From 7ab8ddef9413e210f8c9ca15169e011bdde1928f Mon Sep 17 00:00:00 2001
From: Frank Denis <github@pureftpd.org>
Date: Sun, 25 Oct 2015 01:22:11 +0200
Subject: [PATCH] Zero the stack in crypto_box_seed_keypair()

---
 .../ref/keypair_curve25519xsalsa20poly1305.c                    | 2 ++
 1 file changed, 2 insertions(+)

diff --git a/src/libsodium/crypto_box/curve25519xsalsa20poly1305/ref/keypair_curve25519xsalsa20poly1305.c b/src/libsodium/crypto_box/curve25519xsalsa20poly1305/ref/keypair_curve25519xsalsa20poly1305.c
index e2a03faa..64ec31e9 100644
--- a/src/libsodium/crypto_box/curve25519xsalsa20poly1305/ref/keypair_curve25519xsalsa20poly1305.c
+++ b/src/libsodium/crypto_box/curve25519xsalsa20poly1305/ref/keypair_curve25519xsalsa20poly1305.c
@@ -4,6 +4,7 @@
 #include "crypto_scalarmult_curve25519.h"
 #include "api.h"
 #include "randombytes.h"
+#include "utils.h"
 
 int crypto_box_seed_keypair(
   unsigned char *pk,
@@ -14,6 +15,7 @@ int crypto_box_seed_keypair(
   unsigned char hash[64];
   crypto_hash_sha512(hash,seed,32);
   memmove(sk,hash,32);
+  sodium_memzero(hash, sizeof hash);
   return crypto_scalarmult_curve25519_base(pk,sk);
 }