Commit 2c41b773 authored by Geoff Simmons's avatar Geoff Simmons

Add KEY_Wipe(), and use it for secret keys, CEKs and PRKs.

parent 84a0cffa
......@@ -227,6 +227,16 @@ wipe(void * const dst, size_t len, uint8_t val)
}
}
void
KEY_Wipe(void * const key)
{
AN(key);
wipe(key, AES128_KEYLEN, 0xff);
wipe(key, AES128_KEYLEN, 0xaa);
wipe(key, AES128_KEYLEN, 0x55);
wipe(key, AES128_KEYLEN, 0x00);
}
/*
* wipe all the keys, destroy the rwlocks, de-allocate the free list,
* de-allocate the key pages
......@@ -247,10 +257,8 @@ KEY_Fini(void)
key = VRBT_ROOT(tree_h);
while (key != NULL) {
CHECK_OBJ(key, KEY_MAGIC);
wipe(key->key, 16, 0xff);
wipe(key->key, 16, 0xaa);
wipe(key->key, 16, 0x55);
wipe(key->key, 16, 0x00);
AN(key->key);
KEY_Wipe(key->key);
nxt_k = VRBT_NEXT(key_tree, tree_h, key);
VRBT_REMOVE(key_tree, tree_h, key);
FREE_OBJ(key);
......
......@@ -38,3 +38,4 @@ void KEY_Rdlock(uint8_t idlen);
void KEY_Unlock(uint8_t idlen);
uint8_t *KEY_Get(uint8_t *id, uint8_t idlen);
int KEY_Set(VRT_CTX, uint8_t *id, uint8_t idlen, const uint8_t *key);
void KEY_Wipe(void * const key);
......@@ -272,6 +272,7 @@ crypto_init(struct vfp_ctx *ctx, struct ece_crypto *crypto, uint8_t *salt,
|| derive_prenonce(prk, prenonce, errmsg) != 0)
return (VERR_DEC(ctx, "%s", errmsg));
KEY_Wipe(prk);
crypto->prenonce_hi = vbe32dec(prenonce);
crypto->prenonce_lo = vbe64dec(prenonce + 4);
memcpy(crypto->cek, cek, AES128_KEYLEN);
......@@ -388,8 +389,8 @@ vfp_common_fini(struct vfp_ctx *ctx, struct vfp_entry *ent)
if (ece->buf != NULL)
free(ece->buf);
if (ece->crypto != NULL) {
/* XXX wipe the cek */
CHECK_OBJ(ece->crypto, ECE_CRYPTO_MAGIC);
KEY_Wipe(ece->crypto->cek);
FREE_OBJ(ece->crypto);
}
if (ece->stream != NULL) {
......
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment