Introduce polarssl_zeroize() instead of memset() for zeroization
diff --git a/library/aes.c b/library/aes.c
index c03cbbe..38e5e95 100644
--- a/library/aes.c
+++ b/library/aes.c
@@ -53,6 +53,11 @@
#if !defined(POLARSSL_AES_ALT)
+/* Implementation that should never be optimized out by the compiler */
+static void polarssl_zeroize( void *v, size_t n ) {
+ volatile unsigned char *p = v; while( n-- ) *p++ = 0;
+}
+
/*
* 32-bit integer manipulation macros (little endian)
*/
@@ -633,7 +638,7 @@
#if defined(POLARSSL_AESNI_C) && defined(POLARSSL_HAVE_X86_64)
done:
#endif
- memset( &cty, 0, sizeof( aes_context ) );
+ polarssl_zeroize( &cty, sizeof( aes_context ) );
return( 0 );
}
diff --git a/library/bignum.c b/library/bignum.c
index 56670d4..eda046c 100644
--- a/library/bignum.c
+++ b/library/bignum.c
@@ -51,6 +51,11 @@
#include <stdlib.h>
+/* Implementation that should never be optimized out by the compiler */
+static void polarssl_zeroize( void *v, size_t n ) {
+ volatile unsigned char *p = v; while( n-- ) *p++ = 0;
+}
+
#define ciL (sizeof(t_uint)) /* chars in limb */
#define biL (ciL << 3) /* bits in limb */
#define biH (ciL << 2) /* half limb size */
@@ -84,7 +89,7 @@
if( X->p != NULL )
{
- memset( X->p, 0, X->n * ciL );
+ polarssl_zeroize( X->p, X->n * ciL );
polarssl_free( X->p );
}
@@ -113,7 +118,7 @@
if( X->p != NULL )
{
memcpy( p, X->p, X->n * ciL );
- memset( X->p, 0, X->n * ciL );
+ polarssl_zeroize( X->p, X->n * ciL );
polarssl_free( X->p );
}
@@ -153,7 +158,7 @@
if( X->p != NULL )
{
memcpy( p, X->p, i * ciL );
- memset( X->p, 0, X->n * ciL );
+ polarssl_zeroize( X->p, X->n * ciL );
polarssl_free( X->p );
}
diff --git a/library/camellia.c b/library/camellia.c
index 306be61..9fab664 100644
--- a/library/camellia.c
+++ b/library/camellia.c
@@ -47,6 +47,11 @@
#if !defined(POLARSSL_CAMELLIA_ALT)
+/* Implementation that should never be optimized out by the compiler */
+static void polarssl_zeroize( void *v, size_t n ) {
+ volatile unsigned char *p = v; while( n-- ) *p++ = 0;
+}
+
/*
* 32-bit integer manipulation macros (big endian)
*/
@@ -463,7 +468,7 @@
*RK++ = *SK++;
*RK++ = *SK++;
- memset( &cty, 0, sizeof( camellia_context ) );
+ polarssl_zeroize( &cty, sizeof( camellia_context ) );
return( 0 );
}
diff --git a/library/ccm.c b/library/ccm.c
index f245d68..91dee67 100644
--- a/library/ccm.c
+++ b/library/ccm.c
@@ -42,6 +42,11 @@
#include "polarssl/ccm.h"
+/* Implementation that should never be optimized out by the compiler */
+static void polarssl_zeroize( void *v, size_t n ) {
+ volatile unsigned char *p = v; while( n-- ) *p++ = 0;
+}
+
#define CCM_ENCRYPT 0
#define CCM_DECRYPT 1
@@ -81,7 +86,7 @@
void ccm_free( ccm_context *ctx )
{
(void) cipher_free_ctx( &ctx->cipher_ctx );
- memset( ctx, 0, sizeof( ccm_context ) );
+ polarssl_zeroize( ctx, sizeof( ccm_context ) );
}
/*
@@ -320,7 +325,7 @@
if( diff != 0 )
{
- memset( output, 0, length );
+ polarssl_zeroize( output, length );
return( POLARSSL_ERR_CCM_AUTH_FAILED );
}
diff --git a/library/cipher.c b/library/cipher.c
index 4f76b48..794f34f 100644
--- a/library/cipher.c
+++ b/library/cipher.c
@@ -57,6 +57,11 @@
#define strcasecmp _stricmp
#endif
+/* Implementation that should never be optimized out by the compiler */
+static void polarssl_zeroize( void *v, size_t n ) {
+ volatile unsigned char *p = v; while( n-- ) *p++ = 0;
+}
+
static int supported_init = 0;
const int *cipher_list( void )
@@ -152,6 +157,7 @@
return POLARSSL_ERR_CIPHER_BAD_INPUT_DATA;
ctx->cipher_info->base->ctx_free_func( ctx->cipher_ctx );
+ polarssl_zeroize( ctx, sizeof(cipher_context_t) );
return 0;
}
diff --git a/library/cipher_wrap.c b/library/cipher_wrap.c
index e80a365..c045322 100644
--- a/library/cipher_wrap.c
+++ b/library/cipher_wrap.c
@@ -74,6 +74,11 @@
#include <stdlib.h>
+/* Implementation that should never be optimized out by the compiler */
+static void polarssl_zeroize( void *v, size_t n ) {
+ volatile unsigned char *p = v; while( n-- ) *p++ = 0;
+}
+
#if defined(POLARSSL_GCM_C)
/* shared by all GCM ciphers */
static void *gcm_ctx_alloc( void )
@@ -187,6 +192,7 @@
static void aes_ctx_free( void *ctx )
{
+ polarssl_zeroize( ctx, sizeof( aes_context ) );
polarssl_free( ctx );
}
@@ -540,6 +546,7 @@
static void camellia_ctx_free( void *ctx )
{
+ polarssl_zeroize( ctx, sizeof( camellia_context ) );
polarssl_free( ctx );
}
@@ -948,6 +955,13 @@
static void des_ctx_free( void *ctx )
{
+ polarssl_zeroize( ctx, sizeof( des_context ) );
+ polarssl_free( ctx );
+}
+
+static void des3_ctx_free( void *ctx )
+{
+ polarssl_zeroize( ctx, sizeof( des3_context ) );
polarssl_free( ctx );
}
@@ -998,7 +1012,7 @@
des3_set2key_enc_wrap,
des3_set2key_dec_wrap,
des3_ctx_alloc,
- des_ctx_free
+ des3_ctx_free
};
const cipher_info_t des_ede_ecb_info = {
@@ -1035,7 +1049,7 @@
des3_set3key_enc_wrap,
des3_set3key_dec_wrap,
des3_ctx_alloc,
- des_ctx_free
+ des3_ctx_free
};
const cipher_info_t des_ede3_ecb_info = {
@@ -1143,6 +1157,7 @@
static void blowfish_ctx_free( void *ctx )
{
+ polarssl_zeroize( ctx, sizeof( blowfish_context ) );
polarssl_free( ctx );
}
