[nginx] QUIC: explicitly zero out unused keying material.

Sergey Kandaurov pluknet at nginx.com
Fri Oct 20 14:42:43 UTC 2023


details:   https://hg.nginx.org/nginx/rev/b74f891053c7
branches:  
changeset: 9178:b74f891053c7
user:      Sergey Kandaurov <pluknet at nginx.com>
date:      Fri Oct 20 18:05:07 2023 +0400
description:
QUIC: explicitly zero out unused keying material.

diffstat:

 src/event/quic/ngx_event_quic_openssl_compat.c |  13 ++++---------
 src/event/quic/ngx_event_quic_protection.c     |  18 ++++++++++++++++++
 2 files changed, 22 insertions(+), 9 deletions(-)

diffs (86 lines):

diff -r 22d110af473c -r b74f891053c7 src/event/quic/ngx_event_quic_openssl_compat.c
--- a/src/event/quic/ngx_event_quic_openssl_compat.c	Fri Oct 20 18:05:07 2023 +0400
+++ b/src/event/quic/ngx_event_quic_openssl_compat.c	Fri Oct 20 18:05:07 2023 +0400
@@ -218,6 +218,8 @@ ngx_quic_compat_keylog_callback(const SS
         (void) ngx_quic_compat_set_encryption_secret(c, &com->keys, level,
                                                      cipher, secret, n);
     }
+
+    ngx_explicit_memzero(secret, n);
 }
 
 
@@ -246,15 +248,6 @@ ngx_quic_compat_set_encryption_secret(ng
         return NGX_ERROR;
     }
 
-    if (sizeof(peer_secret->secret.data) < secret_len) {
-        ngx_log_error(NGX_LOG_ALERT, c->log, 0,
-                      "unexpected secret len: %uz", secret_len);
-        return NGX_ERROR;
-    }
-
-    peer_secret->secret.len = secret_len;
-    ngx_memcpy(peer_secret->secret.data, secret, secret_len);
-
     key.len = key_len;
 
     peer_secret->iv.len = NGX_QUIC_IV_LEN;
@@ -292,6 +285,8 @@ ngx_quic_compat_set_encryption_secret(ng
         return NGX_ERROR;
     }
 
+    ngx_explicit_memzero(key.data, key.len);
+
     return NGX_OK;
 }
 
diff -r 22d110af473c -r b74f891053c7 src/event/quic/ngx_event_quic_protection.c
--- a/src/event/quic/ngx_event_quic_protection.c	Fri Oct 20 18:05:07 2023 +0400
+++ b/src/event/quic/ngx_event_quic_protection.c	Fri Oct 20 18:05:07 2023 +0400
@@ -710,6 +710,8 @@ ngx_quic_keys_set_encryption_secret(ngx_
         return NGX_ERROR;
     }
 
+    ngx_explicit_memzero(key.data, key.len);
+
     return NGX_OK;
 }
 
@@ -740,6 +742,9 @@ ngx_quic_keys_discard(ngx_quic_keys_t *k
 
     ngx_quic_crypto_hp_cleanup(client);
     ngx_quic_crypto_hp_cleanup(server);
+
+    ngx_explicit_memzero(client->secret.data, client->secret.len);
+    ngx_explicit_memzero(server->secret.data, server->secret.len);
 }
 
 
@@ -834,6 +839,14 @@ ngx_quic_keys_update(ngx_event_t *ev)
         goto failed;
     }
 
+    ngx_explicit_memzero(current->client.secret.data,
+                         current->client.secret.len);
+    ngx_explicit_memzero(current->server.secret.data,
+                         current->server.secret.len);
+
+    ngx_explicit_memzero(client_key.data, client_key.len);
+    ngx_explicit_memzero(server_key.data, server_key.len);
+
     return;
 
 failed:
@@ -856,6 +869,11 @@ ngx_quic_keys_cleanup(ngx_quic_keys_t *k
 
     ngx_quic_crypto_cleanup(&next->client);
     ngx_quic_crypto_cleanup(&next->server);
+
+    ngx_explicit_memzero(next->client.secret.data,
+                         next->client.secret.len);
+    ngx_explicit_memzero(next->server.secret.data,
+                         next->server.secret.len);
 }
 
 


More information about the nginx-devel mailing list