zero FSL CAAM ECC private key buffers

JeremiahM37 · JeremiahM37 · commit f382526bcc42 · 2026-03-26T17:30:14.000Z
diff --git a/wolfcrypt/src/port/caam/wolfcaam_fsl_nxp.c b/wolfcrypt/src/port/caam/wolfcaam_fsl_nxp.c
@@ -443,12 +443,14 @@ int wc_CAAM_EccSign(const byte* in, int inlen, byte* out, word32* outlen,
         if (key->blackKey == CAAM_BLACK_KEY_CCM) {
             if (mp_to_unsigned_bin_len(wc_ecc_key_get_priv(key), k,
                     kSz + WC_CAAM_MAC_SZ) != MP_OKAY) {
+                ForceZero(k, sizeof(k));
                 return MP_TO_E;
             }
         }
         else {
             if (mp_to_unsigned_bin_len(wc_ecc_key_get_priv(key), k, kSz) !=
                     MP_OKAY) {
+                ForceZero(k, sizeof(k));
                 return MP_TO_E;
             }
         }
@@ -457,6 +459,7 @@ int wc_CAAM_EccSign(const byte* in, int inlen, byte* out, word32* outlen,
     ecdsel = GetECDSEL(dp->id);
     if (ecdsel == 0) {
         WOLFSSL_MSG("unknown key type or size");
+        ForceZero(k, sizeof(k));
         return CRYPTOCB_UNAVAILABLE;
     }
 
@@ -469,6 +472,7 @@ int wc_CAAM_EccSign(const byte* in, int inlen, byte* out, word32* outlen,
             break;
         default:
             WOLFSSL_MSG("unknown/unsupported key type");
+            ForceZero(k, sizeof(k));
             return BAD_FUNC_ARG;
     }
 
@@ -508,10 +512,12 @@ int wc_CAAM_EccSign(const byte* in, int inlen, byte* out, word32* outlen,
         mp_free(&mps);
         if (ret != 0) {
             WOLFSSL_MSG("Issue converting to signature");
+            ForceZero(k, sizeof(k));
             return -1;
         }
     }
 
+    ForceZero(k, sizeof(k));
     return ret;
 }
 
@@ -697,22 +703,26 @@ int wc_CAAM_Ecdh(ecc_key* private_key, ecc_key* public_key, byte* out,
     if (private_key->blackKey == CAAM_BLACK_KEY_CCM) {
         if (mp_to_unsigned_bin_len(wc_ecc_key_get_priv(private_key), k,
                 keySz + WC_CAAM_MAC_SZ) != MP_OKAY) {
+            ForceZero(k, sizeof(k));
             return MP_TO_E;
         }
     }
     else {
         if (mp_to_unsigned_bin_len(wc_ecc_key_get_priv(private_key), k, keySz)
                 != MP_OKAY) {
+            ForceZero(k, sizeof(k));
             return MP_TO_E;
         }
     }
 
     if (*outlen < (word32)keySz) {
+        ForceZero(k, sizeof(k));
         return -1;
     }
 
     status = CAAM_ECC_ECDH(CAAM, &hndl, k, keySz, qxy, keySz*2, out, keySz,
         ecdsel, enc);
+    ForceZero(k, sizeof(k));
     if (status == kStatus_Success) {
         *outlen = keySz;
         return MP_OKAY;
@@ -787,6 +797,7 @@ int wc_CAAM_MakeEccKey(WC_RNG* rng, int keySize, ecc_key* key, int curveId,
         ret = -1;
     }
 
