Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Zeroize types/fields containing secrets #1492

Merged
merged 8 commits into from
Oct 20, 2023
Merged

Zeroize types/fields containing secrets #1492

merged 8 commits into from
Oct 20, 2023

Commits on Oct 19, 2023

  1. AeadKey: zeroize on drop

    @ctz
    ctz committed Oct 19, 2023
    Configuration menu
    Copy the full SHA
    a3c7f86 View commit details
    Browse the repository at this point in the history

  2. SharedSecret: zeroize on drop

    @ctz
    ctz committed Oct 19, 2023
    Configuration menu
    Copy the full SHA
    3834a7e View commit details
    Browse the repository at this point in the history

  3. hmac::Tag: zeroize on drop 

    This is not always a secret quantity, but treating it as such covers
zeroisation on `OkmBlock`, and hence tls13::key_schedule.  It also
covers some intermediate values in hkdf computations.
    @ctz
    ctz committed Oct 19, 2023
    Configuration menu
    Copy the full SHA
    f7c74ba View commit details
    Browse the repository at this point in the history

  4. tls12::ConnectionSecrets: zeroize on drop

    @ctz
    ctz committed Oct 19, 2023
    Configuration menu
    Copy the full SHA
    76d74de View commit details
    Browse the repository at this point in the history

  5. PayloadU8: impl Zeroize 

    So we can wrap it in `zeroize::Zeroizing`
    @ctz
    ctz committed Oct 19, 2023
    Configuration menu
    Copy the full SHA
    84725be View commit details
    Browse the repository at this point in the history

  6. ClientSessionCommon::master_secret: zeroize on drop

    @ctz
    ctz committed Oct 19, 2023
    Configuration menu
    Copy the full SHA
    b626eaa View commit details
    Browse the repository at this point in the history

  7. ServerSessionValue::master_secret zeroize on drop

    @ctz
    ctz committed Oct 19, 2023
    Configuration menu
    Copy the full SHA
    19b6a49 View commit details
    Browse the repository at this point in the history

  8. persist: avoid passing secrets in as Vec<u8> 

    This avoids having them as 'loose' unzeroized type on the way to being moved
to their final home.

This is sufficient, because:

- tls12: the secret comes from
  `tls12::ConnectionSecrets::master_secret()` which borrows from its
  internal storage; `tls12::ConnectionSecrets::drop` zeroes this
  storage.
- tls13: the secret comes from
  `resumption_master_secret_and_derive_ticket_psk`, of type `hkdf::OkmBlock`,
  which we borrow from.  Only once the borrow finishes will that be
  zeroized.
    @ctz
    ctz committed Oct 19, 2023
    Configuration menu
    Copy the full SHA
    3f90aba View commit details
    Browse the repository at this point in the history