mirror/mbedtls
1
0
Fork 0
mirror of https://github.com/Mbed-TLS/mbedtls.git synced 2025-03-25 13:43:31 +00:00
Code Issues Actions Packages Projects Releases Wiki Activity

Erase secrets in allocated memory before freeing said memory

Browse Source 
Signed-off-by: Steven Cooreman <steven.cooreman@silabs.com>
This commit is contained in:
Steven Cooreman 2022-02-25 11:14:59 +01:00
parent 4579a972bf
commit cd5be32191
1 changed files with 2 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
library/psa_crypto_storage.c
View File

@ -349,6 +349,7 @@ psa_status_t psa_save_persistent_key( const psa_core_key_attributes_t *attr,
status = psa_crypto_storage_store( attr->id, status = psa_crypto_storage_store( attr->id,
storage_data, storage_data_length ); storage_data, storage_data_length );
mbedtls_platform_zeroize( storage_data, storage_data_length );
mbedtls_free( storage_data ); mbedtls_free( storage_data );
return( status ); return( status );
@ -394,6 +395,7 @@ psa_status_t psa_load_persistent_key( psa_core_key_attributes_t *attr,
status = PSA_ERROR_STORAGE_FAILURE; status = PSA_ERROR_STORAGE_FAILURE;
exit: exit:
mbedtls_platform_zeroize( loaded_data, storage_data_length );
mbedtls_free( loaded_data ); mbedtls_free( loaded_data );
return( status ); return( status );
} }