From 614d9c06677dfac460e60208c8e7fefcbacd9505 Mon Sep 17 00:00:00 2001 From: Andres Amaya Garcia Date: Tue, 24 Oct 2017 21:27:43 +0100 Subject: [PATCH] Add a utils.h file that contains common functions The new header contains common information across various mbed TLS modules and avoids code duplication. To start, utils.h currently only contains the mbedtls_zeroize() function. --- include/mbedtls/utils.h | 39 +++++++++++++++++++++++++++++++++++++++ library/CMakeLists.txt | 1 + library/Makefile | 3 ++- library/utils.c | 33 +++++++++++++++++++++++++++++++++ 4 files changed, 75 insertions(+), 1 deletion(-) create mode 100644 include/mbedtls/utils.h create mode 100644 library/utils.c diff --git a/include/mbedtls/utils.h b/include/mbedtls/utils.h new file mode 100644 index 000000000..61b1b76c0 --- /dev/null +++ b/include/mbedtls/utils.h @@ -0,0 +1,39 @@ +/** + * \file utils.h + * + * \brief mbed TLS utility functions + * + * Copyright (C) 2017, ARM Limited, All Rights Reserved + * SPDX-License-Identifier: Apache-2.0 + * + * Licensed under the Apache License, Version 2.0 (the "License"); you may + * not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT + * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + * + * This file is part of mbed TLS (https://tls.mbed.org) + */ +#ifndef MBEDTLS_UTILS_H +#define MBEDTLS_UTILS_H + +#include + +/** + * \brief Securely zeroize a buffer + * + * \param buf Buffer to be zeroized + * \param len Length of the buffer in bytes + * + * \note This implementation should never be optimized out by the + * compiler + */ +void mbedtls_zeroize( void *buf, size_t len ); + +#endif /* MBEDTLS_UTILS_H */ diff --git a/library/CMakeLists.txt b/library/CMakeLists.txt index 7742c22d2..24a2484a3 100644 --- a/library/CMakeLists.txt +++ b/library/CMakeLists.txt @@ -57,6 +57,7 @@ set(src_crypto version.c version_features.c xtea.c + utils.c ) set(src_x509 diff --git a/library/Makefile b/library/Makefile index 0333815f0..46dce4e6f 100644 --- a/library/Makefile +++ b/library/Makefile @@ -65,7 +65,8 @@ OBJS_CRYPTO= aes.o aesni.o arc4.o \ ripemd160.o rsa_internal.o rsa.o \ sha1.o sha256.o sha512.o \ threading.o timing.o version.o \ - version_features.o xtea.o + version_features.o xtea.o \ + utils.o OBJS_X509= certs.o pkcs11.o x509.o \ x509_create.o x509_crl.o x509_crt.o \ diff --git a/library/utils.c b/library/utils.c new file mode 100644 index 000000000..f943cb1c6 --- /dev/null +++ b/library/utils.c @@ -0,0 +1,33 @@ +/* + * mbedtls utility functions + * + * Copyright (C) 2017, ARM Limited, All Rights Reserved + * SPDX-License-Identifier: Apache-2.0 + * + * Licensed under the Apache License, Version 2.0 (the "License"); you may + * not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT + * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + * + * This file is part of mbed TLS (https://tls.mbed.org) + */ + +#include "mbedtls/utils.h" + +#include + +/* This implementation should never be optimized out by the compiler */ +void mbedtls_zeroize( void *buf, size_t len ) +{ + volatile unsigned char *p = (unsigned char *)buf; + + while( len-- ) + *p++ = 0; +}