@@ -1236,6 +1251,7 @@
static void arc4_ctx_free( void *ctx )
{
+ polarssl_zeroize( ctx, sizeof( arc4_context ) );
polarssl_free( ctx );
}
diff --git a/library/des.c b/library/des.c
index 2f06af3..a979096 100644
--- a/library/des.c
+++ b/library/des.c
@@ -47,6 +47,11 @@
#if !defined(POLARSSL_DES_ALT)
+/* Implementation that should never be optimized out by the compiler */
+static void polarssl_zeroize( void *v, size_t n ) {
+ volatile unsigned char *p = v; while( n-- ) *p++ = 0;
+}
+
/*
* 32-bit integer manipulation macros (big endian)
*/
@@ -519,7 +524,7 @@
uint32_t sk[96];
des3_set2key( ctx->sk, sk, key );
- memset( sk, 0, sizeof( sk ) );
+ polarssl_zeroize( sk, sizeof( sk ) );
return( 0 );
}
@@ -533,7 +538,7 @@
uint32_t sk[96];
des3_set2key( sk, ctx->sk, key );
- memset( sk, 0, sizeof( sk ) );
+ polarssl_zeroize( sk, sizeof( sk ) );
return( 0 );
}
@@ -570,7 +575,7 @@
uint32_t sk[96];
des3_set3key( ctx->sk, sk, key );
- memset( sk, 0, sizeof( sk ) );
+ polarssl_zeroize( sk, sizeof( sk ) );
return( 0 );
}
@@ -584,7 +589,7 @@
uint32_t sk[96];
des3_set3key( sk, ctx->sk, key );
- memset( sk, 0, sizeof( sk ) );
+ polarssl_zeroize( sk, sizeof( sk ) );
return( 0 );
}
diff --git a/library/dhm.c b/library/dhm.c
index 41c573d..362cd1d 100644
--- a/library/dhm.c
+++ b/library/dhm.c
@@ -55,6 +55,11 @@
#define polarssl_free free
#endif
+/* Implementation that should never be optimized out by the compiler */
+static void polarssl_zeroize( void *v, size_t n ) {
+ volatile unsigned char *p = v; while( n-- ) *p++ = 0;
+}
+
/*
* helper to validate the mpi size and import it
*/
@@ -395,7 +400,7 @@
mpi_free( &ctx->GX ); mpi_free( &ctx->X ); mpi_free( &ctx->G );
mpi_free( &ctx->P );
- memset( ctx, 0, sizeof( dhm_context ) );
+ polarssl_zeroize( ctx, sizeof( dhm_context ) );
}
#if defined(POLARSSL_ASN1_PARSE_C)
@@ -535,7 +540,7 @@
ret = dhm_parse_dhm( dhm, buf, n );
- memset( buf, 0, n + 1 );
+ polarssl_zeroize( buf, n + 1 );
polarssl_free( buf );
return( ret );
diff --git a/library/ecp.c b/library/ecp.c
index ca0ce7e..0c9c483 100644
--- a/library/ecp.c
+++ b/library/ecp.c
@@ -77,6 +77,11 @@
#endif /* __ARMCC_VERSION */
#endif /*_MSC_VER */
+/* Implementation that should never be optimized out by the compiler */
+static void polarssl_zeroize( void *v, size_t n ) {
+ volatile unsigned char *p = v; while( n-- ) *p++ = 0;
+}
+
#if defined(POLARSSL_SELF_TEST)
/*
* Counts of point addition and doubling, and field multiplications.
@@ -344,7 +349,7 @@
polarssl_free( grp->T );
}
- memset( grp, 0, sizeof( ecp_group ) );
+ polarssl_zeroize( grp, sizeof( ecp_group ) );
}
/*
diff --git a/library/entropy.c b/library/entropy.c
index c01acf3..0560c39 100644
--- a/library/entropy.c
+++ b/library/entropy.c
@@ -42,6 +42,11 @@
#include "polarssl/havege.h"
#endif
+/* Implementation that should never be optimized out by the compiler */
+static void polarssl_zeroize( void *v, size_t n ) {
+ volatile unsigned char *p = v; while( n-- ) *p++ = 0;
+}
+
#define ENTROPY_MAX_LOOP 256 /**< Maximum amount to loop before error */
void entropy_init( entropy_context *ctx )
@@ -78,7 +83,7 @@
void entropy_free( entropy_context *ctx )
{
- ((void) ctx);
+ polarssl_zeroize( ctx, sizeof( entropy_context ) );
#if defined(POLARSSL_THREADING_C)
polarssl_mutex_free( &ctx->mutex );
#endif
diff --git a/library/gcm.c b/library/gcm.c
index 62fe185..c96da4e 100644
--- a/library/gcm.c
+++ b/library/gcm.c
@@ -76,6 +76,11 @@
}
#endif
+/* Implementation that should never be optimized out by the compiler */
+static void polarssl_zeroize( void *v, size_t n ) {
+ volatile unsigned char *p = v; while( n-- ) *p++ = 0;
+}
+
/*
* Precompute small multiples of H, that is set
* HH[i] || HL[i] = H times i,
@@ -464,7 +469,7 @@
if( diff != 0 )
{
- memset( output, 0, length );
+ polarssl_zeroize( output, length );
return( POLARSSL_ERR_GCM_AUTH_FAILED );
}
@@ -474,7 +479,7 @@
void gcm_free( gcm_context *ctx )
{
(void) cipher_free_ctx( &ctx->cipher_ctx );
- memset( ctx, 0, sizeof( gcm_context ) );
+ polarssl_zeroize( ctx, sizeof( gcm_context ) );
}
#if defined(POLARSSL_SELF_TEST) && defined(POLARSSL_AES_C)
diff --git a/library/hmac_drbg.c b/library/hmac_drbg.c
index 619b446..30307b0 100644
--- a/library/hmac_drbg.c
+++ b/library/hmac_drbg.c
@@ -49,6 +49,11 @@
#define polarssl_printf printf
#endif
+/* Implementation that should never be optimized out by the compiler */
+static void polarssl_zeroize( void *v, size_t n ) {
+ volatile unsigned char *p = v; while( n-- ) *p++ = 0;
+}
+
/*
* HMAC_DRBG update, using optional additional data (10.1.2.2)
*/
@@ -305,7 +310,7 @@
md_free_ctx( &ctx->md_ctx );
- memset( ctx, 0, sizeof( hmac_drbg_context ) );
+ polarssl_zeroize( ctx, sizeof( hmac_drbg_context ) );
}
#if defined(POLARSSL_FS_IO)
diff --git a/library/md.c b/library/md.c
index 4a92cd4..558f829 100644
--- a/library/md.c
+++ b/library/md.c
@@ -45,6 +45,11 @@
#define strcasecmp _stricmp
#endif
+/* Implementation that should never be optimized out by the compiler */
+static void polarssl_zeroize( void *v, size_t n ) {
+ volatile unsigned char *p = v; while( n-- ) *p++ = 0;
