Provide and use internal function mbedtls_zeroize_and_free() Signed-off-by: Tom Cosgrove <tom.cosgrove@arm.com>

commit: ca8c61b81519176b5287548b0e789e97f8ca2802 [log] [tgz]
author: Tom Cosgrove <tom.cosgrove@arm.com> Mon Jul 17 15:17:40 2023 +0100
committer: Tom Cosgrove <tom.cosgrove@arm.com> Mon Jul 17 15:17:40 2023 +0100
tree: b6e1299c9105407f25cfb9d458ea317373f0f526
parent: b366fe955dc47ba6f15eae911d0fdb7e3b401e9f [diff] [blame]
diff --git a/library/common.h b/library/common.h
index 839b7d1..ce92238 100644
--- a/library/common.h
+++ b/library/common.h

@@ -114,6 +114,18 @@
  */
 #define MBEDTLS_ALLOW_PRIVATE_ACCESS
 
+/**
+ * \brief       Securely zeroize a buffer then free it.
+ *
+ *              Exactly the same as consecutive calls to
+ *              \c mbedtls_platform_zeroize() and \c mbedtls_free(), but has a
+ *              code size savings, and potential for optimisation in the future.
+ *
+ * \param buf   Buffer to be zeroized then freed. May be \c NULL.
+ * \param len   Length of the buffer in bytes
+ */
+void mbedtls_zeroize_and_free(void *buf, size_t len);
+
 /** Return an offset into a buffer.
  *
  * This is just the addition of an offset to a pointer, except that this
commit	ca8c61b81519176b5287548b0e789e97f8ca2802	[log] [tgz]
author	Tom Cosgrove <tom.cosgrove@arm.com>	Mon Jul 17 15:17:40 2023 +0100
committer	Tom Cosgrove <tom.cosgrove@arm.com>	Mon Jul 17 15:17:40 2023 +0100
tree	b6e1299c9105407f25cfb9d458ea317373f0f526
parent	b366fe955dc47ba6f15eae911d0fdb7e3b401e9f [diff] [blame]