+    ForceZero(k, sizeof(k));
     return ret;
 }
 #endif /* WOLFSSL_KEY_GEN */

Original file line number	Diff line number	Diff line change
`@@ -443,12 +443,14 @@ int wc_CAAM_EccSign(const byte* in, int inlen, byte* out, word32* outlen,`
`443`	`443`	`if (key->blackKey == CAAM_BLACK_KEY_CCM) {`
`444`	`444`	`if (mp_to_unsigned_bin_len(wc_ecc_key_get_priv(key), k,`
`445`	`445`	`kSz + WC_CAAM_MAC_SZ) != MP_OKAY) {`
	`446`	`+ ForceZero(k, sizeof(k));`
`446`	`447`	`return MP_TO_E;`
`447`	`448`	`}`
`448`	`449`	`}`
`449`	`450`	`else {`
`450`	`451`	`if (mp_to_unsigned_bin_len(wc_ecc_key_get_priv(key), k, kSz) !=`
`451`	`452`	`MP_OKAY) {`
	`453`	`+ ForceZero(k, sizeof(k));`
`452`	`454`	`return MP_TO_E;`
`453`	`455`	`}`
`454`	`456`	`}`
`@@ -457,6 +459,7 @@ int wc_CAAM_EccSign(const byte* in, int inlen, byte* out, word32* outlen,`
`457`	`459`	`ecdsel = GetECDSEL(dp->id);`
`458`	`460`	`if (ecdsel == 0) {`
`459`	`461`	`WOLFSSL_MSG("unknown key type or size");`
	`462`	`+ ForceZero(k, sizeof(k));`
`460`	`463`	`return CRYPTOCB_UNAVAILABLE;`
`461`	`464`	`}`
`462`	`465`
`@@ -469,6 +472,7 @@ int wc_CAAM_EccSign(const byte* in, int inlen, byte* out, word32* outlen,`
`469`	`472`	`break;`
`470`	`473`	`default:`
`471`	`474`	`WOLFSSL_MSG("unknown/unsupported key type");`
	`475`	`+ ForceZero(k, sizeof(k));`
`472`	`476`	`return BAD_FUNC_ARG;`
`473`	`477`	`}`
`474`	`478`
`@@ -508,10 +512,12 @@ int wc_CAAM_EccSign(const byte* in, int inlen, byte* out, word32* outlen,`
`508`	`512`	`mp_free(&mps);`
`509`	`513`	`if (ret != 0) {`
`510`	`514`	`WOLFSSL_MSG("Issue converting to signature");`
	`515`	`+ ForceZero(k, sizeof(k));`
`511`	`516`	`return -1;`
`512`	`517`	`}`
`513`	`518`	`}`
`514`	`519`
	`520`	`+ ForceZero(k, sizeof(k));`
`515`	`521`	`return ret;`
`516`	`522`	`}`
`517`	`523`
`@@ -697,22 +703,26 @@ int wc_CAAM_Ecdh(ecc_key* private_key, ecc_key* public_key, byte* out,`
`697`	`703`	`if (private_key->blackKey == CAAM_BLACK_KEY_CCM) {`
`698`	`704`	`if (mp_to_unsigned_bin_len(wc_ecc_key_get_priv(private_key), k,`
`699`	`705`	`keySz + WC_CAAM_MAC_SZ) != MP_OKAY) {`
	`706`	`+ ForceZero(k, sizeof(k));`
`700`	`707`	`return MP_TO_E;`
`701`	`708`	`}`
`702`	`709`	`}`
`703`	`710`	`else {`
`704`	`711`	`if (mp_to_unsigned_bin_len(wc_ecc_key_get_priv(private_key), k, keySz)`
`705`	`712`	`!= MP_OKAY) {`
	`713`	`+ ForceZero(k, sizeof(k));`
`706`	`714`	`return MP_TO_E;`
`707`	`715`	`}`
`708`	`716`	`}`
`709`	`717`
`710`	`718`	`if (*outlen < (word32)keySz) {`
	`719`	`+ ForceZero(k, sizeof(k));`
`711`	`720`	`return -1;`
`712`	`721`	`}`
`713`	`722`
`714`	`723`	`status = CAAM_ECC_ECDH(CAAM, &hndl, k, keySz, qxy, keySz*2, out, keySz,`
`715`	`724`	`ecdsel, enc);`
	`725`	`+ ForceZero(k, sizeof(k));`
`716`	`726`	`if (status == kStatus_Success) {`
`717`	`727`	`*outlen = keySz;`
`718`	`728`	`return MP_OKAY;`
`@@ -787,6 +797,7 @@ int wc_CAAM_MakeEccKey(WC_RNG* rng, int keySize, ecc_key* key, int curveId,`
`787`	`797`	`ret = -1;`
`788`	`798`	`}`
`789`	`799`
	`800`	`+ ForceZero(k, sizeof(k));`
`790`	`801`	`return ret;`
`791`	`802`	`}`
`792`	`803`	`#endif /* WOLFSSL_KEY_GEN */`