wolfSSL/wolfssl
1
0
Fork 1
mirror of https://github.com/wolfSSL/wolfssl.git synced 2025-08-01 03:34:39 +02:00
Code Issues Packages Projects Releases Wiki Activity

AES Clear Temp

Browse Source 
ForceZero()'ed a couple local variables that have keying material at some point.
This commit is contained in:
John Safranek
2020-10-12 10:30:34 -07:00
parent 724eb96047
commit 5ead4386b3
1 changed files with 4 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

4
wolfcrypt/src/aes.c
View File

@@ -2820,6 +2820,7 @@ static void wc_AesDecrypt(Aes* aes, const byte* inBlock, byte* outBlock)
default:
return BAD_FUNC_ARG;
} /* switch */
ForceZero(&temp, sizeof(temp));
#if defined(HAVE_AES_DECRYPT)
if (dir == AES_DECRYPTION) {
@@ -2833,6 +2834,7 @@ static void wc_AesDecrypt(Aes* aes, const byte* inBlock, byte* outBlock)
temp = rk[i + 2]; rk[i + 2] = rk[j + 2]; rk[j + 2] = temp;
temp = rk[i + 3]; rk[i + 3] = rk[j + 3]; rk[j + 3] = temp;
}
ForceZero(&temp, sizeof(temp));
#if !defined(WOLFSSL_AES_SMALL_TABLES)
/* apply the inverse MixColumn transform to all round keys but the
first and the last: */
@@ -5035,6 +5037,7 @@ static void AES_GCM_encrypt(const unsigned char *in,
T = _mm_xor_si128(X, T);
/*_mm_storeu_si128((__m128i*)tag, T);*/
XMEMCPY(tag, &T, tbytes);
ForceZero(&lastKey, sizeof(lastKey));
}
#ifdef HAVE_AES_DECRYPT
@@ -5365,6 +5368,7 @@ static void AES_GCM_decrypt(const unsigned char *in,
*res = 0; /* in case the authentication failed */
else
*res = 1; /* when successful returns 1 */
ForceZero(&lastKey, sizeof(lastKey));
}
#endif /* HAVE_AES_DECRYPT */