lib/mbedtls
1
0
Fork 0
mirror of https://github.com/Mbed-TLS/mbedtls.git synced 2025-07-29 11:41:15 +03:00
Code Activity

psa_tls12_prf_psk_to_ms_set_key: clear buffers after usage

Browse Source 
Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com>
This commit is contained in:
Przemek Stekiel
2022-04-20 08:37:43 +02:00
parent 937b90febf
commit 03faf5d2c1
1 changed files with 2 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
library/psa_crypto.c
View File

@ -5313,6 +5313,7 @@ static psa_status_t psa_tls12_prf_psk_to_ms_set_key(
if ( prf->other_secret_length != 0 ) if ( prf->other_secret_length != 0 )
{ {
memcpy( cur, prf->other_secret, prf->other_secret_length ); memcpy( cur, prf->other_secret, prf->other_secret_length );
mbedtls_platform_zeroize( prf->other_secret, prf->other_secret_length );
cur += prf->other_secret_length; cur += prf->other_secret_length;
} }
} }
@ -5327,6 +5328,7 @@ static psa_status_t psa_tls12_prf_psk_to_ms_set_key(
*cur++ = MBEDTLS_BYTE_1( data_length ); *cur++ = MBEDTLS_BYTE_1( data_length );
*cur++ = MBEDTLS_BYTE_0( data_length ); *cur++ = MBEDTLS_BYTE_0( data_length );
memcpy( cur, data, data_length ); memcpy( cur, data, data_length );
mbedtls_platform_zeroize( (void*) data, data_length );
cur += data_length; cur += data_length;
status = psa_tls12_prf_set_key( prf, pms, cur - pms ); status = psa_tls12_prf_set_key( prf, pms, cur - pms );