diff --git a/library/aes.c b/library/aes.c index aff0a9939..4850fab14 100644 --- a/library/aes.c +++ b/library/aes.c @@ -519,7 +519,7 @@ void mbedtls_aes_init( mbedtls_aes_context *ctx ) { AES_VALIDATE( ctx != NULL ); - memset( ctx, 0, sizeof( mbedtls_aes_context ) ); + mbedtls_platform_memset( ctx, 0, sizeof( mbedtls_aes_context ) ); } void mbedtls_aes_free( mbedtls_aes_context *ctx ) @@ -1809,7 +1809,7 @@ int mbedtls_aes_self_test( int verbose ) #endif mbedtls_aes_context ctx; - memset( key, 0, 32 ); + mbedtls_platform_memset( key, 0, 32 ); mbedtls_aes_init( &ctx ); /* @@ -1825,7 +1825,7 @@ int mbedtls_aes_self_test( int verbose ) mbedtls_printf( " AES-ECB-%3d (%s): ", keybits, ( mode == MBEDTLS_AES_DECRYPT ) ? "dec" : "enc" ); - memset( buf, 0, 16 ); + mbedtls_platform_memset( buf, 0, 16 ); if( mode == MBEDTLS_AES_DECRYPT ) { @@ -1887,9 +1887,9 @@ int mbedtls_aes_self_test( int verbose ) mbedtls_printf( " AES-CBC-%3d (%s): ", keybits, ( mode == MBEDTLS_AES_DECRYPT ) ? "dec" : "enc" ); - memset( iv , 0, 16 ); - memset( prv, 0, 16 ); - memset( buf, 0, 16 ); + mbedtls_platform_memset( iv , 0, 16 ); + mbedtls_platform_memset( prv, 0, 16 ); + mbedtls_platform_memset( buf, 0, 16 ); if( mode == MBEDTLS_AES_DECRYPT ) { @@ -2147,7 +2147,7 @@ int mbedtls_aes_self_test( int verbose ) mbedtls_printf( " AES-XTS-128 (%s): ", ( mode == MBEDTLS_AES_DECRYPT ) ? "dec" : "enc" ); - memset( key, 0, sizeof( key ) ); + mbedtls_platform_memset( key, 0, sizeof( key ) ); memcpy( key, aes_test_xts_key[u], 32 ); data_unit = aes_test_xts_data_unit[u]; diff --git a/library/arc4.c b/library/arc4.c index b8998ac6c..eeebbdcd5 100644 --- a/library/arc4.c +++ b/library/arc4.c @@ -50,7 +50,7 @@ void mbedtls_arc4_init( mbedtls_arc4_context *ctx ) { - memset( ctx, 0, sizeof( mbedtls_arc4_context ) ); + mbedtls_platform_memset( ctx, 0, sizeof( mbedtls_arc4_context ) ); } void mbedtls_arc4_free( mbedtls_arc4_context *ctx ) diff --git a/library/aria.c b/library/aria.c index aff66d667..90501f89b 100644 --- a/library/aria.c +++ b/library/aria.c @@ -467,7 +467,7 @@ int mbedtls_aria_setkey_enc( mbedtls_aria_context *ctx, GET_UINT32_LE( w[0][2], key, 8 ); GET_UINT32_LE( w[0][3], key, 12 ); - memset( w[1], 0, 16 ); + mbedtls_platform_memset( w[1], 0, 16 ); if( keybits >= 192 ) { GET_UINT32_LE( w[1][0], key, 16 ); // 192 bit key @@ -600,7 +600,7 @@ int mbedtls_aria_crypt_ecb( mbedtls_aria_context *ctx, void mbedtls_aria_init( mbedtls_aria_context *ctx ) { ARIA_VALIDATE( ctx != NULL ); - memset( ctx, 0, sizeof( mbedtls_aria_context ) ); + mbedtls_platform_memset( ctx, 0, sizeof( mbedtls_aria_context ) ); } /* Clear context */ @@ -987,7 +987,7 @@ int mbedtls_aria_self_test( int verbose ) mbedtls_printf( " ARIA-CBC-%d (enc): ", 128 + 64 * i ); mbedtls_aria_setkey_enc( &ctx, aria_test2_key, 128 + 64 * i ); memcpy( iv, aria_test2_iv, MBEDTLS_ARIA_BLOCKSIZE ); - memset( buf, 0x55, sizeof( buf ) ); + mbedtls_platform_memset( buf, 0x55, sizeof( buf ) ); mbedtls_aria_crypt_cbc( &ctx, MBEDTLS_ARIA_ENCRYPT, 48, iv, aria_test2_pt, buf ); if( memcmp( buf, aria_test2_cbc_ct[i], 48 ) != 0 ) @@ -998,7 +998,7 @@ int mbedtls_aria_self_test( int verbose ) mbedtls_printf( " ARIA-CBC-%d (dec): ", 128 + 64 * i ); mbedtls_aria_setkey_dec( &ctx, aria_test2_key, 128 + 64 * i ); memcpy( iv, aria_test2_iv, MBEDTLS_ARIA_BLOCKSIZE ); - memset( buf, 0xAA, sizeof( buf ) ); + mbedtls_platform_memset( buf, 0xAA, sizeof( buf ) ); mbedtls_aria_crypt_cbc( &ctx, MBEDTLS_ARIA_DECRYPT, 48, iv, aria_test2_cbc_ct[i], buf ); if( memcmp( buf, aria_test2_pt, 48 ) != 0 ) @@ -1017,7 +1017,7 @@ int mbedtls_aria_self_test( int verbose ) mbedtls_printf( " ARIA-CFB-%d (enc): ", 128 + 64 * i ); mbedtls_aria_setkey_enc( &ctx, aria_test2_key, 128 + 64 * i ); memcpy( iv, aria_test2_iv, MBEDTLS_ARIA_BLOCKSIZE ); - memset( buf, 0x55, sizeof( buf ) ); + mbedtls_platform_memset( buf, 0x55, sizeof( buf ) ); j = 0; mbedtls_aria_crypt_cfb128( &ctx, MBEDTLS_ARIA_ENCRYPT, 48, &j, iv, aria_test2_pt, buf ); @@ -1029,7 +1029,7 @@ int mbedtls_aria_self_test( int verbose ) mbedtls_printf( " ARIA-CFB-%d (dec): ", 128 + 64 * i ); mbedtls_aria_setkey_enc( &ctx, aria_test2_key, 128 + 64 * i ); memcpy( iv, aria_test2_iv, MBEDTLS_ARIA_BLOCKSIZE ); - memset( buf, 0xAA, sizeof( buf ) ); + mbedtls_platform_memset( buf, 0xAA, sizeof( buf ) ); j = 0; mbedtls_aria_crypt_cfb128( &ctx, MBEDTLS_ARIA_DECRYPT, 48, &j, iv, aria_test2_cfb_ct[i], buf ); @@ -1047,8 +1047,8 @@ int mbedtls_aria_self_test( int verbose ) if( verbose ) mbedtls_printf( " ARIA-CTR-%d (enc): ", 128 + 64 * i ); mbedtls_aria_setkey_enc( &ctx, aria_test2_key, 128 + 64 * i ); - memset( iv, 0, MBEDTLS_ARIA_BLOCKSIZE ); // IV = 0 - memset( buf, 0x55, sizeof( buf ) ); + mbedtls_platform_memset( iv, 0, MBEDTLS_ARIA_BLOCKSIZE ); // IV = 0 + mbedtls_platform_memset( buf, 0x55, sizeof( buf ) ); j = 0; mbedtls_aria_crypt_ctr( &ctx, 48, &j, iv, blk, aria_test2_pt, buf ); @@ -1059,8 +1059,8 @@ int mbedtls_aria_self_test( int verbose ) if( verbose ) mbedtls_printf( " ARIA-CTR-%d (dec): ", 128 + 64 * i ); mbedtls_aria_setkey_enc( &ctx, aria_test2_key, 128 + 64 * i ); - memset( iv, 0, MBEDTLS_ARIA_BLOCKSIZE ); // IV = 0 - memset( buf, 0xAA, sizeof( buf ) ); + mbedtls_platform_memset( iv, 0, MBEDTLS_ARIA_BLOCKSIZE ); // IV = 0 + mbedtls_platform_memset( buf, 0xAA, sizeof( buf ) ); j = 0; mbedtls_aria_crypt_ctr( &ctx, 48, &j, iv, blk, aria_test2_ctr_ct[i], buf ); diff --git a/library/asn1parse.c b/library/asn1parse.c index aac253b01..ac3943adf 100644 --- a/library/asn1parse.c +++ b/library/asn1parse.c @@ -337,7 +337,7 @@ int mbedtls_asn1_get_sequence_of( unsigned char **p, int tag) { asn1_get_sequence_of_cb_ctx_t cb_ctx = { tag, cur }; - memset( cur, 