zero pk on failure

jakemas · jakemas · commit 1cd4dd727d53 · 2025-11-21T09:32:25.000-08:00
Signed-off-by: Jake Massimo &lt;jakemas@amazon.com&gt;
diff --git a/mldsa/src/sign.c b/mldsa/src/sign.c
@@ -1213,6 +1213,7 @@ int crypto_sign_pk_from_sk(uint8_t pk[CRYPTO_PUBLICKEYBYTES],
   if (res != 0)
   {
     res = -1;
+    mld_zeroize(pk, CRYPTO_PUBLICKEYBYTES);
     goto cleanup;
   }
 
@@ -1223,6 +1224,7 @@ int crypto_sign_pk_from_sk(uint8_t pk[CRYPTO_PUBLICKEYBYTES],
   if (res != 0)
   {
     res = -1;
+    mld_zeroize(pk, CRYPTO_PUBLICKEYBYTES);
     goto cleanup;
   }
 

Original file line number	Diff line number	Diff line change
`@@ -1213,6 +1213,7 @@ int crypto_sign_pk_from_sk(uint8_t pk[CRYPTO_PUBLICKEYBYTES],`
`1213`	`1213`	`if (res != 0)`
`1214`	`1214`	`{`
`1215`	`1215`	`res = -1;`
	`1216`	`+ mld_zeroize(pk, CRYPTO_PUBLICKEYBYTES);`
`1216`	`1217`	`goto cleanup;`
`1217`	`1218`	`}`
`1218`	`1219`
`@@ -1223,6 +1224,7 @@ int crypto_sign_pk_from_sk(uint8_t pk[CRYPTO_PUBLICKEYBYTES],`
`1223`	`1224`	`if (res != 0)`
`1224`	`1225`	`{`
`1225`	`1226`	`res = -1;`
	`1227`	`+ mld_zeroize(pk, CRYPTO_PUBLICKEYBYTES);`
`1226`	`1228`	`goto cleanup;`
`1227`	`1229`	`}`
`1228`	`1230`