commit 17e3998237f33311199ad2b10028d9762465e8d5
author Maulik Patel <maulik.patel@arm.com> Fri Jun 13 14:32:30 2025 +0100
committer Maulik Patel <maulik.patel@arm.com> Mon Jun 23 10:41:28 2025 +0100
tree 4f33343119146687cdd2b388d644ece664c478e6
parent 381aa15956845b51a1e0be47a44a45d15a2bc612

ADAC: Clear all internal state / context info

This patch clears the internal state and context information after
the authentication process is completed in the ADAC to ensure that
no sensitive data remains in memory.

Signed-off-by: Maulik Patel <maulik.patel@arm.com>
Change-Id: Ib22220f4a91a8b6520feb2a20ada3c265546c253

psa-adac/sda/include/psa_adac_sda.h

diff --git a/psa-adac/sda/include/psa_adac_sda.h b/psa-adac/sda/include/psa_adac_sda.h
index 1184502..86b2fb6 100644
--- a/psa-adac/sda/include/psa_adac_sda.h
+++ b/psa-adac/sda/include/psa_adac_sda.h
@@ -1,13 +1,16 @@
 /*
- * Copyright (c) 2020 Arm Limited. All rights reserved.
+ * SPDX-FileCopyrightText: Copyright The TrustedFirmware-M Contributors
+ *
  * SPDX-License-Identifier: BSD-3-Clause
+ *
  */
 
-#ifndef PSA_ADAC_SDA_H
-#define PSA_ADAC_SDA_H
+#ifndef __PSA_ADAC_SDA_H__
+#define __PSA_ADAC_SDA_H__
 
 #include <psa/crypto.h>
 #include <psa_adac.h>
+#include <platform/msg_interface.h>
 
 /** \addtogroup adac-sda
  * @{
@@ -33,8 +36,6 @@
     AUTH_FAILURE
 } authentication_state_t;
 
-#include <platform/msg_interface.h>
-
 typedef struct {
     uint8_t permissions_mask[16];
     psa_auth_challenge_t challenge;
@@ -53,6 +54,10 @@
                                  psa_algorithm_t rotpk_algo, uint8_t **rotpk, size_t *rotpk_size,
                                  uint8_t *rotpk_type, size_t rotpk_count);
 
+/** \brief Clear authentication context content
+ */
+void authentication_context_content_clear(authentication_context_t *auth_ctx);
+
 /**
  */
 response_packet_t *authentication_discovery(authentication_context_t *auth_ctx, request_packet_t *request);
@@ -76,4 +81,4 @@
 
 /**@}*/
 
-#endif //PSA_ADAC_SDA_H
+#endif /* __PSA_ADAC_SDA_H__ */

psa-adac/sda/src/psa_adac_sda.c

diff --git a/psa-adac/sda/src/psa_adac_sda.c b/psa-adac/sda/src/psa_adac_sda.c
index d8de906..b614227 100644
--- a/psa-adac/sda/src/psa_adac_sda.c
+++ b/psa-adac/sda/src/psa_adac_sda.c
@@ -334,6 +334,14 @@
     auth_ctx->state = AUTH_INIT;
 }
 
+void authentication_context_content_clear(authentication_context_t *auth_ctx)
+{
+    if(auth_ctx == NULL || auth_ctx->context.content == NULL) {
+        return;
+    }
+    memset(auth_ctx->context.content, 0, auth_ctx->context.max);
+}
+
 static response_packet_t *authentication_change_lcs(authentication_context_t *auth_ctx, request_packet_t *request)
 {
     adac_status_t status;

target/trusted-firmware-m/platform/arm/musca_b1/psa_adac_platform.c

diff --git a/target/trusted-firmware-m/platform/arm/musca_b1/psa_adac_platform.c b/target/trusted-firmware-m/platform/arm/musca_b1/psa_adac_platform.c
index 0556bb9..3c44e16 100644
--- a/target/trusted-firmware-m/platform/arm/musca_b1/psa_adac_platform.c
+++ b/target/trusted-firmware-m/platform/arm/musca_b1/psa_adac_platform.c
@@ -128,6 +128,7 @@
             ret = 0;
         }
 
+        authentication_context_content_clear(&auth_ctx);
         msg_interface_free(NULL);
     } else {
         PSA_ADAC_LOG_INFO("main", "%s:%d No secure debug connection.\r\n",

target/trusted-firmware-m/platform/arm/rse/common/psa_adac_platform.c

diff --git a/target/trusted-firmware-m/platform/arm/rse/common/psa_adac_platform.c b/target/trusted-firmware-m/platform/arm/rse/common/psa_adac_platform.c
index 2712cf9..38e34eb 100644
--- a/target/trusted-firmware-m/platform/arm/rse/common/psa_adac_platform.c
+++ b/target/trusted-firmware-m/platform/arm/rse/common/psa_adac_platform.c
@@ -179,7 +179,7 @@
         if (auth_ctx.state == AUTH_SUCCESS) {
             ret = 0;
         }
-
+        authentication_context_content_clear(&auth_ctx);
         msg_interface_free(NULL);
     } else {
         PSA_ADAC_LOG_INFO("main", "%s:%d No secure debug connection.\r\n",

transport_layer/transports/static_buffer_msg.c

diff --git a/transport_layer/transports/static_buffer_msg.c b/transport_layer/transports/static_buffer_msg.c
index d159a4a..36e6544 100644
--- a/transport_layer/transports/static_buffer_msg.c
+++ b/transport_layer/transports/static_buffer_msg.c
@@ -1,10 +1,11 @@
 /*
- * Copyright (c) 2020 Arm Limited. All rights reserved.
+ * SPDX-FileCopyrightText: Copyright The TrustedFirmware-M Contributors
+ *
  * SPDX-License-Identifier: BSD-3-Clause
+ *
  */
 
 #include "static_buffer_msg.h"
-
 #include <string.h>
 
 // TODO: Enforce alignment and sizes on 4 bytes
@@ -35,6 +36,10 @@
 int psa_adac_static_buffer_msg_release() {
     int ret = -1;
     if (psa_adac_static_buffer_status == BUFFER_EMPTY) {
+        if (psa_adac_static_buffer_pointer != NULL) {
+            /* Clear all accumulated info */
+            memset(psa_adac_static_buffer_pointer, 0, psa_adac_static_buffer_size);
+        }
         psa_adac_static_buffer_size = 0;
         psa_adac_static_buffer_pointer = NULL;
         psa_adac_static_buffer_status = BUFFER_UNINITIALIZED;