From 3aca61fdfc5332dcdfba8066e043e44c7823dd9d Mon Sep 17 00:00:00 2001 From: Neil Armstrong Date: Mon, 14 Mar 2022 14:24:48 +0100 Subject: [PATCH] Zeroise stack buffer containing private key Signed-off-by: Neil Armstrong --- library/pk_wrap.c | 1 + 1 file changed, 1 insertion(+) diff --git a/library/pk_wrap.c b/library/pk_wrap.c index 53cf7cbed..59ec307c4 100644 --- a/library/pk_wrap.c +++ b/library/pk_wrap.c @@ -917,6 +917,7 @@ static int ecdsa_sign_wrap( void *ctx_arg, mbedtls_md_type_t md_alg, ret = pk_ecdsa_sig_asn1_from_psa( sig, sig_len, sig_size ); cleanup: + mbedtls_platform_zeroize( buf, sizeof( buf ) ); status = psa_destroy_key( key_id ); if( ret == 0 && status != PSA_SUCCESS ) ret = mbedtls_pk_error_from_psa( status );