more zeroizing

tari-project · Aug 27, 2023 · 59a1957 · 59a1957
1 parent f24bda1
commit 59a1957
Show file tree

Hide file tree

Showing 3 changed files with 20 additions and 13 deletions.
diff --git a/src/extended_range_proof.rs b/src/extended_range_proof.rs
@@ -4,6 +4,7 @@
 //! Extended range proofs
 
 use std::{string::ToString, vec::Vec};
+use zeroize::Zeroize;
 
 use crate::{
     commitment::{ExtensionDegree, HomomorphicCommitment},
@@ -99,13 +100,19 @@ pub trait ExtendedRangeProofService {
 
 /// Extended blinding factor vector used as part of the witness to construct an extended proof, or rewind data
 /// extracted from a range proof containing the mask (e.g. blinding factor vector).
-#[derive(Debug, Clone, PartialEq, Eq)]
+#[derive(Debug, Clone, PartialEq, Eq, Zeroize)]
 pub struct ExtendedMask<K>
 where K: SecretKey
 {
     secrets: Vec<K>,
 }
 
+impl<K:SecretKey> Drop for ExtendedMask<K>{
+    fn drop(&mut self) {
+        self.secrets.zeroize();
+    }
+}
+
 impl<K> ExtendedMask<K>
 where K: SecretKey
 {
@@ -200,7 +207,7 @@ where PK: PublicKey
 
 /// The extended witness contains the extended mask (blinding factor vector), value and a minimum value
 /// promise; this will be used to construct the extended range proof
-#[derive(Clone)]
+#[derive(Clone, Zeroize)]
 pub struct ExtendedWitness<K>
 where K: SecretKey
 {
@@ -212,6 +219,14 @@ where K: SecretKey
     pub minimum_value_promise: u64,
 }
 
+impl<K: SecretKey> Drop for ExtendedWitness<K>{
+    fn drop(&mut self) {
+        self.mask.zeroize();
+        self.value.zeroize();
+        self.minimum_value_promise.zeroize();
+    }
+}
+
 impl<K> ExtendedWitness<K>
 where K: SecretKey
 {

diff --git a/src/ristretto/pedersen/extended_commitment_factory.rs b/src/ristretto/pedersen/extended_commitment_factory.rs
@@ -4,7 +4,7 @@
 //! Extended commitments are commitments that have more than one blinding factor.
 
 use alloc::vec::Vec;
-use core::{borrow::Borrow, iter::once};
+use core::{iter::once};
 
 use curve25519_dalek::{
     ristretto::{CompressedRistretto, RistrettoPoint},
@@ -90,8 +90,6 @@ impl ExtendedPedersenCommitmentFactory {
         value: &Scalar,
         blinding_factors: &[Scalar],
     ) -> Result<RistrettoPoint, CommitmentError>
-    where
-        for<'a> &'a Scalar: Borrow<Scalar>,
     {
         if blinding_factors.is_empty() || blinding_factors.len() > self.extension_degree as usize {
             Err(CommitmentError::CommitmentExtensionDegree {
@@ -106,13 +104,13 @@ impl ExtendedPedersenCommitmentFactory {
             }
             #[cfg(not(feature = "precomputed_tables"))]
             {
-                let scalars = once(value).chain(blinding_factors);
+                let scalars = once(value).chain(blinding_factors.iter());
                 let g_base_head = self.g_base_vec.iter().take(blinding_factors.len());
                 let points = once(&self.h_base).chain(g_base_head);
                 Ok(RistrettoPoint::multiscalar_mul(scalars, points))
             }
         } else {
-            let scalars = once(value).chain(blinding_factors);
+            let scalars = once(value).chain(blinding_factors.iter());
             let g_base_head = self.g_base_vec.iter().take(blinding_factors.len());
             let points = once(&self.h_base).chain(g_base_head);
             Ok(RistrettoPoint::multiscalar_mul(scalars, points))

diff --git a/src/ristretto/ristretto_keys.rs b/src/ristretto/ristretto_keys.rs
@@ -214,12 +214,6 @@ impl From<u64> for RistrettoSecretKey {
     }
 }
 
-impl From<Scalar> for RistrettoSecretKey {
-    fn from(s: Scalar) -> Self {
-        RistrettoSecretKey(s)
-    }
-}
-
 //---------------------------------------------      Borrow impl     -------------------------------------------------//
 
 impl<'a> Borrow<Scalar> for &'a RistrettoSecretKey {