Use mbedtls_zeroize_and_free() in psa_remove_key_data_from_memory()

Signed-off-by: Tom Cosgrove <tom.cosgrove@arm.com>
This commit is contained in:
Tom Cosgrove 2023-08-01 09:08:48 +01:00
parent bc345e8685
commit 52f7e18042

View file

@ -1088,13 +1088,10 @@ static psa_status_t psa_get_and_lock_transparent_key_slot_with_policy(
psa_status_t psa_remove_key_data_from_memory(psa_key_slot_t *slot)
{
/* Data pointer will always be either a valid pointer or NULL in an
* initialized slot, so we can just free it. */
if (slot->key.data != NULL) {
mbedtls_platform_zeroize(slot->key.data, slot->key.bytes);
mbedtls_zeroize_and_free(slot->key.data, slot->key.bytes);
}
mbedtls_free(slot->key.data);
slot->key.data = NULL;
slot->key.bytes = 0;