ArmorLock, Insecure Key Storage Vulnerability
WDC Tracking Number: WDC-21003
Product Line: G-Technology ArmorLock NVMe SSD
Published: March 17, 2021
Last Updated: March 17, 2021
The ArmorLock application generates, stores, and uses an elliptic curve private key to enable unlocking of authorized ArmorLock devices. On iOS and macOS devices that do not have biometrics (Touch ID or Face ID) but which contain a Secure Enclave, key material is incorrectly stored within the software Keychain instead of the Secure Enclave. On these affected devices, an attacker with the ability to execute code as the user of the device may be able to gain access to the key material, which could allow impersonation of the client through extraction of the private key.
Examples of Affected Devices
- iPod Touch 6th generation
- iPod Touch 7th generation
- iPad Mini 2
- iPad Air 1st generation
- 2018 Mac Mini
- 2020 Mac Mini
- iMac Pro
- 2020 iMac
This vulnerability was addressed in the iOS 1.4.1 app and the macOS 1.4.1 app. The updated client apps will remove any existing key material from the software Keychain and wrap it with a new key from the Secure Enclave. Key material generated for new drive pairings will be generated within the Secure Enclave.
Users with an affected device may wish to perform a fresh install of the 1.4.1 client app to ensure all key material is generated within the Secure Enclave. Before removing the existing app, make sure all drive recovery keys are available. Access to existing drives can be maintained via use of the recovery key or requesting access from another authorized manager.
A logic error in the ArmorLock iOS and macOS client applications led to an incorrect determination that devices which lack biometric hardware also lack Secure Enclave hardware. In this scenario, key material is placed in the software-backed Keychain instead of the more secure hardware-backed Secure Enclave.
The vulnerability was addressed by correctly identifying the presence of the Secure Enclave and using it when generating key material. Existing key material that was stored within the Keychain is removed and one of two actions are performed depending on context. Either the key material is re-generated within the Secure Enclave; or it is encrypted with a new key generated within the Secure Enclave.
Western Digital periodically retains the services of third-party firms to audit and test the security of our products. This issue was discovered during a scheduled assessment performed by the security firm Trail of Bits. In order to provide transparency to our customers, we have elected to make the audit and remediation report for this issue available to the public.
CVE Number: CVE-2021-28653
Reported by: Trail of Bits