Thanks to @ch3root on Twitter for spotting it, and thanks to Chris
Emerson for bothering to let me know. I must have missed this when I
code-reviewed the ECC contribution.
bytes[31] &= 127;
bytes[31] |= 64;
key->privateKey = bignum_from_bytes(bytes, sizeof(bytes));
- for (i = 0; i < sizeof(bytes); ++i)
- {
- ((volatile char*)bytes)[i] = 0;
- }
+ smemclr(bytes, sizeof(bytes));
if (!key->privateKey) {
sfree(key);
return NULL;