Erase secrets in allocated memory before freeing said memory Signed-off-by: Steven Cooreman <steven.cooreman@silabs.com>

commit: cd5be32191eeeb6149d51930b4245710875b3773 [log] [tgz]
author: Steven Cooreman <steven.cooreman@silabs.com> Fri Feb 25 11:14:59 2022 +0100
committer: Steven Cooreman <steven.cooreman@silabs.com> Fri Feb 25 11:14:59 2022 +0100
tree: 6a8a77361556fcdd0a965713d7c0593bfd220fca
parent: 4579a972bf60f8de78c074b88d871b95a8a7e48a [diff] [blame]
diff --git a/library/psa_crypto_storage.c b/library/psa_crypto_storage.c
index c6660b9..db7786d 100644
--- a/library/psa_crypto_storage.c
+++ b/library/psa_crypto_storage.c

@@ -349,6 +349,7 @@
     status = psa_crypto_storage_store( attr->id,
                                        storage_data, storage_data_length );
 
+    mbedtls_platform_zeroize( storage_data, storage_data_length );
     mbedtls_free( storage_data );
 
     return( status );
@@ -394,6 +395,7 @@
         status = PSA_ERROR_STORAGE_FAILURE;
 
 exit:
+    mbedtls_platform_zeroize( loaded_data, storage_data_length );
     mbedtls_free( loaded_data );
     return( status );
 }
commit	cd5be32191eeeb6149d51930b4245710875b3773	[log] [tgz]
author	Steven Cooreman <steven.cooreman@silabs.com>	Fri Feb 25 11:14:59 2022 +0100
committer	Steven Cooreman <steven.cooreman@silabs.com>	Fri Feb 25 11:14:59 2022 +0100
tree	6a8a77361556fcdd0a965713d7c0593bfd220fca
parent	4579a972bf60f8de78c074b88d871b95a8a7e48a [diff] [blame]