X-Git-Url: https://git.distorted.org.uk/~mdw/catacomb/blobdiff_plain/c2603631178b688a6f8ce5eccd461e74718058d5..1aaccf40b93719fd3df7cc89e023b9bb48b358b6:/pub/x25519.c

diff --git a/pub/x25519.c b/pub/x25519.c
index aeff290e..f8971298 100644
--- a/pub/x25519.c
+++ b/pub/x25519.c
@@ -114,6 +114,8 @@ void x25519(octet zz[X25519_OUTSZ],
 #include <mLib/report.h>
 #include <mLib/testrig.h>
 
+#include "ct.h"
+
 static int vrf_x25519(dstr dv[])
 {
   dstr dz = DSTR_INIT;
@@ -123,10 +125,12 @@ static int vrf_x25519(dstr dv[])
   if (dv[1].len != X25519_PUBSZ) die(1, "bad public length");
   if (dv[2].len != X25519_OUTSZ) die(1, "bad result length");
 
+  ct_poison(dv[0].buf, dv[0].len);
   dstr_ensure(&dz, X25519_OUTSZ); dz.len = X25519_OUTSZ;
   x25519((octet *)dz.buf,
 	 (const octet *)dv[0].buf,
 	 (const octet *)dv[1].buf);
+  ct_remedy(dz.buf, dz.len);
   if (memcmp(dz.buf, dv[2].buf, X25519_OUTSZ) != 0) {
     ok = 0;
     fprintf(stderr, "failed!");