From 06b6b8c8d6752d4da7d58f80cb52c41e2f2a30a5 Mon Sep 17 00:00:00 2001
From: Paul Elliott <paul.elliott@arm.com>
Date: Mon, 13 Sep 2021 19:02:04 +0100
Subject: [PATCH] Add missing zeroize for sensitive tag data.

Signed-off-by: Paul Elliott <paul.elliott@arm.com>
---
 library/psa_crypto_driver_wrappers.c | 2 ++
 1 file changed, 2 insertions(+)

diff --git a/library/psa_crypto_driver_wrappers.c b/library/psa_crypto_driver_wrappers.c
index 1dd3b2db92..5e7eb11ccf 100644
--- a/library/psa_crypto_driver_wrappers.c
+++ b/library/psa_crypto_driver_wrappers.c
@@ -1760,6 +1760,8 @@ psa_status_t psa_driver_wrapper_aead_verify(
                         status = PSA_ERROR_INVALID_SIGNATURE;
                 }
 
+                mbedtls_platform_zeroize( check_tag, sizeof( check_tag ) );
+
                 return( status );
             }