From f32fa075f14d2b3a1213098274e0ba88c7761283 Mon Sep 17 00:00:00 2001
From: Gustav Simonsson <gustav.simonsson@gmail.com>
Date: Mon, 28 Sep 2015 11:19:23 +0200
Subject: core/secp256k1: update libsecp256k1 Go wrapper and tests

---
 crypto/crypto.go | 10 +++++++++-
 1 file changed, 9 insertions(+), 1 deletion(-)

(limited to 'crypto/crypto.go')

diff --git a/crypto/crypto.go b/crypto/crypto.go
index b3a8d730b..672fb069a 100644
--- a/crypto/crypto.go
+++ b/crypto/crypto.go
@@ -198,7 +198,9 @@ func Sign(hash []byte, prv *ecdsa.PrivateKey) (sig []byte, err error) {
 		return nil, fmt.Errorf("hash is required to be exactly 32 bytes (%d)", len(hash))
 	}
 
-	sig, err = secp256k1.Sign(hash, common.LeftPadBytes(prv.D.Bytes(), prv.Params().BitSize/8))
+	seckey := common.LeftPadBytes(prv.D.Bytes(), prv.Params().BitSize/8)
+	defer zeroBytes(seckey)
+	sig, err = secp256k1.Sign(hash, seckey)
 	return
 }
 
@@ -337,3 +339,9 @@ func PubkeyToAddress(p ecdsa.PublicKey) common.Address {
 	pubBytes := FromECDSAPub(&p)
 	return common.BytesToAddress(Sha3(pubBytes[1:])[12:])
 }
+
+func zeroBytes(bytes []byte) {
+	for i := range bytes {
+		bytes[i] = 0
+	}
+}
-- 
cgit v1.2.3