+}
+
static const int supported_digests[] = {
#if defined(POLARSSL_MD2_C)
@@ -190,7 +195,8 @@
return POLARSSL_ERR_MD_BAD_INPUT_DATA;
ctx->md_info->ctx_free_func( ctx->md_ctx );
- ctx->md_ctx = NULL;
+
+ polarssl_zeroize( ctx, sizeof( md_context_t ) );
return 0;
}
diff --git a/library/md2.c b/library/md2.c
index 71f8d0b..589c5cc 100644
--- a/library/md2.c
+++ b/library/md2.c
@@ -49,6 +49,11 @@
#define polarssl_printf printf
#endif
+/* Implementation that should never be optimized out by the compiler */
+static void polarssl_zeroize( void *v, size_t n ) {
+ volatile unsigned char *p = v; while( n-- ) *p++ = 0;
+}
+
#if !defined(POLARSSL_MD2_ALT)
static const unsigned char PI_SUBST[256] =
@@ -188,7 +193,7 @@
md2_update( &ctx, input, ilen );
md2_finish( &ctx, output );
- memset( &ctx, 0, sizeof( md2_context ) );
+ polarssl_zeroize( &ctx, sizeof( md2_context ) );
}
#if defined(POLARSSL_FS_IO)
@@ -212,7 +217,7 @@
md2_finish( &ctx, output );
- memset( &ctx, 0, sizeof( md2_context ) );
+ polarssl_zeroize( &ctx, sizeof( md2_context ) );
if( ferror( f ) != 0 )
{
@@ -253,7 +258,7 @@
md2_starts( ctx );
md2_update( ctx, ctx->ipad, 16 );
- memset( sum, 0, sizeof( sum ) );
+ polarssl_zeroize( sum, sizeof( sum ) );
}
/*
@@ -278,7 +283,7 @@
md2_update( ctx, tmpbuf, 16 );
md2_finish( ctx, output );
- memset( tmpbuf, 0, sizeof( tmpbuf ) );
+ polarssl_zeroize( tmpbuf, sizeof( tmpbuf ) );
}
/*
@@ -303,7 +308,7 @@
md2_hmac_update( &ctx, input, ilen );
md2_hmac_finish( &ctx, output );
- memset( &ctx, 0, sizeof( md2_context ) );
+ polarssl_zeroize( &ctx, sizeof( md2_context ) );
}
#if defined(POLARSSL_SELF_TEST)
diff --git a/library/md4.c b/library/md4.c
index 97cb5f0..ccde1a1 100644
--- a/library/md4.c
+++ b/library/md4.c
@@ -49,6 +49,11 @@
#define polarssl_printf printf
#endif
+/* Implementation that should never be optimized out by the compiler */
+static void polarssl_zeroize( void *v, size_t n ) {
+ volatile unsigned char *p = v; while( n-- ) *p++ = 0;
+}
+
#if !defined(POLARSSL_MD4_ALT)
/*
@@ -284,7 +289,7 @@
md4_update( &ctx, input, ilen );
md4_finish( &ctx, output );
- memset( &ctx, 0, sizeof( md4_context ) );
+ polarssl_zeroize( &ctx, sizeof( md4_context ) );
}
#if defined(POLARSSL_FS_IO)
@@ -308,7 +313,7 @@
md4_finish( &ctx, output );
- memset( &ctx, 0, sizeof( md4_context ) );
+ polarssl_zeroize( &ctx, sizeof( md4_context ) );
if( ferror( f ) != 0 )
{
@@ -349,7 +354,7 @@
md4_starts( ctx );
md4_update( ctx, ctx->ipad, 64 );
- memset( sum, 0, sizeof( sum ) );
+ polarssl_zeroize( sum, sizeof( sum ) );
}
/*
@@ -374,7 +379,7 @@
md4_update( ctx, tmpbuf, 16 );
md4_finish( ctx, output );
- memset( tmpbuf, 0, sizeof( tmpbuf ) );
+ polarssl_zeroize( tmpbuf, sizeof( tmpbuf ) );
}
/*
@@ -399,7 +404,7 @@
md4_hmac_update( &ctx, input, ilen );
md4_hmac_finish( &ctx, output );
- memset( &ctx, 0, sizeof( md4_context ) );
+ polarssl_zeroize( &ctx, sizeof( md4_context ) );
}
#if defined(POLARSSL_SELF_TEST)
diff --git a/library/md5.c b/library/md5.c
index 87e2b1d..ca16317 100644
--- a/library/md5.c
+++ b/library/md5.c
@@ -48,6 +48,11 @@
#define polarssl_printf printf
#endif
+/* Implementation that should never be optimized out by the compiler */
+static void polarssl_zeroize( void *v, size_t n ) {
+ volatile unsigned char *p = v; while( n-- ) *p++ = 0;
+}
+
#if !defined(POLARSSL_MD5_ALT)
/*
@@ -301,7 +306,7 @@
md5_update( &ctx, input, ilen );
md5_finish( &ctx, output );
- memset( &ctx, 0, sizeof( md5_context ) );
+ polarssl_zeroize( &ctx, sizeof( md5_context ) );
}
#if defined(POLARSSL_FS_IO)
@@ -325,7 +330,7 @@
md5_finish( &ctx, output );
- memset( &ctx, 0, sizeof( md5_context ) );
+ polarssl_zeroize( &ctx, sizeof( md5_context ) );
if( ferror( f ) != 0 )
{
@@ -366,7 +371,7 @@
md5_starts( ctx );
md5_update( ctx, ctx->ipad, 64 );
- memset( sum, 0, sizeof( sum ) );
+ polarssl_zeroize( sum, sizeof( sum ) );
}
/*
@@ -391,7 +396,7 @@
md5_update( ctx, tmpbuf, 16 );
md5_finish( ctx, output );
- memset( tmpbuf, 0, sizeof( tmpbuf ) );
+ polarssl_zeroize( tmpbuf, sizeof( tmpbuf ) );
}
/*
@@ -416,7 +421,7 @@
md5_hmac_update( &ctx, input, ilen );
md5_hmac_finish( &ctx, output );
- memset( &ctx, 0, sizeof( md5_context ) );
+ polarssl_zeroize( &ctx, sizeof( md5_context ) );
}
#if defined(POLARSSL_SELF_TEST)
diff --git a/library/md_wrap.c b/library/md_wrap.c
index 9627878..6447622 100644
--- a/library/md_wrap.c
+++ b/library/md_wrap.c
@@ -74,6 +74,11 @@
#include <stdlib.h>
+/* Implementation that should never be optimized out by the compiler */
+static void polarssl_zeroize( void *v, size_t n ) {
+ volatile unsigned char *p = v; while( n-- ) *p++ = 0;
+}
+
#if defined(POLARSSL_MD2_C)
static void md2_starts_wrap( void *ctx )
@@ -132,6 +137,7 @@
static void md2_ctx_free( void *ctx )
{
+ polarssl_zeroize( ctx, sizeof( md2_context ) );
polarssl_free( ctx );
}
@@ -221,6 +227,7 @@
static void md4_ctx_free( void *ctx )
{
+ polarssl_zeroize( ctx, sizeof( md4_context ) );
polarssl_free( ctx );
}
@@ -308,6 +315,7 @@
static void md5_ctx_free( void *ctx )
{
+ polarssl_zeroize( ctx, sizeof( md5_context ) );
polarssl_free( ctx );
