diff options
Diffstat (limited to 'src/libsodium/crypto_sign/ed25519/ref10/sign.c')
-rw-r--r-- | src/libsodium/crypto_sign/ed25519/ref10/sign.c | 18 |
1 files changed, 14 insertions, 4 deletions
diff --git a/src/libsodium/crypto_sign/ed25519/ref10/sign.c b/src/libsodium/crypto_sign/ed25519/ref10/sign.c index 88f4710..1ee5d6c 100644 --- a/src/libsodium/crypto_sign/ed25519/ref10/sign.c +++ b/src/libsodium/crypto_sign/ed25519/ref10/sign.c @@ -5,6 +5,7 @@ #include "crypto_hash_sha512.h" #include "ge.h" #include "sc.h" +#include "utils.h" int crypto_sign_detached(unsigned char *sig, unsigned long long *siglen, @@ -44,6 +45,9 @@ crypto_sign_detached(unsigned char *sig, unsigned long long *siglen, sc_reduce(hram); sc_muladd(sig + 32, hram, az, nonce); + sodium_memzero(az, sizeof az); + sodium_memzero(nonce, sizeof nonce); + if (siglen != NULL) { *siglen = 64U; } @@ -57,13 +61,19 @@ crypto_sign(unsigned char *sm, unsigned long long *smlen, { unsigned long long siglen; - if (crypto_sign_detached(sm, &siglen, m, mlen, sk) != 0 || - siglen > crypto_sign_ed25519_BYTES) { - *smlen = 0; + memmove(sm + crypto_sign_ed25519_BYTES, m, mlen); +/* LCOV_EXCL_START */ + if (crypto_sign_detached(sm, &siglen, sm + crypto_sign_ed25519_BYTES, + mlen, sk) != 0 || + siglen != crypto_sign_ed25519_BYTES) { + if (smlen != NULL) { + *smlen = 0; + } memset(sm, 0, mlen + crypto_sign_ed25519_BYTES); return -1; } - memmove(sm + siglen, m, mlen); +/* LCOV_EXCL_STOP */ + if (smlen != NULL) { *smlen = mlen + siglen; } |