Author: jhb
Date: Wed Aug 26 22:11:22 2020
New Revision: 364845
URL: https://svnweb.freebsd.org/changeset/base/364845
Log:
MFC 361776: Explicitly zero AES key schedules on the stack.
Modified:
stable/12/sys/dev/cxgbe/crypto/t4_keyctx.c
Directory Properties:
stable/12/ (props changed)
Modified: stable/12/sys/dev/cxgbe/crypto/t4_keyctx.c
==============================================================================
--- stable/12/sys/dev/cxgbe/crypto/t4_keyctx.c Wed Aug 26 21:49:43 2020
(r364844)
+++ stable/12/sys/dev/cxgbe/crypto/t4_keyctx.c Wed Aug 26 22:11:22 2020
(r364845)
@@ -75,6 +75,7 @@ t4_init_gmac_hash(const char *key, int klen, char *gha
rounds = rijndaelKeySetupEnc(keysched, key, klen);
rijndaelEncrypt(keysched, rounds, zeroes, ghash);
+ explicit_bzero(keysched, sizeof(keysched));
}
/* Copy out the partial hash state from a software hash implementation. */
@@ -195,4 +196,5 @@ t4_aes_getdeckey(void *dec_key, const void *enc_key, u
break;
}
MPASS(dkey == dec_key);
+ explicit_bzero(ek, sizeof(ek));
}
_______________________________________________
svn-src-all@freebsd.org mailing list
https://lists.freebsd.org/mailman/listinfo/svn-src-all
To unsubscribe, send any mail to "svn-src-all-unsubscr...@freebsd.org"