}
@@ -395,6 +403,7 @@
static void ripemd160_ctx_free( void *ctx )
{
+ polarssl_zeroize( ctx, sizeof( ripemd160_context ) );
polarssl_free( ctx );
}
@@ -482,6 +491,7 @@
static void sha1_ctx_free( void *ctx )
{
+ polarssl_zeroize( ctx, sizeof( sha1_context ) );
polarssl_free( ctx );
}
@@ -585,6 +595,7 @@
static void sha224_ctx_free( void *ctx )
{
+ polarssl_zeroize( ctx, sizeof( sha256_context ) );
polarssl_free( ctx );
}
@@ -681,6 +692,7 @@
static void sha256_ctx_free( void *ctx )
{
+ polarssl_zeroize( ctx, sizeof( sha256_context ) );
polarssl_free( ctx );
}
@@ -781,6 +793,7 @@
static void sha384_ctx_free( void *ctx )
{
+ polarssl_zeroize( ctx, sizeof( sha512_context ) );
polarssl_free( ctx );
}
@@ -877,6 +890,7 @@
static void sha512_ctx_free( void *ctx )
{
+ polarssl_zeroize( ctx, sizeof( sha512_context ) );
polarssl_free( ctx );
}
diff --git a/library/memory_buffer_alloc.c b/library/memory_buffer_alloc.c
index 7dfeda9..81862fc 100644
--- a/library/memory_buffer_alloc.c
+++ b/library/memory_buffer_alloc.c
@@ -52,6 +52,11 @@
#define polarssl_fprintf fprintf
#endif
+/* Implementation that should never be optimized out by the compiler */
+static void polarssl_zeroize( void *v, size_t n ) {
+ volatile unsigned char *p = v; while( n-- ) *p++ = 0;
+}
+
#define MAGIC1 0xFF00AA55
#define MAGIC2 0xEE119966
#define MAX_BT 20
@@ -578,7 +583,7 @@
#if defined(POLARSSL_THREADING_C)
polarssl_mutex_free( &heap.mutex );
#endif
- memset( &heap, 0, sizeof(buffer_alloc_ctx) );
+ polarssl_zeroize( &heap, sizeof(buffer_alloc_ctx) );
}
#endif /* POLARSSL_MEMORY_BUFFER_ALLOC_C */
diff --git a/library/pem.c b/library/pem.c
index 3dd3b79..4e00b63 100644
--- a/library/pem.c
+++ b/library/pem.c
@@ -46,6 +46,11 @@
#include <stdlib.h>
+/* Implementation that should never be optimized out by the compiler */
+static void polarssl_zeroize( void *v, size_t n ) {
+ volatile unsigned char *p = v; while( n-- ) *p++ = 0;
+}
+
#if defined(POLARSSL_PEM_PARSE_C)
void pem_init( pem_context *ctx )
{
@@ -99,8 +104,8 @@
{
memcpy( key, md5sum, keylen );
- memset( &md5_ctx, 0, sizeof( md5_ctx ) );
- memset( md5sum, 0, 16 );
+ polarssl_zeroize( &md5_ctx, sizeof( md5_ctx ) );
+ polarssl_zeroize( md5sum, 16 );
return;
}
@@ -121,8 +126,8 @@
memcpy( key + 16, md5sum, use_len );
- memset( &md5_ctx, 0, sizeof( md5_ctx ) );
- memset( md5sum, 0, 16 );
+ polarssl_zeroize( &md5_ctx, sizeof( md5_ctx ) );
+ polarssl_zeroize( md5sum, 16 );
}
#if defined(POLARSSL_DES_C)
@@ -142,8 +147,8 @@
des_crypt_cbc( &des_ctx, DES_DECRYPT, buflen,
des_iv, buf, buf );
- memset( &des_ctx, 0, sizeof( des_ctx ) );
- memset( des_key, 0, 8 );
+ polarssl_zeroize( &des_ctx, sizeof( des_ctx ) );
+ polarssl_zeroize( des_key, 8 );
}
/*
@@ -162,8 +167,8 @@
des3_crypt_cbc( &des3_ctx, DES_DECRYPT, buflen,
des3_iv, buf, buf );
- memset( &des3_ctx, 0, sizeof( des3_ctx ) );
- memset( des3_key, 0, 24 );
+ polarssl_zeroize( &des3_ctx, sizeof( des3_ctx ) );
+ polarssl_zeroize( des3_key, 24 );
}
#endif /* POLARSSL_DES_C */
@@ -184,8 +189,8 @@
aes_crypt_cbc( &aes_ctx, AES_DECRYPT, buflen,
aes_iv, buf, buf );
- memset( &aes_ctx, 0, sizeof( aes_ctx ) );
- memset( aes_key, 0, keylen );
+ polarssl_zeroize( &aes_ctx, sizeof( aes_ctx ) );
+ polarssl_zeroize( aes_key, keylen );
}
#endif /* POLARSSL_AES_C */
@@ -373,7 +378,7 @@
polarssl_free( ctx->buf );
polarssl_free( ctx->info );
- memset( ctx, 0, sizeof( pem_context ) );
+ polarssl_zeroize( ctx, sizeof( pem_context ) );
}
#endif /* POLARSSL_PEM_PARSE_C */
diff --git a/library/pk.c b/library/pk.c
index 8000c10..e923d79 100644
--- a/library/pk.c
+++ b/library/pk.c
@@ -44,6 +44,11 @@
#include "polarssl/ecdsa.h"
#endif
+/* Implementation that should never be optimized out by the compiler */
+static void polarssl_zeroize( void *v, size_t n ) {
+ volatile unsigned char *p = v; while( n-- ) *p++ = 0;
+}
+
/*
* Initialise a pk_context
*/
@@ -65,9 +70,8 @@
return;
ctx->pk_info->ctx_free_func( ctx->pk_ctx );
- ctx->pk_ctx = NULL;
- ctx->pk_info = NULL;
+ polarssl_zeroize( ctx, sizeof( pk_context ) );
}
/*
diff --git a/library/pk_wrap.c b/library/pk_wrap.c
index 6bfc4d2..56739b7 100644
--- a/library/pk_wrap.c
+++ b/library/pk_wrap.c
@@ -52,6 +52,11 @@
#define polarssl_free free
#endif
+/* Implementation that should never be optimized out by the compiler */
+static void polarssl_zeroize( void *v, size_t n ) {
+ volatile unsigned char *p = v; while( n-- ) *p++ = 0;
+}
+
#if defined(POLARSSL_RSA_C)
static int rsa_can_do( pk_type_t type )
{
@@ -426,6 +431,7 @@
static void rsa_alt_free_wrap( void *ctx )
{
+ polarssl_zeroize( ctx, sizeof( rsa_alt_context ) );
polarssl_free( ctx );
}
diff --git a/library/pkparse.c b/library/pkparse.c
index b3d3b1d..cd5be92 100644
--- a/library/pkparse.c
+++ b/library/pkparse.c
@@ -62,6 +62,11 @@
#define polarssl_free free
#endif
+/* Implementation that should never be optimized out by the compiler */
+static void polarssl_zeroize( void *v, size_t n ) {
+ volatile unsigned char *p = v; while( n-- ) *p++ = 0;
+}
+
#if defined(POLARSSL_FS_IO)
/*
* Load all data from a file into a given buffer.
