commit 088ef49681737fb4968c464a8e7a494a5cceed64
author Christoph M. Wintersteiger <cwinter@microsoft.com> Fri Feb 15 16:25:48 2019 +0000
committer Janos Follath <janos.follath@arm.com> Mon Aug 19 13:37:46 2019 +0100
tree f9d2c458cd1ff469a210628de9907b6e892d0973
parent fb779f17000ff50d02c97788f0647b820c4bc422

3rdparty: Make proper use of mbedtls_platform_zeroize in Everest x25519

3rdparty/everest/library/x25519.c

diff --git a/3rdparty/everest/library/x25519.c b/3rdparty/everest/library/x25519.c
index 52496c6..7660b64 100644
--- a/3rdparty/everest/library/x25519.c
+++ b/3rdparty/everest/library/x25519.c
@@ -41,7 +41,7 @@
  */
 void mbedtls_x25519_init( mbedtls_x25519_context *ctx )
 {
-    memset( ctx, 0, sizeof( mbedtls_x25519_context ) );
+    mbedtls_platform_zeroize( ctx, sizeof( mbedtls_x25519_context ) );
 }
 
 /*
@@ -138,7 +138,8 @@
     Hacl_Curve25519_crypto_scalarmult( buf, ctx->our_secret, ctx->peer_point);
 
     /* Wipe the DH secret and don't let the peer chose a small subgroup point */
-    memset( ctx->our_secret, 0, MBEDTLS_X25519_KEY_SIZE_BYTES );
+    mbedtls_platform_zeroize( ctx->our_secret, MBEDTLS_X25519_KEY_SIZE_BYTES );
+
     if( memcmp( buf, ctx->our_secret, MBEDTLS_X25519_KEY_SIZE_BYTES) == 0 )
         return MBEDTLS_ERR_ECP_RANDOM_FAILED;