From 5706e920a465d187ba3fe428417b195276aa4da0 Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Tue, 25 Aug 2020 19:28:13 +0200 Subject: [PATCH] Remove a useless zeroization Remove the zeroization of a pointer variable in the AES block functions. The code was valid but spurious and misleading since it looked like a mistaken attempt to zeroize the pointed-to buffer. Reported by Antonio de la Piedra, CEA Leti, France. Note that we do not zeroize the buffer here because these are the round keys, and they need to stay until all the blocks are processed. They will be zeroized in mbedtls_aes_free(). Signed-off-by: Gilles Peskine --- ChangeLog.d/aes-zeroize-pointer.txt | 5 +++++ library/aes.c | 4 ---- 2 files changed, 5 insertions(+), 4 deletions(-) create mode 100644 ChangeLog.d/aes-zeroize-pointer.txt diff --git a/ChangeLog.d/aes-zeroize-pointer.txt b/ChangeLog.d/aes-zeroize-pointer.txt new file mode 100644 index 000000000..ccc6dc159 --- /dev/null +++ b/ChangeLog.d/aes-zeroize-pointer.txt @@ -0,0 +1,5 @@ +Changes + * Remove the zeroization of a pointer variable in AES rounds. It was valid + but spurious and misleading since it looked like a mistaken attempt to + zeroize the pointed-to buffer. Reported by Antonio de la Piedra, CEA + Leti, France. diff --git a/library/aes.c b/library/aes.c index e0c7a11c3..7b5e2c663 100644 --- a/library/aes.c +++ b/library/aes.c @@ -796,8 +796,6 @@ int mbedtls_internal_aes_encrypt( mbedtls_aes_context *ctx, mbedtls_zeroize( &Y2, sizeof( Y2 ) ); mbedtls_zeroize( &Y3, sizeof( Y3 ) ); - mbedtls_zeroize( &RK, sizeof( RK ) ); - return( 0 ); } #endif /* !MBEDTLS_AES_ENCRYPT_ALT */ @@ -876,8 +874,6 @@ int mbedtls_internal_aes_decrypt( mbedtls_aes_context *ctx, mbedtls_zeroize( &Y2, sizeof( Y2 ) ); mbedtls_zeroize( &Y3, sizeof( Y3 ) ); - mbedtls_zeroize( &RK, sizeof( RK ) ); - return( 0 ); } #endif /* !MBEDTLS_AES_DECRYPT_ALT */