erase early secrets and transcripts
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
diff --git a/library/ssl_tls13_keys.c b/library/ssl_tls13_keys.c
index 43f6ab6..3d20ab7 100644
--- a/library/ssl_tls13_keys.c
+++ b/library/ssl_tls13_keys.c
@@ -1124,7 +1124,7 @@
if( ret != 0 )
{
MBEDTLS_SSL_DEBUG_RET( 1, "ssl_tls13_get_cipher_key_info", ret );
- return( ret );
+ goto cleanup;
}
md_type = ciphersuite_info->mac;
@@ -1141,7 +1141,7 @@
MBEDTLS_SSL_DEBUG_RET( 1,
"mbedtls_ssl_get_handshake_transcript",
ret );
- return( ret );
+ goto cleanup;
}
ret = mbedtls_ssl_tls13_derive_early_secrets(
@@ -1151,7 +1151,7 @@
{
MBEDTLS_SSL_DEBUG_RET(
1, "mbedtls_ssl_tls13_derive_early_secrets", ret );
- return( ret );
+ goto cleanup;
}
MBEDTLS_SSL_DEBUG_BUF(
@@ -1181,7 +1181,7 @@
if( ret != 0 )
{
MBEDTLS_SSL_DEBUG_RET( 1, "ssl_tls13_make_traffic_key", ret );
- return( 0 );
+ goto cleanup;
}
traffic_keys->key_len = key_len;
traffic_keys->iv_len = iv_len;
@@ -1196,7 +1196,12 @@
MBEDTLS_SSL_DEBUG_MSG( 2, ( "<= ssl_tls13_generate_early_key" ) );
- return( 0 );
+cleanup:
+ /* Erase secret and transcript */
+ mbedtls_platform_zeroize(
+ tls13_early_secrets, sizeof( mbedtls_ssl_tls13_early_secrets ) );
+ mbedtls_platform_zeroize( transcript, sizeof( transcript ) );
+ return( ret );
}
int mbedtls_ssl_tls13_compute_early_transform( mbedtls_ssl_context *ssl )
