yuzu-emu/mbedtls
1
0
Fork 0
mirror of https://github.com/yuzu-emu/mbedtls.git synced 2024-11-22 17:05:36 +01:00
Code Issues Packages Projects Releases Wiki Activity

Improve docs for mbedtls_zeroize() and add refs

Browse Source
This commit is contained in:
Andres Amaya Garcia 2018-03-08 20:46:39 +00:00
parent 6606d5c414
commit 1e8ea5fa68
2 changed files with 20 additions and 7 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

7
include/mbedtls/utils.h
View File

@ -33,6 +33,13 @@
*
* \note This implementation should never be optimized out by the
* compiler
*
* \note It is extremely difficult to guarantee that calls to
* mbedtls_zeroize() are not removed by aggressive compiler
* optimizations in a portable way. For this reason, Mbed TLS
* provides the configuration option MBEDTLS_UTILS_ZEROIZE_ALT,
* which allows users to configure mbedtls_zeroize() to use a
* suitable implementation for their platform and needs
*/
void mbedtls_zeroize( void *buf, size_t len );

20
library/utils.c
View File

@ -34,19 +34,25 @@
/*
* This implementation should never be optimized out by the compiler
*
* This implementation for mbedtls_zeroize() uses a volatile function pointer.
* We always know that it points to memset(), but because it is volatile the
* compiler expects it to change at any time and will not optimize out the
* call that could potentially perform other operations on the input buffer
* instead of just setting it to 0. Nevertheless, optimizations of the
* following form are still possible:
* This implementation for mbedtls_zeroize() was inspired from Colin Percival's
* blog article at:
*
* http://www.daemonology.net/blog/2014-09-04-how-to-zero-a-buffer.html
*
* It uses a volatile function pointer to the standard memset(). Because the
* pointer is volatile the compiler expects it to change at
* any time and will not optimize out the call that could potentially perform
* other operations on the input buffer instead of just setting it to 0.
* Nevertheless, as pointed out by davidtgoldblatt on Hacker News
* (refer to http://www.daemonology.net/blog/2014-09-05-erratum.html for
* details), optimizations of the following form are still possible:
*
* if( memset_func != memset )
* memset_func( buf, 0, len );
*
* Note that it is extremely difficult to guarantee that mbedtls_zeroize()
* will not be optimized out by aggressive compilers in a portable way. For
* this reason, mbed TLS also provides the configuration option
* this reason, Mbed TLS also provides the configuration option
* MBEDTLS_UTILS_ZEROIZE_ALT, which allows users to configure
* mbedtls_zeroize() to use a suitable implementation for their platform and
* needs.