Merge #1650: schnorrsig: clear out masked secret key in BIP-340 nonce…

… function a82287f schnorrsig: clear out masked secret key in BIP-340 nonce function (Sebastian Falbesoner) Pull request description: ACKs for top commit: real-or-random: utACK a82287f jonasnick: ACK a82287f Tree-SHA512: 0e77ddc299e204edae238759e549d4e8314abb730a654580a109ec05daf53a625be1cc37664a9e00fd41cf34a94abede96b547e661cdf18c40c50141e7b4ee0e
bitcoin-core · Jan 29, 2025 · 00774d0 · 00774d0
2 parents f79f46c + a82287f
commit 00774d0
Showing 1 changed file with 2 additions and 0 deletions.
diff --git a/src/modules/schnorrsig/main_impl.h b/src/modules/schnorrsig/main_impl.h
@@ -94,6 +94,8 @@ static int nonce_function_bip340(unsigned char *nonce32, const unsigned char *ms
     secp256k1_sha256_write(&sha, msg, msglen);
     secp256k1_sha256_finalize(&sha, nonce32);
     secp256k1_sha256_clear(&sha);
+    secp256k1_memclear(masked_key, sizeof(masked_key));
+
     return 1;
 }