Zeroize secp256k1 keys on drop

anoma · Sep 28, 2023 · 496bcce · 496bcce
1 parent f50511c
commit 496bcce
Showing 1 changed file with 22 additions and 0 deletions.
diff --git a/core/src/types/key/secp256k1.rs b/core/src/types/key/secp256k1.rs
@@ -11,12 +11,14 @@ use borsh::{BorshDeserialize, BorshSchema, BorshSerialize};
 use data_encoding::HEXLOWER;
 use ethabi::ethereum_types::U256;
 use ethabi::Token;
+use libsecp256k1::curve::Scalar;
 use libsecp256k1::RecoveryId;
 #[cfg(feature = "rand")]
 use rand::{CryptoRng, RngCore};
 use serde::de::{Error, SeqAccess, Visitor};
 use serde::ser::SerializeTuple;
 use serde::{Deserialize, Serialize, Serializer};
+use zeroize::{Zeroize, ZeroizeOnDrop};
 
 use super::{
     ParsePublicKeyError, ParseSecretKeyError, ParseSignatureError, RefTo,
@@ -170,6 +172,26 @@ impl From<&PublicKey> for EthAddress {
 #[derive(Debug, Clone)]
 pub struct SecretKey(pub Box<libsecp256k1::SecretKey>);
 
+impl ZeroizeOnDrop for SecretKey {}
+
+impl Drop for SecretKey {
+    fn drop(&mut self) {
+        self.zeroize();
+    }
+}
+
+impl Zeroize for SecretKey {
+    fn zeroize(&mut self) {
+        let Scalar(buf): &mut Scalar = unsafe {
+            // SAFETY: a libsecp256k1 secret key is just
+            // a wrapper around a scalar value, which itself
+            // is a wrapper around a byte buffer
+            std::mem::transmute(&mut *self.0)
+        };
+        buf.zeroize();
+    }
+}
+
 impl super::SecretKey for SecretKey {
     type PublicKey = PublicKey;