Merge pull request #5601 from SiliconLabs/erase_secret_before_free_backport_2_28 Backport 2.28: Erase secrets in allocated memory before freeing said memory

commit: 76d1cb26efbc55a717dabbe09cef79f2c630330b [log] [tgz]
author: Gilles Peskine <gilles.peskine@arm.com> Mon Mar 07 17:04:01 2022 +0100
committer: GitHub <noreply@github.com> Mon Mar 07 17:04:01 2022 +0100
tree: 73031715e9c72411900892795d09c4839bf352a7
parent: ecd119d241c16a1df51bc4198a9b7160f8fc4bca [diff]
parent: dd3ab012eb109923c2d0d774c439bed0f8f9a10a [diff]
diff --git a/ChangeLog.d/zeroize_key_buffers_before_free.txt b/ChangeLog.d/zeroize_key_buffers_before_free.txt
new file mode 100644
index 0000000..ba5bae1
--- /dev/null
+++ b/ChangeLog.d/zeroize_key_buffers_before_free.txt

@@ -0,0 +1,4 @@
+Security
+   * Zeroize dynamically-allocated buffers used by the PSA Crypto key storage
+     module before freeing them. These buffers contain secret key material, and
+     could thus potentially leak the key through freed heap.

diff --git a/library/psa_crypto_storage.c b/library/psa_crypto_storage.c
index b485c50..6c8321f 100644
--- a/library/psa_crypto_storage.c
+++ b/library/psa_crypto_storage.c

@@ -347,6 +347,7 @@
     status = psa_crypto_storage_store( attr->id,
                                        storage_data, storage_data_length );
 
+    mbedtls_platform_zeroize( storage_data, storage_data_length );
     mbedtls_free( storage_data );
 
     return( status );
@@ -392,6 +393,7 @@
         status = PSA_ERROR_STORAGE_FAILURE;
 
 exit:
+    mbedtls_platform_zeroize( loaded_data, storage_data_length );
     mbedtls_free( loaded_data );
     return( status );
 }
commit	76d1cb26efbc55a717dabbe09cef79f2c630330b	[log] [tgz]
author	Gilles Peskine <gilles.peskine@arm.com>	Mon Mar 07 17:04:01 2022 +0100
committer	GitHub <noreply@github.com>	Mon Mar 07 17:04:01 2022 +0100
tree	73031715e9c72411900892795d09c4839bf352a7
parent	ecd119d241c16a1df51bc4198a9b7160f8fc4bca [diff]
parent	dd3ab012eb109923c2d0d774c439bed0f8f9a10a [diff]