@@ -124,7 +129,7 @@
ret = pk_parse_key( ctx, buf, n,
(const unsigned char *) pwd, strlen( pwd ) );
- memset( buf, 0, n + 1 );
+ polarssl_zeroize( buf, n + 1 );
polarssl_free( buf );
return( ret );
@@ -144,7 +149,7 @@
ret = pk_parse_public_key( ctx, buf, n );
- memset( buf, 0, n + 1 );
+ polarssl_zeroize( buf, n + 1 );
polarssl_free( buf );
return( ret );
diff --git a/library/ripemd160.c b/library/ripemd160.c
index 4781a7d..3c2a7e6 100644
--- a/library/ripemd160.c
+++ b/library/ripemd160.c
@@ -76,6 +76,11 @@
}
#endif
+/* Implementation that should never be optimized out by the compiler */
+static void polarssl_zeroize( void *v, size_t n ) {
+ volatile unsigned char *p = v; while( n-- ) *p++ = 0;
+}
+
/*
* RIPEMD-160 context setup
*/
@@ -363,7 +368,7 @@
ripemd160_update( &ctx, input, ilen );
ripemd160_finish( &ctx, output );
- memset( &ctx, 0, sizeof( ripemd160_context ) );
+ polarssl_zeroize( &ctx, sizeof( ripemd160_context ) );
}
#if defined(POLARSSL_FS_IO)
@@ -387,7 +392,7 @@
ripemd160_finish( &ctx, output );
- memset( &ctx, 0, sizeof( ripemd160_context ) );
+ polarssl_zeroize( &ctx, sizeof( ripemd160_context ) );
if( ferror( f ) != 0 )
{
@@ -428,7 +433,7 @@
ripemd160_starts( ctx );
ripemd160_update( ctx, ctx->ipad, 64 );
- memset( sum, 0, sizeof( sum ) );
+ polarssl_zeroize( sum, sizeof( sum ) );
}
/*
@@ -453,7 +458,7 @@
ripemd160_update( ctx, tmpbuf, 20 );
ripemd160_finish( ctx, output );
- memset( tmpbuf, 0, sizeof( tmpbuf ) );
+ polarssl_zeroize( tmpbuf, sizeof( tmpbuf ) );
}
/*
@@ -478,7 +483,7 @@
ripemd160_hmac_update( &ctx, input, ilen );
ripemd160_hmac_finish( &ctx, output );
- memset( &ctx, 0, sizeof( ripemd160_context ) );
+ polarssl_zeroize( &ctx, sizeof( ripemd160_context ) );
}
diff --git a/library/sha1.c b/library/sha1.c
index da69a8f..ce81579 100644
--- a/library/sha1.c
+++ b/library/sha1.c
@@ -48,6 +48,11 @@
#define polarssl_printf printf
#endif
+/* Implementation that should never be optimized out by the compiler */
+static void polarssl_zeroize( void *v, size_t n ) {
+ volatile unsigned char *p = v; while( n-- ) *p++ = 0;
+}
+
#if !defined(POLARSSL_SHA1_ALT)
/*
@@ -334,7 +339,7 @@
sha1_update( &ctx, input, ilen );
sha1_finish( &ctx, output );
- memset( &ctx, 0, sizeof( sha1_context ) );
+ polarssl_zeroize( &ctx, sizeof( sha1_context ) );
}
#if defined(POLARSSL_FS_IO)
@@ -358,7 +363,7 @@
sha1_finish( &ctx, output );
- memset( &ctx, 0, sizeof( sha1_context ) );
+ polarssl_zeroize( &ctx, sizeof( sha1_context ) );
if( ferror( f ) != 0 )
{
@@ -399,7 +404,7 @@
sha1_starts( ctx );
sha1_update( ctx, ctx->ipad, 64 );
- memset( sum, 0, sizeof( sum ) );
+ polarssl_zeroize( sum, sizeof( sum ) );
}
/*
@@ -424,7 +429,7 @@
sha1_update( ctx, tmpbuf, 20 );
sha1_finish( ctx, output );
- memset( tmpbuf, 0, sizeof( tmpbuf ) );
+ polarssl_zeroize( tmpbuf, sizeof( tmpbuf ) );
}
/*
@@ -449,7 +454,7 @@
sha1_hmac_update( &ctx, input, ilen );
sha1_hmac_finish( &ctx, output );
- memset( &ctx, 0, sizeof( sha1_context ) );
+ polarssl_zeroize( &ctx, sizeof( sha1_context ) );
}
#if defined(POLARSSL_SELF_TEST)
diff --git a/library/sha256.c b/library/sha256.c
index 09165cc..5633f9e 100644
--- a/library/sha256.c
+++ b/library/sha256.c
@@ -48,6 +48,11 @@
#define polarssl_printf printf
#endif
+/* Implementation that should never be optimized out by the compiler */
+static void polarssl_zeroize( void *v, size_t n ) {
+ volatile unsigned char *p = v; while( n-- ) *p++ = 0;
+}
+
#if !defined(POLARSSL_SHA256_ALT)
/*
@@ -337,7 +342,7 @@
sha256_update( &ctx, input, ilen );
sha256_finish( &ctx, output );
- memset( &ctx, 0, sizeof( sha256_context ) );
+ polarssl_zeroize( &ctx, sizeof( sha256_context ) );
}
#if defined(POLARSSL_FS_IO)
@@ -361,7 +366,7 @@
sha256_finish( &ctx, output );
- memset( &ctx, 0, sizeof( sha256_context ) );
+ polarssl_zeroize( &ctx, sizeof( sha256_context ) );
if( ferror( f ) != 0 )
{
@@ -402,7 +407,7 @@
sha256_starts( ctx, is224 );
sha256_update( ctx, ctx->ipad, 64 );
- memset( sum, 0, sizeof( sum ) );
+ polarssl_zeroize( sum, sizeof( sum ) );
}
/*
@@ -431,7 +436,7 @@
sha256_update( ctx, tmpbuf, hlen );
sha256_finish( ctx, output );
- memset( tmpbuf, 0, sizeof( tmpbuf ) );
+ polarssl_zeroize( tmpbuf, sizeof( tmpbuf ) );
}
/*
@@ -456,7 +461,7 @@
sha256_hmac_update( &ctx, input, ilen );
sha256_hmac_finish( &ctx, output );
- memset( &ctx, 0, sizeof( sha256_context ) );
+ polarssl_zeroize( &ctx, sizeof( sha256_context ) );
}
#if defined(POLARSSL_SELF_TEST)
diff --git a/library/sha512.c b/library/sha512.c
index c13e0d9..a29c80a 100644
--- a/library/sha512.c
+++ b/library/sha512.c
@@ -48,6 +48,11 @@
#define polarssl_printf printf
#endif
+/* Implementation that should never be optimized out by the compiler */
+static void polarssl_zeroize( void *v, size_t n ) {
+ volatile unsigned char *p = v; while( n-- ) *p++ = 0;
+}
+
#if !defined(POLARSSL_SHA512_ALT)
/*
@@ -335,7 +340,7 @@
sha512_update( &ctx, input, ilen );
