[Cryptech-Commits] [sw/libhal] branch auto_zeroise updated: If a KEK is given to keywrap/unwrap, zero it out of the keywrap core after use.

[git at cryptech.is]

This is an automated email from the git hooks/post-receive script.

paul at psgd.org pushed a commit to branch auto_zeroise
in repository sw/libhal.

The following commit(s) were added to refs/heads/auto_zeroise by this push:
     new e529855  If a KEK is given to keywrap/unwrap, zero it out of the keywrap core after use.
e529855 is described below

commit e529855f7e15a14fed0ee16c9af1b55d7c55c660
Author: Paul Selkirk <paul at psgd.org>
AuthorDate: Wed Feb 13 16:05:42 2019 -0500

    If a KEK is given to keywrap/unwrap, zero it out of the keywrap core after use.
    
    The key-export mechanism unwraps the key with the KEK from Master Key
    Memory, then re-wraps it with a random KEK. If that random KEK stays in
    the keywrap core, it will cause problems for all subsequent wrap/unwrap
    operations.
---
 aes_keywrap.c | 4 ++++
 1 file changed, 4 insertions(+)

diff --git a/aes_keywrap.c b/aes_keywrap.c
index 63e0cf7..1ee857b 100644
--- a/aes_keywrap.c
+++ b/aes_keywrap.c
@@ -383,6 +383,8 @@ hal_error_t hal_aes_keywrap(hal_core_t *core,
   }
 
 out:
+  if (K != NULL)
+    hal_aes_keywrap_zero(core);
   if (free_core)
     hal_core_free(core);
   return err;
@@ -483,6 +485,8 @@ hal_error_t hal_aes_keyunwrap(hal_core_t *core,
   memmove(Q, Q + 8, m);
 
 out:
+  if (K != NULL)
+    hal_aes_keywrap_zero(core);
   if (free_core)
     hal_core_free(core);
   return err;

-- 
To stop receiving notification emails like this one, please contact
the administrator of this repository.