Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Allow wiping out AES key after usage. #3189

Open
coolwanglu opened this issue Feb 28, 2025 · 3 comments
Open

Allow wiping out AES key after usage. #3189

coolwanglu opened this issue Feb 28, 2025 · 3 comments
Labels
peripheral:aes AES peripheral

Comments

@coolwanglu
Copy link

coolwanglu commented Feb 28, 2025
edited
Loading

Motivations

Currently the AES module copies the key, and it is not wiped out after usage.

Solution

Use Zeroize on Key to automatically wipe it out on drop. This can be guarded by a feature.

Example:

#[derive(ZeroizeOnDrop)]
struct Key {}

Alternatives

The AES library does not make a copy. Instead it takes only a reference and the caller should wipe it out if necessary.
This changes the API though.
@coolwanglu coolwanglu added the status:needs-attention This should be prioritized label Feb 28, 2025
@coolwanglu
Copy link
Author

I could send a PR if this sounds good. Not sure how to test it properly though.

@bugadani
Copy link
Contributor

It would probably be best if we didn't copy the key just to then copy it into the hardware. Regardless of that, zeroing it on drop sounds reasonable to me, so maybe we should have both?

@Dominaezzz
Copy link
Collaborator

Maybe Key should just go away and process can just take a slice directly instead.

The fact that Mode and Key are specified separately makes the Key enum feel like boilerplate to me.

This way user can zeroize their slices themselves.

@JurajSadel JurajSadel removed the status:needs-attention This should be prioritized label Mar 3, 2025
@MabezDev MabezDev added examples There is a problem with one or more of the examples status:needs-attention This should be prioritized peripheral:aes AES peripheral and removed examples There is a problem with one or more of the examples status:needs-attention This should be prioritized labels Mar 3, 2025
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
peripheral:aes AES peripheral
Projects
esp-rs
Status: Todo
Milestone
No milestone
Development

No branches or pull requests
5 participants
@coolwanglu @bugadani @MabezDev @Dominaezzz @JurajSadel