# HG changeset patch
# User Sergey Kandaurov <pluknet@nginx.com>
# Date 1697810707 -14400
# Node ID b74f891053c79dc24f2a0bdcdb31f91ca6f4a823
# Parent  22d110af473c2a06ab911c1b8a99c52c185b716a
QUIC: explicitly zero out unused keying material.

diff --git a/src/event/quic/ngx_event_quic_openssl_compat.c b/src/event/quic/ngx_event_quic_openssl_compat.c
--- a/src/event/quic/ngx_event_quic_openssl_compat.c
+++ b/src/event/quic/ngx_event_quic_openssl_compat.c
@@ -218,6 +218,8 @@ ngx_quic_compat_keylog_callback(const SS
         (void) ngx_quic_compat_set_encryption_secret(c, &com->keys, level,
                                                      cipher, secret, n);
     }
+
+    ngx_explicit_memzero(secret, n);
 }
 
 
@@ -246,15 +248,6 @@ ngx_quic_compat_set_encryption_secret(ng
         return NGX_ERROR;
     }
 
-    if (sizeof(peer_secret->secret.data) < secret_len) {
-        ngx_log_error(NGX_LOG_ALERT, c->log, 0,
-                      "unexpected secret len: %uz", secret_len);
-        return NGX_ERROR;
-    }
-
-    peer_secret->secret.len = secret_len;
-    ngx_memcpy(peer_secret->secret.data, secret, secret_len);
-
     key.len = key_len;
 
     peer_secret->iv.len = NGX_QUIC_IV_LEN;
@@ -292,6 +285,8 @@ ngx_quic_compat_set_encryption_secret(ng
         return NGX_ERROR;
     }
 
+    ngx_explicit_memzero(key.data, key.len);
+
     return NGX_OK;
 }
 
diff --git a/src/event/quic/ngx_event_quic_protection.c b/src/event/quic/ngx_event_quic_protection.c
--- a/src/event/quic/ngx_event_quic_protection.c
+++ b/src/event/quic/ngx_event_quic_protection.c
@@ -710,6 +710,8 @@ ngx_quic_keys_set_encryption_secret(ngx_
         return NGX_ERROR;
     }
 
+    ngx_explicit_memzero(key.data, key.len);
+
     return NGX_OK;
 }
 
@@ -740,6 +742,9 @@ ngx_quic_keys_discard(ngx_quic_keys_t *k
 
     ngx_quic_crypto_hp_cleanup(client);
     ngx_quic_crypto_hp_cleanup(server);
+
+    ngx_explicit_memzero(client->secret.data, client->secret.len);
+    ngx_explicit_memzero(server->secret.data, server->secret.len);
 }
 
 
@@ -834,6 +839,14 @@ ngx_quic_keys_update(ngx_event_t *ev)
         goto failed;
     }
 
+    ngx_explicit_memzero(current->client.secret.data,
+                         current->client.secret.len);
+    ngx_explicit_memzero(current->server.secret.data,
+                         current->server.secret.len);
+
+    ngx_explicit_memzero(client_key.data, client_key.len);
+    ngx_explicit_memzero(server_key.data, server_key.len);
+
     return;
 
 failed:
@@ -856,6 +869,11 @@ ngx_quic_keys_cleanup(ngx_quic_keys_t *k
 
     ngx_quic_crypto_cleanup(&next->client);
     ngx_quic_crypto_cleanup(&next->server);
+
+    ngx_explicit_memzero(next->client.secret.data,
+                         next->client.secret.len);
+    ngx_explicit_memzero(next->server.secret.data,
+                         next->server.secret.len);
 }