commit a321413807927d6e295cec8677733bbde6aeec34
author gabor-mezei-arm <gabor.mezei@arm.com> Wed Jul 15 10:55:00 2020 +0200
committer gabor-mezei-arm <gabor.mezei@arm.com> Wed Jul 15 14:14:41 2020 +0200
tree 5efd721f21a071339c7e6f0048f9e7c1f02a74ca
parent 8ed86941990dece980e3ef5c940bfcae37aeedae

Zeroising of plaintext buffers to erase unused application data from memory

Signed-off-by: gabor-mezei-arm <gabor.mezei@arm.com>

library/ssl_msg.c

diff --git a/library/ssl_msg.c b/library/ssl_msg.c
index d32afac..be17336 100644
--- a/library/ssl_msg.c
+++ b/library/ssl_msg.c
@@ -5581,6 +5581,10 @@
     memcpy( buf, ssl->in_offt, n );
     ssl->in_msglen -= n;
 
+    /* Zeroising the plaintext buffer to erase unused application data
+       from the memory. */
+    mbedtls_platform_zeroize( ssl->in_offt, n );
+
     if( ssl->in_msglen == 0 )
     {
         /* all bytes consumed */