Zeroising of plaintext buffers to erase unused application data from memory Signed-off-by: gabor-mezei-arm <gabor.mezei@arm.com>

commit: 3eaa10389ddd99128215ddaad46f1892eeb9e9dd [log] [tgz]
author: gabor-mezei-arm <gabor.mezei@arm.com> Wed Jul 15 10:55:00 2020 +0200
committer: gabor-mezei-arm <gabor.mezei@arm.com> Fri Jul 31 15:57:26 2020 +0200
tree: ca47daff8fed2860dc7f44a7a70d8b7db469ddf5
parent: 3a1944a1877fefce88cdda389806298f608e5bd9 [diff] [blame]
diff --git a/library/ssl_tls.c b/library/ssl_tls.c
index 02b8f26..c7787cb 100644
--- a/library/ssl_tls.c
+++ b/library/ssl_tls.c

@@ -8569,6 +8569,10 @@
     memcpy( buf, ssl->in_offt, n );
     ssl->in_msglen -= n;
 
+    /* Zeroising the plaintext buffer to erase unused application data
+       from the memory. */
+    mbedtls_platform_zeroize( ssl->in_offt, n );
+
     if( ssl->in_msglen == 0 )
     {
         /* all bytes consumed */
commit	3eaa10389ddd99128215ddaad46f1892eeb9e9dd	[log] [tgz]
author	gabor-mezei-arm <gabor.mezei@arm.com>	Wed Jul 15 10:55:00 2020 +0200
committer	gabor-mezei-arm <gabor.mezei@arm.com>	Fri Jul 31 15:57:26 2020 +0200
tree	ca47daff8fed2860dc7f44a7a70d8b7db469ddf5
parent	3a1944a1877fefce88cdda389806298f608e5bd9 [diff] [blame]