From d3838989d2440216227f7f3ec2beadf76bf9be7c Mon Sep 17 00:00:00 2001
From: Fabio Utzig <fabio.utzig@nordicsemi.no>
Date: Fri, 6 Nov 2020 15:10:30 -0300
Subject: [PATCH] bootutil: crypto: avoid unuseful memset

Avoid memset'ing a buffer that does not hold a secret; it contains
the encryption of the counter.

Signed-off-by: Fabio Utzig <fabio.utzig@nordicsemi.no>
---
 boot/bootutil/include/bootutil/crypto/aes_ctr.h | 10 ++--------
 1 file changed, 2 insertions(+), 8 deletions(-)

diff --git a/boot/bootutil/include/bootutil/crypto/aes_ctr.h b/boot/bootutil/include/bootutil/crypto/aes_ctr.h
index bc82e152..b2ba7a4e 100644
--- a/boot/bootutil/include/bootutil/crypto/aes_ctr.h
+++ b/boot/bootutil/include/bootutil/crypto/aes_ctr.h
@@ -62,19 +62,13 @@ static inline int bootutil_aes_ctr_set_key(bootutil_aes_ctr_context *ctx, const
 static inline int bootutil_aes_ctr_encrypt(bootutil_aes_ctr_context *ctx, uint8_t *counter, const uint8_t *m, uint32_t mlen, size_t blk_off, uint8_t *c)
 {
     uint8_t stream_block[BOOTUTIL_CRYPTO_AES_CTR_BLOCK_SIZE];
-    int rc;
-    rc = mbedtls_aes_crypt_ctr(ctx, mlen, &blk_off, counter, stream_block, m, c);
-    memset(stream_block, 0, BOOTUTIL_CRYPTO_AES_CTR_BLOCK_SIZE);
-    return rc;
+    return mbedtls_aes_crypt_ctr(ctx, mlen, &blk_off, counter, stream_block, m, c);
 }
 
 static inline int bootutil_aes_ctr_decrypt(bootutil_aes_ctr_context *ctx, uint8_t *counter, const uint8_t *c, uint32_t clen, size_t blk_off, uint8_t *m)
 {
     uint8_t stream_block[BOOTUTIL_CRYPTO_AES_CTR_BLOCK_SIZE];
-    int rc;
-    rc = mbedtls_aes_crypt_ctr(ctx, clen, &blk_off, counter, stream_block, c, m);
-    memset(stream_block, 0, BOOTUTIL_CRYPTO_AES_CTR_BLOCK_SIZE);
-    return rc;
+    return mbedtls_aes_crypt_ctr(ctx, clen, &blk_off, counter, stream_block, c, m);
 }
 #endif /* MCUBOOT_USE_MBED_TLS */