From 2c5052647646ee52e525fd454c785db0d37fbbef Mon Sep 17 00:00:00 2001
From: Valerio Setti <valerio.setti@nordicsemi.no>
Date: Wed, 26 Apr 2023 13:08:56 +0200
Subject: [PATCH] pk: fix: clear buffer holding raw EC private key on exit

Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
---
 library/pk.c | 2 ++
 1 file changed, 2 insertions(+)

diff --git a/library/pk.c b/library/pk.c
index 2516eed6fe..04c5e405e9 100644
--- a/library/pk.c
+++ b/library/pk.c
@@ -908,6 +908,8 @@ int mbedtls_pk_wrap_as_opaque(mbedtls_pk_context *pk,
             return PSA_PK_TO_MBEDTLS_ERR(status);
         }
 
+        mbedtls_platform_zeroize(d, sizeof(d));
+
         /* make PK context wrap the key slot */
         mbedtls_pk_free(pk);
         mbedtls_pk_init(pk);