Use plain memset() for session ID and Hello.Random
Those are public values (transmitted in the clear over the wire).
diff --git a/library/ssl_srv.c b/library/ssl_srv.c
index ad04934..747b9f4 100644
--- a/library/ssl_srv.c
+++ b/library/ssl_srv.c
@@ -1215,12 +1215,12 @@
p = buf + 6 + ciph_len;
ssl->session_negotiate->id_len = sess_len;
- mbedtls_platform_memset( ssl->session_negotiate->id, 0,
+ memset( ssl->session_negotiate->id, 0,
sizeof( ssl->session_negotiate->id ) );
memcpy( ssl->session_negotiate->id, p, ssl->session_negotiate->id_len );
p += sess_len;
- mbedtls_platform_memset( ssl->handshake->randbytes, 0, 64 );
+ memset( ssl->handshake->randbytes, 0, 64 );
memcpy( ssl->handshake->randbytes + 32 - chal_len, p, chal_len );
/*
@@ -1735,7 +1735,7 @@
MBEDTLS_SSL_DEBUG_BUF( 3, "client hello, session id", buf + 35, sess_len );
ssl->session_negotiate->id_len = sess_len;
- mbedtls_platform_memset( ssl->session_negotiate->id, 0,
+ memset( ssl->session_negotiate->id, 0,
sizeof( ssl->session_negotiate->id ) );
memcpy( ssl->session_negotiate->id, buf + 35,
ssl->session_negotiate->id_len );
@@ -2863,7 +2863,7 @@
if( ssl->handshake->new_session_ticket != 0 )
{
ssl->session_negotiate->id_len = n = 0;
- mbedtls_platform_memset( ssl->session_negotiate->id, 0, 32 );
+ memset( ssl->session_negotiate->id, 0, 32 );
}
else
#endif /* MBEDTLS_SSL_SESSION_TICKETS */