Force-zero secrets in update_disk.c

danielinux · danielinux · commit ae1e9dfc0614 · 2026-03-12T09:28:51.000+01:00
F/97
diff --git a/src/update_disk.c b/src/update_disk.c
@@ -208,6 +208,12 @@ static int decrypt_header(const uint8_t *src, uint8_t *dst)
     return 0;
 }
 
+static void disk_crypto_clear(void)
+{
+    ForceZero(disk_encrypt_key, sizeof(disk_encrypt_key));
+    ForceZero(disk_encrypt_nonce, sizeof(disk_encrypt_nonce));
+}
+
 #endif /* DISK_ENCRYPT */
 
 extern int wolfBoot_get_dts_size(void *dts_addr);
@@ -254,11 +260,13 @@ void RAMFUNCTION wolfBoot_start(void)
 #ifdef DISK_ENCRYPT
     /* Initialize encryption - this sets up the cipher with key from storage */
     if (wolfBoot_initialize_encryption() != 0) {
+        disk_crypto_clear();
         wolfBoot_printf("Error initializing encryption\r\n");
         wolfBoot_panic();
     }
     /* Retrieve encryption key and nonce for disk decryption */
     if (wolfBoot_get_encrypt_key(disk_encrypt_key, disk_encrypt_nonce) != 0) {
+        disk_crypto_clear();
         wolfBoot_printf("Error getting encryption key\r\n");
         wolfBoot_panic();
     }
@@ -267,10 +275,16 @@ void RAMFUNCTION wolfBoot_start(void)
 
     ret = disk_init(BOOT_DISK);
     if (ret != 0) {
+#ifdef DISK_ENCRYPT
+        disk_crypto_clear();
+#endif
         wolfBoot_panic();
     }
 
     if (disk_open(BOOT_DISK) < 0) {
+#ifdef DISK_ENCRYPT
+        disk_crypto_clear();
+#endif
         wolfBoot_printf("Error opening disk %d\r\n", BOOT_DISK);
         wolfBoot_panic();
     }
@@ -306,6 +320,9 @@ void RAMFUNCTION wolfBoot_start(void)
     }
 
     if ((pB_ver == 0) && (pA_ver == 0)) {
+#ifdef DISK_ENCRYPT
+        disk_crypto_clear();
+#endif
         wolfBoot_printf("No valid OS image found in either partition %d or %d\r\n",
             BOOT_PART_A, BOOT_PART_B);
         wolfBoot_panic();
@@ -409,6 +426,7 @@ void RAMFUNCTION wolfBoot_start(void)
         wolfBoot_printf("Decrypting image...");
         BENCHMARK_START();
         if ((IMAGE_HEADER_SIZE % ENCRYPT_BLOCK_SIZE) != 0) {
+            disk_crypto_clear();
             wolfBoot_printf("Encrypted disk images require aligned header size\r\n");
             wolfBoot_panic();
         }
@@ -456,6 +474,9 @@ void RAMFUNCTION wolfBoot_start(void)
     } while (failures < MAX_FAILURES);
 
     if (failures) {
+#ifdef DISK_ENCRYPT
+        disk_crypto_clear();
+#endif
         wolfBoot_printf("Unable to find a valid partition!\r\n");
         wolfBoot_panic();
     }
@@ -512,6 +533,9 @@ void RAMFUNCTION wolfBoot_start(void)
 
 #ifdef WOLFBOOT_HOOK_BOOT
     wolfBoot_hook_boot(&os_image);
+#endif
+#ifdef DISK_ENCRYPT
+    disk_crypto_clear();
 #endif
     do_boot((uint32_t*)load_address
     #ifdef MMU
diff --git a/tools/unit-tests/Makefile b/tools/unit-tests/Makefile
@@ -47,7 +47,7 @@ TESTS:=unit-parser unit-extflash unit-string unit-spi-flash unit-aes128 \
        unit-image unit-image-rsa unit-nvm unit-nvm-flagshome unit-enc-nvm \
        unit-enc-nvm-flagshome unit-delta unit-update-flash \
        unit-update-flash-enc unit-update-ram unit-pkcs11_store unit-psa_store unit-disk \
-       unit-multiboot unit-boot-x86-fsp unit-qspi-flash unit-tpm-rsa-exp \
+       unit-update-disk unit-multiboot unit-boot-x86-fsp unit-qspi-flash unit-tpm-rsa-exp \
        unit-image-nopart unit-image-sha384 unit-image-sha3-384 \
        unit-tpm-blob
 
@@ -214,6 +214,9 @@ unit-update-flash-enc: ../../include/target.h unit-update-flash.c
 unit-update-ram: ../../include/target.h unit-update-ram.c
 	gcc -o $@ unit-update-ram.c ../../src/image.c $(WOLFBOOT_LIB_WOLFSSL)/wolfcrypt/src/sha256.c $(CFLAGS) $(LDFLAGS)
 
+unit-update-disk: ../../include/target.h unit-update-disk.c
+	gcc -o $@ unit-update-disk.c $(CFLAGS) $(LDFLAGS)
+
 unit-pkcs11_store: ../../include/target.h unit-pkcs11_store.c
 	gcc -o $@ $(WOLFCRYPT_SRC) unit-pkcs11_store.c $(CFLAGS) $(WOLFCRYPT_CFLAGS) $(LDFLAGS)
 
