crypto: aead,cipher - zeroize key buffer after use

I.G 9.7.B for FIPS 140-3 specifies that variables temporarily holding cryptographic information should be zeroized once they are no longer needed. Accomplish this by using kfree_sensitive for buffers that previously held the private key. Signed-off-by: Hailey Mothershead <hailmo@amazon.com> Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
2024-11-10 06:01:57 +00:00 · 2024-04-15 22:19:15 +00:00 · 2024-04-15 22:19:15 +00:00 · 23e4099bdc
commit 23e4099bdc
parent 571e557cba
2 changed files with 2 additions and 4 deletions
--- a/crypto/aead.c
+++ b/crypto/aead.c
@ -36,8 +36,7 @@ static int setkey_unaligned(struct crypto_aead *tfm, const u8 *key,
 	alignbuffer = (u8 *)ALIGN((unsigned long)buffer, alignmask + 1);
 	memcpy(alignbuffer, key, keylen);
 	ret = crypto_aead_alg(tfm)->setkey(tfm, alignbuffer, keylen);
-	memset(alignbuffer, 0, keylen);
+	kfree_sensitive(buffer);
 	kfree(buffer);
 	return ret;
 }
--- a/crypto/cipher.c
+++ b/crypto/cipher.c
@ -34,8 +34,7 @@ static int setkey_unaligned(struct crypto_cipher *tfm, const u8 *key,
 	alignbuffer = (u8 *)ALIGN((unsigned long)buffer, alignmask + 1);
 	memcpy(alignbuffer, key, keylen);
 	ret = cia->cia_setkey(crypto_cipher_tfm(tfm), alignbuffer, keylen);
-	memset(alignbuffer, 0, keylen);
+	kfree_sensitive(buffer);
 	kfree(buffer);
 	return ret;
 }