delete persistent keys on reset if theyre set

2026-03-11 16:36:21 -07:00 · 2020-08-30 22:42:29 -07:00
parent 866e9c22c0
commit f3e1b5a44b
1 changed files with 6 additions and 0 deletions
@@ -234,6 +234,12 @@ impl PersistentState {
    }

    pub fn reset<S: Syscall>(&mut self, crypto: &mut CryptoClient<S>) -> Result<()> {
+        if let Some(key) = self.key_encryption_key { 
+            syscall!(crypto.delete(key));
+        }
+        if let Some(key) = self.key_wrapping_key { 
+            syscall!(crypto.delete(key));
+        }
        self.key_encryption_key = None;
        self.key_wrapping_key = None;
        self.consecutive_pin_mismatches = 0;