aboutsummaryrefslogtreecommitdiff
path: root/cryptech_console
diff options
context:
space:
mode:
authorPaul Selkirk <paul@psgd.org>2019-02-13 16:05:42 -0500
committerPaul Selkirk <paul@psgd.org>2019-04-09 18:08:45 -0400
commitddee60a8e5603a47c26b95b2f944427e6013ac03 (patch)
treef1f224fd88a2a5e6256d5a5f185c0d5e24d19957 /cryptech_console
parent1376b16e3bead769e56e531b1c121ea68b60f49f (diff)
If a KEK is given to keywrap/unwrap, zero it out of the keywrap core after use.
The key-export mechanism unwraps the key with the KEK from Master Key Memory, then re-wraps it with a random KEK. If that random KEK stays in the keywrap core, it will cause problems for all subsequent wrap/unwrap operations.
Diffstat (limited to 'cryptech_console')
0 files changed, 0 insertions, 0 deletions