Zeroise stack buffer containing private key Signed-off-by: Neil Armstrong <narmstrong@baylibre.com>

commit: 3aca61fdfc5332dcdfba8066e043e44c7823dd9d [log] [tgz]
author: Neil Armstrong <narmstrong@baylibre.com> Mon Mar 14 14:24:48 2022 +0100
committer: Neil Armstrong <narmstrong@baylibre.com> Mon Mar 14 14:24:48 2022 +0100
tree: 1ce9fd0ce07587546bd2a86245c7ba204b1761a0
parent: e4edcf761df50cf2d384e6d12ae59861c58fbea8 [diff] [blame]
diff --git a/library/pk_wrap.c b/library/pk_wrap.c
index 53cf7cb..59ec307 100644
--- a/library/pk_wrap.c
+++ b/library/pk_wrap.c

@@ -917,6 +917,7 @@
     ret = pk_ecdsa_sig_asn1_from_psa( sig, sig_len, sig_size );
 
 cleanup:
+    mbedtls_platform_zeroize( buf, sizeof( buf ) );
     status = psa_destroy_key( key_id );
     if( ret == 0 && status != PSA_SUCCESS )
         ret = mbedtls_pk_error_from_psa( status );
commit	3aca61fdfc5332dcdfba8066e043e44c7823dd9d	[log] [tgz]
author	Neil Armstrong <narmstrong@baylibre.com>	Mon Mar 14 14:24:48 2022 +0100
committer	Neil Armstrong <narmstrong@baylibre.com>	Mon Mar 14 14:24:48 2022 +0100
tree	1ce9fd0ce07587546bd2a86245c7ba204b1761a0
parent	e4edcf761df50cf2d384e6d12ae59861c58fbea8 [diff] [blame]