0, sizeof( mbedtls_asn1_sequence ) ); + mbedtls_platform_memset( cur, 0, sizeof( mbedtls_asn1_sequence ) ); return( mbedtls_asn1_traverse_sequence_of( p, end, 0xFF, tag, 0, 0, asn1_get_sequence_of_cb, &cb_ctx ) ); @@ -391,7 +391,7 @@ int mbedtls_asn1_get_alg_null( unsigned char **p, int ret; mbedtls_asn1_buf params; - memset( ¶ms, 0, sizeof(mbedtls_asn1_buf) ); + mbedtls_platform_memset( ¶ms, 0, sizeof(mbedtls_asn1_buf) ); if( ( ret = mbedtls_asn1_get_alg( p, end, alg, ¶ms ) ) != 0 ) return( ret ); diff --git a/library/bignum.c b/library/bignum.c index e45426c9e..8659d71b2 100644 --- a/library/bignum.c +++ b/library/bignum.c @@ -217,7 +217,7 @@ int mbedtls_mpi_copy( mbedtls_mpi *X, const mbedtls_mpi *Y ) } else { - memset( X->p + i, 0, ( X->n - i ) * ciL ); + mbedtls_platform_memset( X->p + i, 0, ( X->n - i ) * ciL ); } memcpy( X->p, Y->p, i * ciL ); @@ -318,7 +318,7 @@ int mbedtls_mpi_lset( mbedtls_mpi *X, mbedtls_mpi_sint z ) MPI_VALIDATE_RET( X != NULL ); MBEDTLS_MPI_CHK( mbedtls_mpi_grow( X, 1 ) ); - memset( X->p, 0, X->n * ciL ); + mbedtls_platform_memset( X->p, 0, X->n * ciL ); X->p[0] = ( z < 0 ) ? -z : z; X->s = ( z < 0 ) ? -1 : 1; @@ -673,7 +673,7 @@ int mbedtls_mpi_read_file( mbedtls_mpi *X, int radix, FILE *fin ) if( radix < 2 || radix > 16 ) return( MBEDTLS_ERR_MPI_BAD_INPUT_DATA ); - memset( s, 0, sizeof( s ) ); + mbedtls_platform_memset( s, 0, sizeof( s ) ); if( fgets( s, sizeof( s ) - 1, fin ) == NULL ) return( MBEDTLS_ERR_MPI_FILE_IO_ERROR ); @@ -709,7 +709,7 @@ int mbedtls_mpi_write_file( const char *p, const mbedtls_mpi *X, int radix, FILE if( radix < 2 || radix > 16 ) return( MBEDTLS_ERR_MPI_BAD_INPUT_DATA ); - memset( s, 0, sizeof( s ) ); + mbedtls_platform_memset( s, 0, sizeof( s ) ); MBEDTLS_MPI_CHK( mbedtls_mpi_write_string( X, radix, s, sizeof( s ) - 2, &n ) ); @@ -888,7 +888,7 @@ int mbedtls_mpi_write_binary( const mbedtls_mpi *X, * number. */ bytes_to_copy = stored_bytes; p = buf + buflen - stored_bytes; - memset( buf, 0, buflen - stored_bytes ); + mbedtls_platform_memset( buf, 0, buflen - stored_bytes ); } else { @@ -1797,7 +1797,7 @@ static int mpi_montmul( mbedtls_mpi *A, const mbedtls_mpi *B, const mbedtls_mpi if( T->n < N->n + 1 || T->p == NULL ) return( MBEDTLS_ERR_MPI_BAD_INPUT_DATA ); - memset( T->p, 0, T->n * ciL ); + mbedtls_platform_memset( T->p, 0, T->n * ciL ); d = T->p; n = N->n; @@ -1875,7 +1875,7 @@ int mbedtls_mpi_exp_mod( mbedtls_mpi *X, const mbedtls_mpi *A, mpi_montg_init( &mm, N ); mbedtls_mpi_init( &RR ); mbedtls_mpi_init( &T ); mbedtls_mpi_init( &Apos ); - memset( W, 0, sizeof( W ) ); + mbedtls_platform_memset( W, 0, sizeof( W ) ); i = mbedtls_mpi_bitlen( E ); diff --git a/library/blowfish.c b/library/blowfish.c index cbf923824..7e1cfbd02 100644 --- a/library/blowfish.c +++ b/library/blowfish.c @@ -160,7 +160,7 @@ static void