Zeroize buffer in wolfboot_dice_collect_claims

padelsbach · danielinux · commit b796d9029c5f · 2026-04-28T15:01:50.000+02:00
diff --git a/src/dice/dice.c b/src/dice/dice.c
@@ -524,11 +524,14 @@ static int wolfboot_dice_collect_claims(struct wolfboot_dice_claims *claims)
     XMEMSET(claims, 0, sizeof(*claims));
 
     if (hal_uds_derive_key(uds, uds_len) != 0) {
+        /* Buffer may be partially filled, zero it to be sure */
+        wc_ForceZero(uds, sizeof(uds));
         return WOLFBOOT_DICE_ERR_HW;
     }
 
     if (wolfboot_dice_get_ueid(claims->ueid, &claims->ueid_len,
                                uds, uds_len) != 0) {
+        wc_ForceZero(uds, sizeof(uds));
         return WOLFBOOT_DICE_ERR_HW;
     }
 
@@ -581,6 +584,7 @@ static int wolfboot_dice_collect_claims(struct wolfboot_dice_claims *claims)
         claims->component_count++;
     }
 
+    wc_ForceZero(uds, sizeof(uds));
     return WOLFBOOT_DICE_SUCCESS;
 }
 

Original file line number	Diff line number	Diff line change
`@@ -524,11 +524,14 @@ static int wolfboot_dice_collect_claims(struct wolfboot_dice_claims *claims)`
`524`	`524`	`XMEMSET(claims, 0, sizeof(*claims));`
`525`	`525`
`526`	`526`	`if (hal_uds_derive_key(uds, uds_len) != 0) {`
	`527`	`+ /* Buffer may be partially filled, zero it to be sure */`
	`528`	`+ wc_ForceZero(uds, sizeof(uds));`
`527`	`529`	`return WOLFBOOT_DICE_ERR_HW;`
`528`	`530`	`}`
`529`	`531`
`530`	`532`	`if (wolfboot_dice_get_ueid(claims->ueid, &claims->ueid_len,`
`531`	`533`	`uds, uds_len) != 0) {`
	`534`	`+ wc_ForceZero(uds, sizeof(uds));`
`532`	`535`	`return WOLFBOOT_DICE_ERR_HW;`
`533`	`536`	`}`
`534`	`537`
`@@ -581,6 +584,7 @@ static int wolfboot_dice_collect_claims(struct wolfboot_dice_claims *claims)`
`581`	`584`	`claims->component_count++;`
`582`	`585`	`}`
`583`	`586`
	`587`	`+ wc_ForceZero(uds, sizeof(uds));`
`584`	`588`	`return WOLFBOOT_DICE_SUCCESS;`
`585`	`589`	`}`
`586`	`590`