From 4f5eb7cb5411fea304a10f1eadaa9ddeded16395 Mon Sep 17 00:00:00 2001
From: mohammad1603 <mohammad.abomokh@arm.com>
Date: Mon, 30 Apr 2018 17:23:47 +0300
Subject: [PATCH] Fill the the output buffer with zero data in case of failure

---
 library/psa_crypto.c | 7 +++++--
 1 file changed, 5 insertions(+), 2 deletions(-)

diff --git a/library/psa_crypto.c b/library/psa_crypto.c
index 7589432c9..0ed9dd9bf 100755
--- a/library/psa_crypto.c
+++ b/library/psa_crypto.c
@@ -1528,6 +1528,7 @@ psa_status_t psa_aead_encrypt( psa_key_slot_t key,
         if( ret != 0 )
         {
             mbedtls_gcm_free( &gcm );
+            mbedtls_zeroize( ciphertext, plaintext_length );
             return( mbedtls_to_psa_error( ret ) );
         }
 
@@ -1554,6 +1555,7 @@ psa_status_t psa_aead_encrypt( psa_key_slot_t key,
         if( ret != 0 )
         {
             mbedtls_ccm_free( &ccm );
+            mbedtls_zeroize( ciphertext, plaintext_length );
             return( mbedtls_to_psa_error( ret ) );
         }
 
@@ -1622,6 +1624,7 @@ psa_status_t psa_aead_decrypt( psa_key_slot_t key,
         if( ret != 0 )
         {
             mbedtls_gcm_free( &gcm );
+            mbedtls_zeroize( plaintext, ciphertext_length );
             return( mbedtls_to_psa_error( ret ) );
         }
 
@@ -1649,14 +1652,14 @@ psa_status_t psa_aead_decrypt( psa_key_slot_t key,
         if( ret != 0 )
         {
             mbedtls_ccm_free( &ccm );
+            mbedtls_zeroize( plaintext, ciphertext_length );
             return( mbedtls_to_psa_error( ret ) );
         }
 
         mbedtls_ccm_free( &ccm );
     }
 
-    memcpy( plaintext + ciphertext_length, tag, sizeof( tag ) );
-    *plaintext_length = ciphertext_length + sizeof( tag );
+    *plaintext_length = ciphertext_length;
     return( PSA_SUCCESS );
 }