sha512_finish( &ctx, output );
- memset( &ctx, 0, sizeof( sha512_context ) );
+ polarssl_zeroize( &ctx, sizeof( sha512_context ) );
}
#if defined(POLARSSL_FS_IO)
@@ -359,7 +364,7 @@
sha512_finish( &ctx, output );
- memset( &ctx, 0, sizeof( sha512_context ) );
+ polarssl_zeroize( &ctx, sizeof( sha512_context ) );
if( ferror( f ) != 0 )
{
@@ -400,7 +405,7 @@
sha512_starts( ctx, is384 );
sha512_update( ctx, ctx->ipad, 128 );
- memset( sum, 0, sizeof( sum ) );
+ polarssl_zeroize( sum, sizeof( sum ) );
}
/*
@@ -429,7 +434,7 @@
sha512_update( ctx, tmpbuf, hlen );
sha512_finish( ctx, output );
- memset( tmpbuf, 0, sizeof( tmpbuf ) );
+ polarssl_zeroize( tmpbuf, sizeof( tmpbuf ) );
}
/*
@@ -454,7 +459,7 @@
sha512_hmac_update( &ctx, input, ilen );
sha512_hmac_finish( &ctx, output );
- memset( &ctx, 0, sizeof( sha512_context ) );
+ polarssl_zeroize( &ctx, sizeof( sha512_context ) );
}
#if defined(POLARSSL_SELF_TEST)
diff --git a/library/ssl_cli.c b/library/ssl_cli.c
index 7121d7b..19c33a7 100644
--- a/library/ssl_cli.c
+++ b/library/ssl_cli.c
@@ -55,6 +55,13 @@
#include <time.h>
#endif
+#if defined(POLARSSL_SSL_SESSION_TICKETS)
+/* Implementation that should never be optimized out by the compiler */
+static void polarssl_zeroize( void *v, size_t n ) {
+ volatile unsigned char *p = v; while( n-- ) *p++ = 0;
+}
+#endif
+
#if defined(POLARSSL_SSL_SERVER_NAME_INDICATION)
static void ssl_write_hostname_ext( ssl_context *ssl,
unsigned char *buf,
@@ -2466,6 +2473,8 @@
if( ticket_len == 0)
return( 0 );
+ polarssl_zeroize( ssl->session_negotiate->ticket,
+ ssl->session_negotiate->ticket_len );
polarssl_free( ssl->session_negotiate->ticket );
ssl->session_negotiate->ticket = NULL;
ssl->session_negotiate->ticket_len = 0;
diff --git a/library/ssl_srv.c b/library/ssl_srv.c
index a4bf1ab..cd207c5 100644
--- a/library/ssl_srv.c
+++ b/library/ssl_srv.c
@@ -52,6 +52,11 @@
#endif
#if defined(POLARSSL_SSL_SESSION_TICKETS)
+/* Implementation that should never be optimized out by the compiler */
+static void polarssl_zeroize( void *v, size_t n ) {
+ volatile unsigned char *p = v; while( n-- ) *p++ = 0;
+}
+
/*
* Serialize a session in the following format:
* 0 . n-1 session structure, n = sizeof(ssl_session)
@@ -337,7 +342,7 @@
ssl_session_free( ssl->session_negotiate );
memcpy( ssl->session_negotiate, &session, sizeof( ssl_session ) );
- memset( &session, 0, sizeof( ssl_session ) );
+ polarssl_zeroize( &session, sizeof( ssl_session ) );
return( 0 );
}
diff --git a/library/ssl_tls.c b/library/ssl_tls.c
index 2cd0cce..1374e11 100644
--- a/library/ssl_tls.c
+++ b/library/ssl_tls.c
@@ -61,6 +61,11 @@
#define strcasecmp _stricmp
#endif
+/* Implementation that should never be optimized out by the compiler */
+static void polarssl_zeroize( void *v, size_t n ) {
+ volatile unsigned char *p = v; while( n-- ) *p++ = 0;
+}
+
#if defined(POLARSSL_SSL_MAX_FRAGMENT_LENGTH)
/*
* Convert max_fragment_length codes to length.
@@ -175,11 +180,11 @@
md5_finish( &md5, dstbuf + i * 16 );
}
- memset( &md5, 0, sizeof( md5 ) );
- memset( &sha1, 0, sizeof( sha1 ) );
+ polarssl_zeroize( &md5, sizeof( md5 ) );
+ polarssl_zeroize( &sha1, sizeof( sha1 ) );
- memset( padding, 0, sizeof( padding ) );
- memset( sha1sum, 0, sizeof( sha1sum ) );
+ polarssl_zeroize( padding, sizeof( padding ) );
+ polarssl_zeroize( sha1sum, sizeof( sha1sum ) );
return( 0 );
}
@@ -241,8 +246,8 @@
dstbuf[i + j] = (unsigned char)( dstbuf[i + j] ^ h_i[j] );
}
- memset( tmp, 0, sizeof( tmp ) );
- memset( h_i, 0, sizeof( h_i ) );
+ polarssl_zeroize( tmp, sizeof( tmp ) );
+ polarssl_zeroize( h_i, sizeof( h_i ) );
return( 0 );
}
@@ -284,8 +289,8 @@
dstbuf[i + j] = h_i[j];
}
- memset( tmp, 0, sizeof( tmp ) );
- memset( h_i, 0, sizeof( h_i ) );
+ polarssl_zeroize( tmp, sizeof( tmp ) );
+ polarssl_zeroize( h_i, sizeof( h_i ) );
return( 0 );
}
@@ -326,8 +331,8 @@
dstbuf[i + j] = h_i[j];
}
- memset( tmp, 0, sizeof( tmp ) );
- memset( h_i, 0, sizeof( h_i ) );
+ polarssl_zeroize( tmp, sizeof( tmp ) );
+ polarssl_zeroize( h_i, sizeof( h_i ) );
return( 0 );
}
@@ -466,7 +471,7 @@
"master secret",
handshake->randbytes, 64, session->master, 48 );
- memset( handshake->premaster, 0, sizeof( handshake->premaster ) );
+ polarssl_zeroize( handshake->premaster, sizeof(handshake->premaster) );
}
else
SSL_DEBUG_MSG( 3, ( "no premaster (session resumed)" ) );
@@ -477,7 +482,7 @@
memcpy( tmp, handshake->randbytes, 64 );
memcpy( handshake->randbytes, tmp + 32, 32 );
memcpy( handshake->randbytes + 32, tmp, 32 );
- memset( tmp, 0, sizeof( tmp ) );
+ polarssl_zeroize( tmp, sizeof( tmp ) );
/*
* SSLv3:
@@ -500,7 +505,7 @@
SSL_DEBUG_BUF( 4, "random bytes", handshake->randbytes, 64 );
SSL_DEBUG_BUF( 4, "key block", keyblk, 256 );
- memset( handshake->randbytes, 0, sizeof( handshake->randbytes ) );
+ polarssl_zeroize( handshake->randbytes, sizeof( handshake->randbytes ) );
/*
* Determine the appropriate key, IV and MAC length.
