Skip to content

Commit e99fe58

Browse files
committed
elliptic-curve: impl Zeroize for NonIdentity (RustCrypto#1832)
This PR implements `Zeroize` for `NonIdentity` setting it to `G` to prevent breaking any invariants.
1 parent 4801cca commit e99fe58

File tree

1 file changed

+20
-0
lines changed

1 file changed

+20
-0
lines changed

elliptic-curve/src/point/non_identity.rs

Lines changed: 20 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -8,6 +8,7 @@ use subtle::{Choice, ConditionallySelectable, ConstantTimeEq, CtOption};
88

99
#[cfg(feature = "serde")]
1010
use serdect::serde::{de, ser, Deserialize, Serialize};
11+
use zeroize::Zeroize;
1112

1213
use crate::{CurveArithmetic, NonZeroScalar, Scalar};
1314

@@ -193,12 +194,19 @@ where
193194
}
194195
}
195196

197+
impl<P: group::Group> Zeroize for NonIdentity<P> {
198+
fn zeroize(&mut self) {
199+
self.point = P::generator();
200+
}
201+
}
202+
196203
#[cfg(all(test, feature = "dev"))]
197204
mod tests {
198205
use super::NonIdentity;
199206
use crate::dev::{AffinePoint, ProjectivePoint};
200207
use group::GroupEncoding;
201208
use hex_literal::hex;
209+
use zeroize::Zeroize;
202210

203211
#[test]
204212
fn new_success() {
@@ -234,4 +242,16 @@ mod tests {
234242
let point = NonIdentity::<AffinePoint>::from_repr(&bytes.into()).unwrap();
235243
assert_eq!(&bytes, point.to_bytes().as_slice());
236244
}
245+
246+
#[test]
247+
fn zeroize() {
248+
let point = ProjectivePoint::from_bytes(
249+
&hex!("02c9afa9d845ba75166b5c215767b1d6934e50c3db36e89b127b8a622b120f6721").into(),
250+
)
251+
.unwrap();
252+
let mut point = NonIdentity::new(point).unwrap();
253+
point.zeroize();
254+
255+
assert_eq!(point.to_point(), ProjectivePoint::Generator);
256+
}
237257
}

0 commit comments

Comments
 (0)