Introduce polarssl_zeroize() instead of memset() for zeroization

commit: 346177255931fb1e3514e124a1f598715a5fe92d [log] [tgz]
author: Paul Bakker <p.j.bakker@polarssl.org> Fri Jun 13 17:20:13 2014 +0200
committer: Paul Bakker <p.j.bakker@polarssl.org> Sat Jun 14 16:46:03 2014 +0200
tree: da658994944be861b8b2a1001c9b759976276891
parent: bbcb1ce7030575d708700ca205800e847d846402 [diff] [blame]
diff --git a/library/gcm.c b/library/gcm.c
index 62fe185..c96da4e 100644
--- a/library/gcm.c
+++ b/library/gcm.c

@@ -76,6 +76,11 @@
 }
 #endif
 
+/* Implementation that should never be optimized out by the compiler */
+static void polarssl_zeroize( void *v, size_t n ) {
+    volatile unsigned char *p = v; while( n-- ) *p++ = 0;
+}
+
 /*
  * Precompute small multiples of H, that is set
  *      HH[i] || HL[i] = H times i,
@@ -464,7 +469,7 @@
 
     if( diff != 0 )
     {
-        memset( output, 0, length );
+        polarssl_zeroize( output, length );
         return( POLARSSL_ERR_GCM_AUTH_FAILED );
     }
 
@@ -474,7 +479,7 @@
 void gcm_free( gcm_context *ctx )
 {
     (void) cipher_free_ctx( &ctx->cipher_ctx );
-    memset( ctx, 0, sizeof( gcm_context ) );
+    polarssl_zeroize( ctx, sizeof( gcm_context ) );
 }
 
 #if defined(POLARSSL_SELF_TEST) && defined(POLARSSL_AES_C)
commit	346177255931fb1e3514e124a1f598715a5fe92d	[log] [tgz]
author	Paul Bakker <p.j.bakker@polarssl.org>	Fri Jun 13 17:20:13 2014 +0200
committer	Paul Bakker <p.j.bakker@polarssl.org>	Sat Jun 14 16:46:03 2014 +0200
tree	da658994944be861b8b2a1001c9b759976276891
parent	bbcb1ce7030575d708700ca205800e847d846402 [diff] [blame]