From 4b0b97e18bc6bb3ac2e5be0756cc1493d4b9af53 Mon Sep 17 00:00:00 2001
From: Yanray Wang <yanray.wang@arm.com>
Date: Mon, 28 Aug 2023 10:35:39 +0800
Subject: [PATCH] pkwrite: zeroize buf containing info of private key

Signed-off-by: Yanray Wang <yanray.wang@arm.com>
---
 library/pkwrite.c | 1 +
 1 file changed, 1 insertion(+)

diff --git a/library/pkwrite.c b/library/pkwrite.c
index f0dc718f35..5e3fcc9ef8 100644
--- a/library/pkwrite.c
+++ b/library/pkwrite.c
@@ -641,6 +641,7 @@ int mbedtls_pk_write_key_pem(mbedtls_pk_context *key, unsigned char *buf, size_t
 
     ret = 0;
 cleanup:
+    mbedtls_platform_zeroize(output_buf, PRV_DER_MAX_BYTES);
     mbedtls_free(output_buf);
     return ret;
 }