blowfish_dec( mbedtls_blowfish_context *ctx, uint32_t *xl, uint32_t void mbedtls_blowfish_init( mbedtls_blowfish_context *ctx ) { BLOWFISH_VALIDATE( ctx != NULL ); - memset( ctx, 0, sizeof( mbedtls_blowfish_context ) ); + mbedtls_platform_memset( ctx, 0, sizeof( mbedtls_blowfish_context ) ); } void mbedtls_blowfish_free( mbedtls_blowfish_context *ctx ) diff --git a/library/camellia.c b/library/camellia.c index 22262b89a..9021a9afc 100644 --- a/library/camellia.c +++ b/library/camellia.c @@ -328,7 +328,7 @@ static void camellia_feistel( const uint32_t x[2], const uint32_t k[2], void mbedtls_camellia_init( mbedtls_camellia_context *ctx ) { CAMELLIA_VALIDATE( ctx != NULL ); - memset( ctx, 0, sizeof( mbedtls_camellia_context ) ); + mbedtls_platform_memset( ctx, 0, sizeof( mbedtls_camellia_context ) ); } void mbedtls_camellia_free( mbedtls_camellia_context *ctx ) @@ -359,8 +359,8 @@ int mbedtls_camellia_setkey_enc( mbedtls_camellia_context *ctx, RK = ctx->rk; - memset( t, 0, 64 ); - memset( RK, 0, sizeof(ctx->rk) ); + mbedtls_platform_memset( t, 0, 64 ); + mbedtls_platform_memset( RK, 0, sizeof(ctx->rk) ); switch( keybits ) { @@ -390,7 +390,7 @@ int mbedtls_camellia_setkey_enc( mbedtls_camellia_context *ctx, * Key storage in KC * Order: KL, KR, KA, KB */ - memset( KC, 0, sizeof(KC) ); + mbedtls_platform_memset( KC, 0, sizeof(KC) ); /* Store KL, KR */ for( i = 0; i < 8; i++ ) @@ -951,7 +951,7 @@ int mbedtls_camellia_self_test( int verbose ) mbedtls_camellia_context ctx; - memset( key, 0, 32 ); + mbedtls_platform_memset( key, 0, 32 ); for( j = 0; j < 6; j++ ) { u = j >> 1; diff --git a/library/ccm.c b/library/ccm.c index c6211ee77..a21e3c38d 100644 --- a/library/ccm.c +++ b/library/ccm.c @@ -66,7 +66,7 @@ void mbedtls_ccm_init( mbedtls_ccm_context *ctx ) { CCM_VALIDATE( ctx != NULL ); - memset( ctx, 0, sizeof( mbedtls_ccm_context ) ); + mbedtls_platform_memset( ctx, 0, sizeof( mbedtls_ccm_context ) ); } int mbedtls_ccm_setkey( mbedtls_ccm_context *ctx, @@ -211,7 +211,7 @@ static int ccm_auth_crypt( mbedtls_ccm_context *ctx, int mode, size_t length, /* Start CBC-MAC with first block */ - memset( y, 0, 16 ); + mbedtls_platform_memset( y, 0, 16 ); UPDATE_CBC_MAC; /* @@ -224,7 +224,7 @@ static int ccm_auth_crypt( mbedtls_ccm_context *ctx, int mode, size_t length, len_left = add_len; src = add; - memset( b, 0, 16 ); + mbedtls_platform_memset( b, 0, 16 ); b[0] = (unsigned char)( ( add_len >> 8 ) & 0xFF ); b[1] = (unsigned char)( ( add_len ) & 0xFF ); @@ -239,7 +239,7 @@ static int ccm_auth_crypt( mbedtls_ccm_context *ctx, int mode, size_t length, { use_len = len_left > 16 ? 