commit 75b596fc3c2daa0915f840974b1f4dd8aac2ab82
author Gilles Peskine <Gilles.Peskine@arm.com> Mon Dec 13 12:35:08 2021 +0100
committer Gilles Peskine <Gilles.Peskine@arm.com> Mon Dec 13 14:18:44 2021 +0100
tree 08dddcf3a4e5dcac8b42c63154262c6158d24759
parent 8dc7b243ae37b1413770a6bc59625288b4614cc3

mbedtls_ssl_cookie_check: zeroize expected cookie on cookie mismatch

Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>

library/ssl_cookie.c

diff --git a/library/ssl_cookie.c b/library/ssl_cookie.c
index 04565e0..9e21368 100644
--- a/library/ssl_cookie.c
+++ b/library/ssl_cookie.c
@@ -250,15 +250,18 @@
 
 #if defined(MBEDTLS_THREADING_C)
     if( mbedtls_mutex_unlock( &ctx->mutex ) != 0 )
-        return( MBEDTLS_ERR_SSL_INTERNAL_ERROR +
+        ret = ( MBEDTLS_ERR_SSL_INTERNAL_ERROR +
                 MBEDTLS_ERR_THREADING_MUTEX_ERROR );
 #endif
 
     if( ret != 0 )
-        return( ret );
+        goto exit;
 
     if( mbedtls_ssl_safer_memcmp( cookie + 4, ref_hmac, sizeof( ref_hmac ) ) != 0 )
-        return( -1 );
+    {
+        ret = -1;
+        goto exit;
+    }
 
 #if defined(MBEDTLS_HAVE_TIME)
     cur_time = (unsigned long) mbedtls_time( NULL );
@@ -272,8 +275,13 @@
                   ( (unsigned long) cookie[3]       );
 
     if( ctx->timeout != 0 && cur_time - cookie_time > ctx->timeout )
-        return( -1 );
+    {
+        ret = -1;
+        goto exit;
+    }
 
-    return( 0 );
+exit:
+    mbedtls_platform_zeroize( ref_hmac, sizeof( ref_hmac ) );
+    return( ret );
 }
 #endif /* MBEDTLS_SSL_COOKIE_C */