@@ -699,7 +704,7 @@
}
#endif /* POLARSSL_CIPHER_MODE_CBC */
- memset( keyblk, 0, sizeof( keyblk ) );
+ polarssl_zeroize( keyblk, sizeof( keyblk ) );
#if defined(POLARSSL_ZLIB_SUPPORT)
// Initialize compression
@@ -2846,12 +2851,12 @@
SSL_DEBUG_BUF( 3, "calc finished result", buf, 36 );
- memset( &md5, 0, sizeof( md5_context ) );
- memset( &sha1, 0, sizeof( sha1_context ) );
+ polarssl_zeroize( &md5, sizeof( md5_context ) );
+ polarssl_zeroize( &sha1, sizeof( sha1_context ) );
- memset( padbuf, 0, sizeof( padbuf ) );
- memset( md5sum, 0, sizeof( md5sum ) );
- memset( sha1sum, 0, sizeof( sha1sum ) );
+ polarssl_zeroize( padbuf, sizeof( padbuf ) );
+ polarssl_zeroize( md5sum, sizeof( md5sum ) );
+ polarssl_zeroize( sha1sum, sizeof( sha1sum ) );
SSL_DEBUG_MSG( 2, ( "<= calc finished" ) );
}
@@ -2904,10 +2909,10 @@
SSL_DEBUG_BUF( 3, "calc finished result", buf, len );
- memset( &md5, 0, sizeof( md5_context ) );
- memset( &sha1, 0, sizeof( sha1_context ) );
+ polarssl_zeroize( &md5, sizeof( md5_context ) );
+ polarssl_zeroize( &sha1, sizeof( sha1_context ) );
- memset( padbuf, 0, sizeof( padbuf ) );
+ polarssl_zeroize( padbuf, sizeof( padbuf ) );
SSL_DEBUG_MSG( 2, ( "<= calc finished" ) );
}
@@ -2953,9 +2958,9 @@
SSL_DEBUG_BUF( 3, "calc finished result", buf, len );
- memset( &sha256, 0, sizeof( sha256_context ) );
+ polarssl_zeroize( &sha256, sizeof( sha256_context ) );
- memset( padbuf, 0, sizeof( padbuf ) );
+ polarssl_zeroize( padbuf, sizeof( padbuf ) );
SSL_DEBUG_MSG( 2, ( "<= calc finished" ) );
}
@@ -3000,9 +3005,9 @@
SSL_DEBUG_BUF( 3, "calc finished result", buf, len );
- memset( &sha512, 0, sizeof( sha512_context ) );
+ polarssl_zeroize( &sha512, sizeof( sha512_context ) );
- memset( padbuf, 0, sizeof( padbuf ) );
+ polarssl_zeroize( padbuf, sizeof( padbuf ) );
SSL_DEBUG_MSG( 2, ( "<= calc finished" ) );
}
@@ -4402,7 +4407,7 @@
md_free_ctx( &transform->md_ctx_enc );
md_free_ctx( &transform->md_ctx_dec );
- memset( transform, 0, sizeof( ssl_transform ) );
+ polarssl_zeroize( transform, sizeof( ssl_transform ) );
}
#if defined(POLARSSL_X509_CRT_PARSE_C)
@@ -4459,7 +4464,7 @@
}
#endif /* POLARSSL_X509_CRT_PARSE_C && POLARSSL_SSL_SERVER_NAME_INDICATION */
- memset( handshake, 0, sizeof( ssl_handshake_params ) );
+ polarssl_zeroize( handshake, sizeof( ssl_handshake_params ) );
}
void ssl_session_free( ssl_session *session )
@@ -4476,7 +4481,7 @@
polarssl_free( session->ticket );
#endif
- memset( session, 0, sizeof( ssl_session ) );
+ polarssl_zeroize( session, sizeof( ssl_session ) );
}
/*
@@ -4488,20 +4493,20 @@
if( ssl->out_ctr != NULL )
{
- memset( ssl->out_ctr, 0, SSL_BUFFER_LEN );
+ polarssl_zeroize( ssl->out_ctr, SSL_BUFFER_LEN );
polarssl_free( ssl->out_ctr );
}
if( ssl->in_ctr != NULL )
{
- memset( ssl->in_ctr, 0, SSL_BUFFER_LEN );
+ polarssl_zeroize( ssl->in_ctr, SSL_BUFFER_LEN );
polarssl_free( ssl->in_ctr );
}
#if defined(POLARSSL_ZLIB_SUPPORT)
if( ssl->compress_buf != NULL )
{
- memset( ssl->compress_buf, 0, SSL_BUFFER_LEN );
+ polarssl_zeroize( ssl->compress_buf, SSL_BUFFER_LEN );
polarssl_free( ssl->compress_buf );
}
#endif
@@ -4541,7 +4546,7 @@
#if defined(POLARSSL_SSL_SERVER_NAME_INDICATION)
if ( ssl->hostname != NULL )
{
- memset( ssl->hostname, 0, ssl->hostname_len );
+ polarssl_zeroize( ssl->hostname, ssl->hostname_len );
polarssl_free( ssl->hostname );
ssl->hostname_len = 0;
}
@@ -4550,8 +4555,8 @@
#if defined(POLARSSL_KEY_EXCHANGE__SOME__PSK_ENABLED)
if( ssl->psk != NULL )
{
- memset( ssl->psk, 0, ssl->psk_len );
- memset( ssl->psk_identity, 0, ssl->psk_identity_len );
+ polarssl_zeroize( ssl->psk, ssl->psk_len );
+ polarssl_zeroize( ssl->psk_identity, ssl->psk_identity_len );
polarssl_free( ssl->psk );
polarssl_free( ssl->psk_identity );
ssl->psk_len = 0;
@@ -4574,7 +4579,7 @@
SSL_DEBUG_MSG( 2, ( "<= free" ) );
/* Actually clear after last debug message */
- memset( ssl, 0, sizeof( ssl_context ) );
+ polarssl_zeroize( ssl, sizeof( ssl_context ) );
}
#if defined(POLARSSL_PK_C)
diff --git a/library/x509_crl.c b/library/x509_crl.c
index 8035ee4..eecf054 100644
--- a/library/x509_crl.c
+++ b/library/x509_crl.c
@@ -68,6 +68,11 @@
#include <stdio.h>
#endif
+/* Implementation that should never be optimized out by the compiler */
+static void polarssl_zeroize( void *v, size_t n ) {
+ volatile unsigned char *p = v; while( n-- ) *p++ = 0;
+}
+
/*
* Version ::= INTEGER { v1(0), v2(1) }
*/
@@ -552,7 +557,7 @@
ret = x509_crl_parse( chain, buf, n );
- memset( buf, 0, n + 1 );
+ polarssl_zeroize( buf, n + 1 );
polarssl_free( buf );
return( ret );
@@ -725,7 +730,7 @@
{
name_prv = name_cur;
name_cur = name_cur->next;
- memset( name_prv, 0, sizeof( x509_name ) );
+ polarssl_zeroize( name_prv, sizeof( x509_name ) );
polarssl_free( name_prv );
}
@@ -734,13 +739,13 @@
{
entry_prv = entry_cur;
entry_cur = entry_cur->next;
