));
+
 	fprintf(fp, "-----END %s-----\n", type);
 	return !ferror(fp);
 }