lib/mbedtls
1
0
Fork 0
mirror of https://github.com/Mbed-TLS/mbedtls.git synced 2025-08-01 10:06:53 +03:00
Code Activity

Safely erase key material upon abort

Browse Source 
Some key derivation operation contexts (like
psa_tls12_prf_key_derivation_t) directly contain buffers with parts of
the derived key. Erase them safely as part of the abort.
This commit is contained in:
Janos Follath
2019-06-11 10:22:26 +01:00
parent 71a4c9125b
commit 083036af64
1 changed files with 1 additions and 1 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
library/psa_crypto.c
View File

@ -3902,7 +3902,7 @@ psa_status_t psa_key_derivation_abort( psa_key_derivation_operation_t *operation
{ {
status = PSA_ERROR_BAD_STATE; status = PSA_ERROR_BAD_STATE;
} }
memset( operation, 0, sizeof( *operation ) ); mbedtls_platform_zeroize( operation, sizeof( *operation ) );
return( status ); return( status );
} }