Cleanse temporary data used to derive ECDH shared secret

real-or-random · real-or-random · commit aa65cd6f737d · 2019-06-06T22:27:37.000+02:00
diff --git a/src/modules/ecdh/main_impl.h b/src/modules/ecdh/main_impl.h
@@ -20,6 +20,7 @@ static int ecdh_hash_function_sha256(unsigned char *output, const unsigned char
     secp256k1_sha256_write(&sha, x, 32);
     secp256k1_sha256_finalize(&sha, output);
 
+    SECP256K1_CLEANSE(sha);
     return 1;
 }
 
@@ -58,9 +59,12 @@ int secp256k1_ecdh(const secp256k1_context* ctx, unsigned char *output, const se
         secp256k1_fe_get_b32(y, &pt.y);
 
         ret = hashfp(output, x, y, data);
+        SECP256K1_CLEANSE(x);
+        SECP256K1_CLEANSE(y);
     }
 
     SECP256K1_CLEANSE(s);
+    SECP256K1_CLEANSE(pt);
     return ret;
 }
 

Original file line number	Diff line number	Diff line change
`@@ -20,6 +20,7 @@ static int ecdh_hash_function_sha256(unsigned char *output, const unsigned char`
`20`	`20`	`secp256k1_sha256_write(&sha, x, 32);`
`21`	`21`	`secp256k1_sha256_finalize(&sha, output);`
`22`	`22`
	`23`	`+ SECP256K1_CLEANSE(sha);`
`23`	`24`	`return 1;`
`24`	`25`	`}`
`25`	`26`
`@@ -58,9 +59,12 @@ int secp256k1_ecdh(const secp256k1_context* ctx, unsigned char *output, const se`
`58`	`59`	`secp256k1_fe_get_b32(y, &pt.y);`
`59`	`60`
`60`	`61`	`ret = hashfp(output, x, y, data);`
	`62`	`+ SECP256K1_CLEANSE(x);`
	`63`	`+ SECP256K1_CLEANSE(y);`
`61`	`64`	`}`
`62`	`65`
`63`	`66`	`SECP256K1_CLEANSE(s);`
	`67`	`+ SECP256K1_CLEANSE(pt);`
`64`	`68`	`return ret;`
`65`	`69`	`}`
`66`	`70`