Zero AES key when marking invalid Signed-off-by: Fabio Utzig <utzig@apache.org>

commit: 268ace0f6bdeae2bf5615073e7111cea668fb820 [log] [tgz]
author: Fabio Utzig <utzig@apache.org> Mon Aug 19 11:11:41 2019 -0300
committer: Fabio Utzig <utzig@utzig.org> Mon Sep 09 10:00:09 2019 -0300
tree: 9c70eb187e72e7f7f1d94704656733c505a5da4b
parent: 6ace9ee95cb46b787e0efc61da1f7461d3ab3f64 [diff]
diff --git a/boot/bootutil/src/encrypted.c b/boot/bootutil/src/encrypted.c
index e2e8211..c2c656d 100644
--- a/boot/bootutil/src/encrypted.c
+++ b/boot/bootutil/src/encrypted.c

@@ -325,7 +325,8 @@
 {
     size_t slot;
 
-    for(slot = 0; slot < BOOT_NUM_SLOTS; ++slot) {
+    for (slot = 0; slot < BOOT_NUM_SLOTS; ++slot) {
+        memset(&enc_state[slot].aes, 0, sizeof(enc_state[slot].aes));
         enc_state[slot].valid = 0;
     }
 }
commit	268ace0f6bdeae2bf5615073e7111cea668fb820	[log] [tgz]
author	Fabio Utzig <utzig@apache.org>	Mon Aug 19 11:11:41 2019 -0300
committer	Fabio Utzig <utzig@utzig.org>	Mon Sep 09 10:00:09 2019 -0300
tree	9c70eb187e72e7f7f1d94704656733c505a5da4b
parent	6ace9ee95cb46b787e0efc61da1f7461d3ab3f64 [diff]