feedc0de/wolfssl
1
0
Fork 0
forked from wolfSSL/wolfssl
Code Pull Requests Activity

linuxkm/lkcapi_glue.c: in km_AesGet(), only null aes_copy->streamData in

Browse Source 
WOLFSSL_AESGCM_STREAM builds, and in km_AesFree(), remove ad hoc zeroization of
  (*aes)->streamData gated on FIPS_VERSION3_LT(6,0,0) because it doesn't include
  WOLFSSL_AESGCM_STREAM.
This commit is contained in:
Daniel Pouzzner
2025-04-03 21:34:11 -05:00
parent 47ed447987
commit 2c001ccec1
1 changed files with 1 additions and 9 deletions
Download Patch File Download Diff File Expand all files Collapse all files

10
linuxkm/lkcapi_glue.c
View File

@@ -485,7 +485,7 @@ static int km_AesGet(struct km_AesCtx *ctx, int decrypt_p, int copy_p, Aes **aes
if (aes_copy == NULL) if (aes_copy == NULL)
return -ENOMEM; return -ENOMEM;
XMEMCPY(aes_copy, ret, sizeof(Aes)); XMEMCPY(aes_copy, ret, sizeof(Aes));
#if defined(WOLFSSL_SMALL_STACK) && !defined(WOLFSSL_AESNI) #if defined(WOLFSSL_AESGCM_STREAM) && defined(WOLFSSL_SMALL_STACK) && !defined(WOLFSSL_AESNI)
aes_copy->streamData = NULL; aes_copy->streamData = NULL;
#endif #endif
*aes = aes_copy; *aes = aes_copy;
@@ -500,14 +500,6 @@ static int km_AesGet(struct km_AesCtx *ctx, int decrypt_p, int copy_p, Aes **aes
static void km_AesFree(Aes **aes) { static void km_AesFree(Aes **aes) {
if ((! aes) || (! *aes)) if ((! aes) || (! *aes))
return; return;
#if defined(HAVE_FIPS) && FIPS_VERSION3_LT(6,0,0)
#if defined(WOLFSSL_SMALL_STACK) && !defined(WOLFSSL_AESNI)
if ((*aes)->streamData) {
ForceZero((*aes)->streamData, 5 * AES_BLOCK_SIZE);
free((*aes)->streamData);
}
#endif
#endif
wc_AesFree(*aes); wc_AesFree(*aes);
#if defined(HAVE_FIPS) && FIPS_VERSION3_LT(6,0,0) #if defined(HAVE_FIPS) && FIPS_VERSION3_LT(6,0,0)
ForceZero(*aes, sizeof **aes); ForceZero(*aes, sizeof **aes);