Merge pull request #8068 from paul-elliott-arm/fix_tls_zeroization

Fix TLS pad buffer zeroization

ChangeLog.d/fix-tls-padbuf-zeroization

@@ -0,0 +1,4 @@
+Security
+   * Fix a case where potentially sensitive information held in memory would not
+     be completely zeroized during TLS 1.2 handshake, in both server and client
+     configurations.

library/ssl_tls.c

@@ -7722,7 +7722,7 @@ static int ssl_calc_finished_tls_generic(mbedtls_ssl_context *ssl, void *ctx,
 
     MBEDTLS_SSL_DEBUG_BUF(3, "calc finished result", buf, len);
 
-    mbedtls_platform_zeroize(padbuf, sizeof(padbuf));
+    mbedtls_platform_zeroize(padbuf, hlen);
 
     MBEDTLS_SSL_DEBUG_MSG(2, ("<= calc finished"));