- memset( entry_prv, 0, sizeof( x509_crl_entry ) );
+ polarssl_zeroize( entry_prv, sizeof( x509_crl_entry ) );
polarssl_free( entry_prv );
}
if( crl_cur->raw.p != NULL )
{
- memset( crl_cur->raw.p, 0, crl_cur->raw.len );
+ polarssl_zeroize( crl_cur->raw.p, crl_cur->raw.len );
polarssl_free( crl_cur->raw.p );
}
@@ -754,7 +759,7 @@
crl_prv = crl_cur;
crl_cur = crl_cur->next;
- memset( crl_prv, 0, sizeof( x509_crl ) );
+ polarssl_zeroize( crl_prv, sizeof( x509_crl ) );
if( crl_prv != crl )
polarssl_free( crl_prv );
}
diff --git a/library/x509_crt.c b/library/x509_crt.c
index 0f41f40..f58f6fc 100644
--- a/library/x509_crt.c
+++ b/library/x509_crt.c
@@ -80,6 +80,11 @@
#endif
#endif
+/* Implementation that should never be optimized out by the compiler */
+static void polarssl_zeroize( void *v, size_t n ) {
+ volatile unsigned char *p = v; while( n-- ) *p++ = 0;
+}
+
/*
* Version ::= INTEGER { v1(0), v2(1), v3(2) }
*/
@@ -946,7 +951,7 @@
ret = x509_crt_parse( chain, buf, n );
- memset( buf, 0, n + 1 );
+ polarssl_zeroize( buf, n + 1 );
polarssl_free( buf );
return( ret );
@@ -1930,7 +1935,7 @@
{
name_prv = name_cur;
name_cur = name_cur->next;
- memset( name_prv, 0, sizeof( x509_name ) );
+ polarssl_zeroize( name_prv, sizeof( x509_name ) );
polarssl_free( name_prv );
}
@@ -1939,7 +1944,7 @@
{
name_prv = name_cur;
name_cur = name_cur->next;
- memset( name_prv, 0, sizeof( x509_name ) );
+ polarssl_zeroize( name_prv, sizeof( x509_name ) );
polarssl_free( name_prv );
}
@@ -1948,7 +1953,7 @@
{
seq_prv = seq_cur;
seq_cur = seq_cur->next;
- memset( seq_prv, 0, sizeof( x509_sequence ) );
+ polarssl_zeroize( seq_prv, sizeof( x509_sequence ) );
polarssl_free( seq_prv );
}
@@ -1957,13 +1962,13 @@
{
seq_prv = seq_cur;
seq_cur = seq_cur->next;
- memset( seq_prv, 0, sizeof( x509_sequence ) );
+ polarssl_zeroize( seq_prv, sizeof( x509_sequence ) );
polarssl_free( seq_prv );
}
if( cert_cur->raw.p != NULL )
{
- memset( cert_cur->raw.p, 0, cert_cur->raw.len );
+ polarssl_zeroize( cert_cur->raw.p, cert_cur->raw.len );
polarssl_free( cert_cur->raw.p );
}
@@ -1977,7 +1982,7 @@
cert_prv = cert_cur;
cert_cur = cert_cur->next;
- memset( cert_prv, 0, sizeof( x509_crt ) );
+ polarssl_zeroize( cert_prv, sizeof( x509_crt ) );
if( cert_prv != crt )
polarssl_free( cert_prv );
}
diff --git a/library/x509_csr.c b/library/x509_csr.c
index 529e7e4..d82679d 100644
--- a/library/x509_csr.c
+++ b/library/x509_csr.c
@@ -62,6 +62,11 @@
#include <stdio.h>
#endif
+/* Implementation that should never be optimized out by the compiler */
+static void polarssl_zeroize( void *v, size_t n ) {
+ volatile unsigned char *p = v; while( n-- ) *p++ = 0;
+}
+
/*
* Version ::= INTEGER { v1(0) }
*/
@@ -295,7 +300,7 @@
ret = x509_csr_parse( csr, buf, n );
- memset( buf, 0, n + 1 );
+ polarssl_zeroize( buf, n + 1 );
polarssl_free( buf );
return( ret );
@@ -429,17 +434,17 @@
{
name_prv = name_cur;
name_cur = name_cur->next;
- memset( name_prv, 0, sizeof( x509_name ) );
+ polarssl_zeroize( name_prv, sizeof( x509_name ) );
polarssl_free( name_prv );
}
if( csr->raw.p != NULL )
{
- memset( csr->raw.p, 0, csr->raw.len );
+ polarssl_zeroize( csr->raw.p, csr->raw.len );
polarssl_free( csr->raw.p );
}
- memset( csr, 0, sizeof( x509_csr ) );
+ polarssl_zeroize( csr, sizeof( x509_csr ) );
}
#endif /* POLARSSL_X509_CSR_PARSE_C */
diff --git a/library/x509write_crt.c b/library/x509write_crt.c
index df7ab64..4b6d75b 100644
--- a/library/x509write_crt.c
+++ b/library/x509write_crt.c
@@ -46,6 +46,11 @@
#include "polarssl/pem.h"
#endif /* POLARSSL_PEM_WRITE_C */
+/* Implementation that should never be optimized out by the compiler */
+static void polarssl_zeroize( void *v, size_t n ) {
+ volatile unsigned char *p = v; while( n-- ) *p++ = 0;
+}
+
void x509write_crt_init( x509write_cert *ctx )
{
memset( ctx, 0, sizeof(x509write_cert) );
@@ -62,7 +67,7 @@
asn1_free_named_data_list( &ctx->issuer );
asn1_free_named_data_list( &ctx->extensions );
- memset( ctx, 0, sizeof(x509write_cert) );
+ polarssl_zeroize( ctx, sizeof(x509write_cert) );
}
void x509write_crt_set_version( x509write_cert *ctx, int version )
diff --git a/library/x509write_csr.c b/library/x509write_csr.c
index ff766e1..53ae9c6 100644
--- a/library/x509write_csr.c
+++ b/library/x509write_csr.c
@@ -47,6 +47,11 @@
#include <string.h>
#include <stdlib.h>
+/* Implementation that should never be optimized out by the compiler */
+static void polarssl_zeroize( void *v, size_t n ) {
+ volatile unsigned char *p = v; while( n-- ) *p++ = 0;
+}
+
void x509write_csr_init( x509write_csr *ctx )
{
memset( ctx, 0, sizeof(x509write_csr) );
@@ -57,7 +62,7 @@
asn1_free_named_data_list( &ctx->subject );
asn1_free_named_data_list( &ctx->extensions );
- memset( ctx, 0, sizeof(x509write_csr) );
+ polarssl_zeroize( ctx, sizeof(x509write_csr) );
}
void x509write_csr_set_md_alg( x509write_csr *ctx, md_type_t md_alg )
