From 06e4158b938908f6ed7640249adac675a1ec72f1 Mon Sep 17 00:00:00 2001
From: Michael Scire <SciresM@gmail.com>
Date: Wed, 19 Jun 2019 00:42:30 -0700
Subject: [PATCH] sept: indulge paranoia, some.

---
 sept/sept-secondary/key_derivation/src/key_derivation.c | 3 +++
 1 file changed, 3 insertions(+)

diff --git a/sept/sept-secondary/key_derivation/src/key_derivation.c b/sept/sept-secondary/key_derivation/src/key_derivation.c
index bb92687de..e66f836d8 100644
--- a/sept/sept-secondary/key_derivation/src/key_derivation.c
+++ b/sept/sept-secondary/key_derivation/src/key_derivation.c
@@ -75,14 +75,17 @@ void derive_keys(void) {
         /* Derive master key, device master key. */
         decrypt_data_into_keyslot(0xC, 0xE, masterkey_seed, 0x10);
         decrypt_data_into_keyslot(0xE, 0xE, masterkey_4x_seed, 0x10);
+        clear_aes_keyslot(0xD);
 
         /* Derive device keys. */
         decrypt_data_into_keyslot(0xA, 0xF, devicekey_4x_seed, 0x10);
         decrypt_data_into_keyslot(0xF, 0xF, devicekey_seed, 0x10);
+        clear_aes_keyslot(0xD);
 
         /* Derive firmware specific device key. */
         se_aes_ecb_decrypt_block(0xA, work_buffer, 0x10, master_devkey_seeds[derivation_id], 0x10);
         decrypt_data_into_keyslot(0xE, 0xE, work_buffer, 0x10);
+        clear_aes_keyslot(0xD);
 
         /* Clear work buffer. */
         for (size_t i = 0; i < 4; i++) {