Ensure all md_<hash>_finish functions perform zeroization Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>

commit: aafd1e0924aa21c1d105328bb2a988b61e6294fc [log] [tgz]
author: Dave Rodgman <dave.rodgman@arm.com> Mon Sep 11 12:59:36 2023 +0100
committer: Dave Rodgman <dave.rodgman@arm.com> Mon Sep 11 12:59:36 2023 +0100
tree: 0a5829b5fadef7c5b0c7d166b3484a6fae9fd059
parent: 33fbd373bea54711ce935a376e5e594f85f9d020 [diff] [blame]
diff --git a/library/ripemd160.c b/library/ripemd160.c
index ba97c1f..49fee85 100644
--- a/library/ripemd160.c
+++ b/library/ripemd160.c

@@ -356,12 +356,12 @@
 
     ret = mbedtls_ripemd160_update(ctx, ripemd160_padding, padn);
     if (ret != 0) {
-        return ret;
+        goto exit;
     }
 
     ret = mbedtls_ripemd160_update(ctx, msglen, 8);
     if (ret != 0) {
-        return ret;
+        goto exit;
     }
 
     MBEDTLS_PUT_UINT32_LE(ctx->state[0], output,  0);
@@ -370,7 +370,11 @@
     MBEDTLS_PUT_UINT32_LE(ctx->state[3], output, 12);
     MBEDTLS_PUT_UINT32_LE(ctx->state[4], output, 16);
 
-    return 0;
+    ret = 0;
+
+exit:
+    mbedtls_ripemd160_free(ctx);
+    return ret;
 }
 
 #endif /* ! MBEDTLS_RIPEMD160_ALT */
commit	aafd1e0924aa21c1d105328bb2a988b61e6294fc	[log] [tgz]
author	Dave Rodgman <dave.rodgman@arm.com>	Mon Sep 11 12:59:36 2023 +0100
committer	Dave Rodgman <dave.rodgman@arm.com>	Mon Sep 11 12:59:36 2023 +0100
tree	0a5829b5fadef7c5b0c7d166b3484a6fae9fd059
parent	33fbd373bea54711ce935a376e5e594f85f9d020 [diff] [blame]