Zeroize buffers in various modules

commit: a0ae1db2f7635e8a92250c08d9b00338b7c953ff [log] [tgz]
author: Andres Amaya Garcia <andres.amayagarcia@arm.com> Wed Jul 12 10:51:22 2017 +0100
committer: Andres Amaya Garcia <andres.amayagarcia@arm.com> Wed Jul 12 10:51:22 2017 +0100
tree: 5aa46aa11103d5c4b28a39910ff5b89fd303172c
parent: c381444c7f033cbc5968069ed28795ac6933c091 [diff]
diff --git a/library/ssl_tls.c b/library/ssl_tls.c
index bae8433..645fa32 100644
--- a/library/ssl_tls.c
+++ b/library/ssl_tls.c

@@ -4140,12 +4140,19 @@
         return( POLARSSL_ERR_SSL_BAD_INPUT_DATA );
     }
 
-    if( ssl->psk != NULL || ssl->psk_identity != NULL )
+    if( ssl->psk != NULL )
     {
+        polarssl_zeroize( ssl->psk, ssl->psk_len );
+
         polarssl_free( ssl->psk );
-        polarssl_free( ssl->psk_identity );
         ssl->psk = NULL;
+        ssl->psk_len = 0;
+    }
+    if( ssl->psk_identity != NULL )
+    {
+        polarssl_free( ssl->psk_identity );
         ssl->psk_identity = NULL;
+        ssl->psk_identity_len = 0;
     }
 
     if( ( ssl->psk = polarssl_malloc( psk_len ) ) == NULL ||
commit	a0ae1db2f7635e8a92250c08d9b00338b7c953ff	[log] [tgz]
author	Andres Amaya Garcia <andres.amayagarcia@arm.com>	Wed Jul 12 10:51:22 2017 +0100
committer	Andres Amaya Garcia <andres.amayagarcia@arm.com>	Wed Jul 12 10:51:22 2017 +0100
tree	5aa46aa11103d5c4b28a39910ff5b89fd303172c
parent	c381444c7f033cbc5968069ed28795ac6933c091 [diff]