Backport 2.1:Set PEM buffer to zero before freeing Set PEM buffer to zero before freeing it, to avoid private keys being leaked to memory after releasing it.

commit: 4dc8af77a91ec3129c66bc686d470fd8cfca80f5 [log] [tgz]
author: Ron Eldor <Ron.Eldor@arm.com> Tue Sep 05 15:34:35 2017 +0300
committer: Ron Eldor <Ron.Eldor@arm.com> Thu Sep 07 11:08:00 2017 +0300
tree: 15bf9c1dd85c022094a3a2d54c13d566d7e56d37
parent: 1fe5e8ab44ef46b582ab54db5afcb6bab180d440 [diff]
diff --git a/library/pem.c b/library/pem.c
index 8dd86a4..4c23373 100644
--- a/library/pem.c
+++ b/library/pem.c

@@ -387,6 +387,7 @@
 
 void mbedtls_pem_free( mbedtls_pem_context *ctx )
 {
+    memset( ctx->buf, 0, ctx->buflen );
     mbedtls_free( ctx->buf );
     mbedtls_free( ctx->info );
commit	4dc8af77a91ec3129c66bc686d470fd8cfca80f5	[log] [tgz]
author	Ron Eldor <Ron.Eldor@arm.com>	Tue Sep 05 15:34:35 2017 +0300
committer	Ron Eldor <Ron.Eldor@arm.com>	Thu Sep 07 11:08:00 2017 +0300
tree	15bf9c1dd85c022094a3a2d54c13d566d7e56d37
parent	1fe5e8ab44ef46b582ab54db5afcb6bab180d440 [diff]