bootutil: crypto: avoid unuseful memset

Avoid memset'ing a buffer that does not hold a secret; it contains
the encryption of the counter.

Signed-off-by: Fabio Utzig <fabio.utzig@nordicsemi.no>
This commit is contained in:
Fabio Utzig 2020-11-06 15:10:30 -03:00 committed by Fabio Utzig
parent 1d0467e833
commit d3838989d2
1 changed files with 2 additions and 8 deletions

View File

@ -62,19 +62,13 @@ static inline int bootutil_aes_ctr_set_key(bootutil_aes_ctr_context *ctx, const
static inline int bootutil_aes_ctr_encrypt(bootutil_aes_ctr_context *ctx, uint8_t *counter, const uint8_t *m, uint32_t mlen, size_t blk_off, uint8_t *c) static inline int bootutil_aes_ctr_encrypt(bootutil_aes_ctr_context *ctx, uint8_t *counter, const uint8_t *m, uint32_t mlen, size_t blk_off, uint8_t *c)
{ {
uint8_t stream_block[BOOTUTIL_CRYPTO_AES_CTR_BLOCK_SIZE]; uint8_t stream_block[BOOTUTIL_CRYPTO_AES_CTR_BLOCK_SIZE];
int rc; return mbedtls_aes_crypt_ctr(ctx, mlen, &blk_off, counter, stream_block, m, c);
rc = mbedtls_aes_crypt_ctr(ctx, mlen, &blk_off, counter, stream_block, m, c);
memset(stream_block, 0, BOOTUTIL_CRYPTO_AES_CTR_BLOCK_SIZE);
return rc;
} }
static inline int bootutil_aes_ctr_decrypt(bootutil_aes_ctr_context *ctx, uint8_t *counter, const uint8_t *c, uint32_t clen, size_t blk_off, uint8_t *m) static inline int bootutil_aes_ctr_decrypt(bootutil_aes_ctr_context *ctx, uint8_t *counter, const uint8_t *c, uint32_t clen, size_t blk_off, uint8_t *m)
{ {
uint8_t stream_block[BOOTUTIL_CRYPTO_AES_CTR_BLOCK_SIZE]; uint8_t stream_block[BOOTUTIL_CRYPTO_AES_CTR_BLOCK_SIZE];
int rc; return mbedtls_aes_crypt_ctr(ctx, clen, &blk_off, counter, stream_block, c, m);
rc = mbedtls_aes_crypt_ctr(ctx, clen, &blk_off, counter, stream_block, c, m);
memset(stream_block, 0, BOOTUTIL_CRYPTO_AES_CTR_BLOCK_SIZE);
return rc;
} }
#endif /* MCUBOOT_USE_MBED_TLS */ #endif /* MCUBOOT_USE_MBED_TLS */