Zeroising of plaintext buffers to erase unused application data from memory Signed-off-by: gabor-mezei-arm <gabor.mezei@arm.com>

commit: ef73875913c66767e7a954aa0b68f42f0756d9b2 [log] [tgz]
author: gabor-mezei-arm <gabor.mezei@arm.com> Wed Jul 15 10:55:00 2020 +0200
committer: gabor-mezei-arm <gabor.mezei@arm.com> Mon Aug 03 10:53:48 2020 +0200
tree: 91c13c4bc1ba61415e1e58cf3af8f72400ee11db
parent: f2027b5c4646118708ef695c1e2d29b708fbcaac [diff] [blame]
diff --git a/library/ssl_tls.c b/library/ssl_tls.c
index 25a43bb..30f0eba 100644
--- a/library/ssl_tls.c
+++ b/library/ssl_tls.c

@@ -7320,6 +7320,10 @@
     memcpy( buf, ssl->in_offt, n );
     ssl->in_msglen -= n;
 
+    /* Zeroising the plaintext buffer to erase unused application data
+       from the memory. */
+    mbedtls_zeroize( ssl->in_offt, n );
+
     if( ssl->in_msglen == 0 )
     {
         /* all bytes consumed */
commit	ef73875913c66767e7a954aa0b68f42f0756d9b2	[log] [tgz]
author	gabor-mezei-arm <gabor.mezei@arm.com>	Wed Jul 15 10:55:00 2020 +0200
committer	gabor-mezei-arm <gabor.mezei@arm.com>	Mon Aug 03 10:53:48 2020 +0200
tree	91c13c4bc1ba61415e1e58cf3af8f72400ee11db
parent	f2027b5c4646118708ef695c1e2d29b708fbcaac [diff] [blame]