mirror of
https://github.com/yuzu-emu/mbedtls.git
synced 2024-11-29 10:04:24 +01:00
Remove a useless zeroization
Remove the zeroization of a pointer variable in the AES block functions. The code was valid but spurious and misleading since it looked like a mistaken attempt to zeroize the pointed-to buffer. Reported by Antonio de la Piedra, CEA Leti, France. Note that we do not zeroize the buffer here because these are the round keys, and they need to stay until all the blocks are processed. They will be zeroized in mbedtls_aes_free(). Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
This commit is contained in:
parent
b74e0d0bc5
commit
02c7b48a70
5
ChangeLog.d/aes-zeroize-pointer.txt
Normal file
5
ChangeLog.d/aes-zeroize-pointer.txt
Normal file
@ -0,0 +1,5 @@
|
||||
Changes
|
||||
* Remove the zeroization of a pointer variable in AES rounds. It was valid
|
||||
but spurious and misleading since it looked like a mistaken attempt to
|
||||
zeroize the pointed-to buffer. Reported by Antonio de la Piedra, CEA
|
||||
Leti, France.
|
@ -953,8 +953,6 @@ int mbedtls_internal_aes_encrypt( mbedtls_aes_context *ctx,
|
||||
mbedtls_platform_zeroize( &Y2, sizeof( Y2 ) );
|
||||
mbedtls_platform_zeroize( &Y3, sizeof( Y3 ) );
|
||||
|
||||
mbedtls_platform_zeroize( &RK, sizeof( RK ) );
|
||||
|
||||
return( 0 );
|
||||
}
|
||||
#endif /* !MBEDTLS_AES_ENCRYPT_ALT */
|
||||
@ -1033,8 +1031,6 @@ int mbedtls_internal_aes_decrypt( mbedtls_aes_context *ctx,
|
||||
mbedtls_platform_zeroize( &Y2, sizeof( Y2 ) );
|
||||
mbedtls_platform_zeroize( &Y3, sizeof( Y3 ) );
|
||||
|
||||
mbedtls_platform_zeroize( &RK, sizeof( RK ) );
|
||||
|
||||
return( 0 );
|
||||
}
|
||||
#endif /* !MBEDTLS_AES_DECRYPT_ALT */
|
||||
|
Loading…
Reference in New Issue
Block a user