16 : len_left; - memset( b, 0, 16 ); + mbedtls_platform_memset( b, 0, 16 ); memcpy( b, src, use_len ); UPDATE_CBC_MAC; @@ -260,7 +260,7 @@ static int ccm_auth_crypt( mbedtls_ccm_context *ctx, int mode, size_t length, */ ctr[0] = q - 1; memcpy( ctr + 1, iv, iv_len ); - memset( ctr + 1 + iv_len, 0, q ); + mbedtls_platform_memset( ctr + 1 + iv_len, 0, q ); ctr[15] = 1; /* @@ -279,7 +279,7 @@ static int ccm_auth_crypt( mbedtls_ccm_context *ctx, int mode, size_t length, if( mode == CCM_ENCRYPT ) { - memset( b, 0, 16 ); + mbedtls_platform_memset( b, 0, 16 ); memcpy( b, src, use_len ); UPDATE_CBC_MAC; } @@ -288,7 +288,7 @@ static int ccm_auth_crypt( mbedtls_ccm_context *ctx, int mode, size_t length, if( mode == CCM_DECRYPT ) { - memset( b, 0, 16 ); + mbedtls_platform_memset( b, 0, 16 ); memcpy( b, dst, use_len ); UPDATE_CBC_MAC; } @@ -495,8 +495,8 @@ int mbedtls_ccm_self_test( int verbose ) if( verbose != 0 ) mbedtls_printf( " CCM-AES #%u: ", (unsigned int) i + 1 ); - memset( plaintext, 0, CCM_SELFTEST_PT_MAX_LEN ); - memset( ciphertext, 0, CCM_SELFTEST_CT_MAX_LEN ); + mbedtls_platform_memset( plaintext, 0, CCM_SELFTEST_PT_MAX_LEN ); + mbedtls_platform_memset( ciphertext, 0, CCM_SELFTEST_CT_MAX_LEN ); memcpy( plaintext, msg, msg_len[i] ); ret = mbedtls_ccm_encrypt_and_tag( &ctx, msg_len[i], @@ -512,7 +512,7 @@ int mbedtls_ccm_self_test( int verbose ) return( 1 ); } - memset( plaintext, 0, CCM_SELFTEST_PT_MAX_LEN ); + mbedtls_platform_memset( plaintext, 0, CCM_SELFTEST_PT_MAX_LEN ); ret = mbedtls_ccm_auth_decrypt( &ctx, msg_len[i], iv, iv_len[i], ad, add_len[i], diff --git a/library/chachapoly.c b/library/chachapoly.c index dc643dd61..419fe8091 100644 --- a/library/chachapoly.c +++ b/library/chachapoly.c @@ -68,7 +68,7 @@ static int chachapoly_pad_aad( mbedtls_chachapoly_context *ctx ) if( partial_block_len == 0U ) return( 0 ); - memset( zeroes, 0, sizeof( zeroes ) ); + mbedtls_platform_memset( zeroes, 0, sizeof( zeroes ) ); return( mbedtls_poly1305_update( &ctx->poly1305_ctx, zeroes, @@ -88,7 +88,7 @@ static int chachapoly_pad_ciphertext( mbedtls_chachapoly_context *ctx ) if( partial_block_len == 0U ) return( 0 ); - memset( zeroes, 0, sizeof( zeroes ) ); + mbedtls_platform_memset( zeroes, 0, sizeof( zeroes ) ); return( mbedtls_poly1305_update( &ctx->poly1305_ctx, zeroes, 16U - partial_block_len ) ); @@ -150,7 +150,7 @@ int mbedtls_chachapoly_starts( mbedtls_chachapoly_context *ctx, * Only the first 256-bits (32 bytes) of the key is used for Poly1305. * The other 256 bits are discarded. */ - memset( poly1305_key, 0, sizeof( poly1305_key ) ); + mbedtls_platform_memset( poly1305_key, 0, sizeof( poly1305_key ) ); ret = mbedtls_chacha20_update( &ctx->chacha20_ctx, sizeof( poly1305_key ), poly1305_key, poly1305_key ); if( ret != 0 ) diff --git a/library/cipher.c b/library/cipher.c index 58217163c..47dfe24cd 100644 --- a/library/cipher.c +++ b/library/cipher.c @@ -156,7 +156,7 @@ const mbedtls_cipher_info_t *mbedtls_cipher_info_from_values( const mbedtls_ciph void mbedtls_cipher_init( mbedtls_cipher_context_t *ctx ) { CIPHER_VALIDATE( ctx != NULL ); - memset( ctx, 0, sizeof( mbedtls_cipher_context_t ) ); + mbedtls_platform_memset( ctx, 0, sizeof( mbedtls_cipher_context_t ) ); } void mbedtls_cipher_free( mbedtls_cipher_context_t *ctx ) @@ -185,7 +185,7 @@ int mbedtls_cipher_setup( mbedtls_cipher_context_t *ctx, const mbedtls_cipher_in if( cipher_info == NULL ) return( MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA ); - memset( ctx, 0, sizeof( mbedtls_cipher_context_t ) ); + mbedtls_platform_memset( ctx, 0, sizeof( mbedtls_cipher_context_t ) ); if( NULL == ( ctx->cipher_ctx = cipher_info->base->ctx_alloc_func() ) ) return( MBEDTLS_ERR_CIPHER_ALLOC_FAILED ); diff --git a/library/cmac.c b/library/cmac.c index 5d101e1c7..ada05352f 100644 --- a/library/cmac.c +++ b/library/cmac.c @@ -450,7 +450,7 @@ int mbedtls_aes_cmac_prf_128( const unsigned char *key, size_t key_length, } else { - memset( zero_key, 0, MBEDTLS_AES_BLOCK_SIZE ); + mbedtls_platform_memset( zero_key, 0, MBEDTLS_AES_BLOCK_SIZE ); ret = mbedtls_cipher_cmac( cipher_info, zero_key, 128, key, key_length, int_key ); diff --git a/library/ctr_drbg.c b/library/ctr_drbg.c index fb121575b..e7139cdee 100644 --- a/library/ctr_drbg.c +++ b/library/ctr_drbg.c @@ -55,7 +55,7 @@ */ void mbedtls_ctr_drbg_init( mbedtls_ctr_drbg_context *ctx ) { - memset( ctx, 0, sizeof( mbedtls_ctr_drbg_context ) ); + mbedtls_platform_memset( ctx, 0, sizeof( mbedtls_ctr_drbg_context ) ); #if defined(MBEDTLS_THREADING_C) mbedtls_mutex_init( &ctx->mutex ); @@ -89,7 +89,7 @@ int mbedtls_ctr_drbg_seed_entropy_len( int ret; unsigned char key[MBEDTLS_CTR_DRBG_KEYSIZE]; - memset( key, 0, MBEDTLS_CTR_DRBG_KEYSIZE ); + mbedtls_platform_memset( key, 0, MBEDTLS_CTR_DRBG_KEYSIZE ); mbedtls_aes_init( &ctx->aes_ctx ); @@ -168,7 +168,7 @@ static int block_cipher_df( unsigned char *output, if( data_len > MBEDTLS_CTR_DRBG_MAX_SEED_INPUT ) return( MBEDTLS_ERR_CTR_DRBG_INPUT_TOO_BIG ); - memset( buf, 0, MBEDTLS_CTR_DRBG_MAX_SEED_INPUT + MBEDTLS_CTR_DRBG_BLOCKSIZE + 16 ); + mbedtls_platform_memset( buf, 0, MBEDTLS_CTR_DRBG_MAX_SEED_INPUT + MBEDTLS_CTR_DRBG_BLOCKSIZE + 16 ); mbedtls_aes_init( &aes_ctx ); /* @@ -204,7 +204,7 @@ static int block_cipher_df( unsigned char *output, for( j = 0; j < MBEDTLS_CTR_DRBG_SEEDLEN; j += MBEDTLS_CTR_DRBG_BLOCKSIZE ) { p = buf; - memset( chain, 0, MBEDTLS_CTR_DRBG_BLOCKSIZE ); + mbedtls_platform_memset( chain, 0, MBEDTLS_CTR_DRBG_BLOCKSIZE ); use_len = buf_len; while( use_len > 0 ) @@ -284,7 +284,7 @@ static int ctr_drbg_update_internal( mbedtls_ctr_drbg_context *ctx, int i, j; int ret = 0; - memset( tmp, 0, MBEDTLS_CTR_DRBG_SEEDLEN ); + mbedtls_platform_memset( tmp, 0, MBEDTLS_CTR_DRBG_SEEDLEN ); for( j = 0; j < MBEDTLS_CTR_DRBG_SEEDLEN; j += MBEDTLS_CTR_DRBG_BLOCKSIZE ) { @@ -387,7 +387,7 @@ int mbedtls_ctr_drbg_reseed( mbedtls_ctr_drbg_context *ctx, len > MBEDTLS_CTR_DRBG_MAX_SEED_INPUT - ctx->entropy_len ) return( MBEDTLS_ERR_CTR_DRBG_INPUT_TOO_BIG ); - memset( seed, 0, MBEDTLS_CTR_DRBG_MAX_SEED_INPUT ); + mbedtls_platform_memset( seed, 0, MBEDTLS_CTR_DRBG_MAX_SEED_INPUT ); /* * Gather entropy_len bytes of entropy to seed state @@ -464,7 +464,7 @@ int mbedtls_ctr_drbg_random_with_add( void *p_rng, if( add_len > MBEDTLS_CTR_DRBG_MAX_INPUT ) return( MBEDTLS_ERR_CTR_DRBG_INPUT_TOO_BIG ); - memset( add_input, 0, MBEDTLS_CTR_DRBG_SEEDLEN ); + mbedtls_platform_memset( add_input, 0, MBEDTLS_CTR_DRBG_SEEDLEN ); if( ctx->reseed_counter > ctx->reseed_interval || ctx->prediction_resistance ) diff --git a/library/debug.c b/library/debug.c index da4ceac2c..9c8c2f68f 100644 --- a/library/debug.c +++ b/library/debug.c @@ -170,7 +170,7 @@ void mbedtls_debug_print_buf( const mbedtls_ssl_context *ssl, int level, debug_send_line( ssl, level, file, line, str ); idx = 0; - memset( txt, 0, sizeof( txt ) ); + mbedtls_platform_memset( txt, 0, sizeof( txt ) ); for( i = 0; i < len; i++ ) { if( i >= 4096 ) @@ -184,7 +184,7 @@ void mbedtls_debug_print_buf( const mbedtls_ssl_context *ssl, int level, debug_send_line( ssl, level, file, line, str ); idx = 0; - memset( txt, 0, sizeof( txt ) ); + mbedtls_platform_memset( txt, 0, sizeof( txt ) ); } idx += mbedtls_snprintf( str + idx, sizeof( str ) - idx, "%04x: ", @@ -309,7 +309,7 @@ static void debug_print_pk( const mbedtls_ssl_context *ssl, int level, mbedtls_pk_debug_item items[MBEDTLS_PK_DEBUG_MAX_ITEMS]; char name[16]; - memset( items, 0, sizeof( items ) ); + mbedtls_platform_memset( items, 0, sizeof( items ) ); if( mbedtls_pk_debug( pk, items ) != 0 ) { diff --git a/library/des.c b/library/des.c index 8a33d82e5..fca2ece95 100644 --- a/library/des.c +++ b/library/des.c @@ -311,7 +311,7 @@ static const uint32_t RHs[16] = void mbedtls_des_init( mbedtls_des_context *ctx ) { - memset( ctx, 0, sizeof( mbedtls_des_context ) ); + mbedtls_platform_memset( ctx, 0, sizeof( mbedtls_des_context ) ); } void mbedtls_des_free( mbedtls_des_context *ctx ) @@ -324,7 +324,7 @@ void mbedtls_des_free( mbedtls_des_context *ctx ) void mbedtls_des3_init( mbedtls_des3_context *ctx ) { - memset( ctx, 0, sizeof( mbedtls_des3_context ) ); + mbedtls_platform_memset( ctx, 0, sizeof( mbedtls_des3_context ) ); } void mbedtls_des3_free( mbedtls_des3_context *ctx ) diff --git a/library/dhm.c b/library/dhm.c index 8255632a9..0d7ee2460 100644 --- a/library/dhm.c +++ b/library/dhm.c @@ -127,7 +127,7 @@ cleanup: void mbedtls_dhm_init( mbedtls_dhm_context *ctx ) { DHM_VALIDATE( ctx != NULL ); - memset( ctx, 0, sizeof( mbedtls_dhm_context ) ); + mbedtls_platform_memset( ctx, 0, sizeof( mbedtls_dhm_context ) ); } /* diff --git a/library/ecdh.c b/library/ecdh.c index c5726877d..03763ffd8 100644 --- a/library/ecdh.c +++ b/library/ecdh.c @@ -179,7 +179,7 @@ void mbedtls_ecdh_init( mbedtls_ecdh_context *ctx ) mbedtls_ecp_point_init( &ctx->Vf ); mbedtls_mpi_init( &ctx->_d ); #else - memset( ctx, 0, sizeof( mbedtls_ecdh_context ) ); + mbedtls_platform_memset( ctx, 0, sizeof( mbedtls_ecdh_context ) ); ctx->var = MBEDTLS_ECDH_VARIANT_NONE; #endif diff --git a/library/ecjpake.c b/library/ecjpake.c index 3381c7c40..cee56b4a5 100644 --- a/library/ecjpake.c +++ b/library/ecjpake.c @@ -1104,7 +1104,7 @@ int mbedtls_ecjpake_self_test( int verbose ) TEST_ASSERT( len == sizeof( ecjpake_test_pms ) ); TEST_ASSERT( memcmp( buf, ecjpake_test_pms, len ) == 0 ); - memset( buf, 0, len ); /* Avoid interferences with next step */ + mbedtls_platform_memset( buf, 0, len ); /* Avoid interferences with next step */ /* Client derives PMS */ TEST_ASSERT( mbedtls_ecjpake_derive_secret( &cli, diff --git a/library/ecp.c b/library/ecp.c index db36191b9..5c2e0f1bd 100644 --- a/library/ecp.c +++ b/library/ecp.c @@ -1553,7 +1553,7 @@ static void ecp_comb_recode_core( unsigned char x[], size_t d, size_t i, j; unsigned char c, cc, adjust; - memset( x, 0, d+1 ); + mbedtls_platform_memset( x, 0, d+1 ); /* First get the classical comb values (except for x_d = 0) */ for( i = 0; i < d; i++ ) diff --git a/library/ecp_curves.c b/library/ecp_curves.c index 282481d05..2d5c0b230 100644 --- a/library/ecp_curves.c +++ b/library/ecp_curves.c @@ -1001,7 +1001,7 @@ static inline void sub32( uint32_t *dst, uint32_t src, signed char *carry ) C.s = 1; \ C.n = (b) / 8 / sizeof( mbedtls_mpi_uint) + 1; \ C.p = Cp; \ - memset( Cp, 0, C.n * sizeof( mbedtls_mpi_uint ) ); \ + mbedtls_platform_memset( Cp, 0, C.n * sizeof( mbedtls_mpi_uint ) ); \ \ MBEDTLS_MPI_CHK( mbedtls_mpi_grow( N, (b) * 2 / 8 / \ sizeof( mbedtls_mpi_uint ) ) ); \ @@ -1248,7 +1248,7 @@ static int ecp_mod_p255( mbedtls_mpi *N ) if( M.n > P255_WIDTH + 1 ) return( MBEDTLS_ERR_ECP_BAD_INPUT_DATA ); M.p = Mp; - memset( Mp, 0, sizeof Mp ); + mbedtls_platform_memset( Mp, 0, sizeof Mp ); memcpy( Mp, N->p + P255_WIDTH - 1, M.n * sizeof( mbedtls_mpi_uint ) ); MBEDTLS_MPI_CHK( mbedtls_mpi_shift_r( &M, 255 % ( 8 * sizeof( mbedtls_mpi_uint ) ) ) ); M.n++; /* Make room for multiplication by 19 */ @@ -1306,7 +1306,7 @@ static int ecp_mod_p448( mbedtls_mpi *N ) /* Shouldn't be called with N larger than 2^896! */ return( MBEDTLS_ERR_ECP_BAD_INPUT_DATA ); M.p = Mp; - memset( Mp, 0, sizeof( Mp ) ); + mbedtls_platform_memset( Mp, 0, sizeof( Mp ) ); memcpy( Mp, N->p + P448_WIDTH, M.n * sizeof( mbedtls_mpi_uint ) ); /* N = A0 */ @@ -1374,7 +1374,7 @@ static inline int ecp_mod_koblitz( mbedtls_mpi *N, mbedtls_mpi_uint *Rp, size_t M.n = N->n - ( p_limbs - adjust ); if( M.n > p_limbs + adjust ) M.n = p_limbs + adjust; - memset( Mp, 0, sizeof Mp ); + mbedtls_platform_memset( Mp, 0, sizeof Mp ); memcpy( Mp, N->p + p_limbs - adjust, M.n * sizeof( mbedtls_mpi_uint ) ); if( shift != 0 ) MBEDTLS_MPI_CHK( mbedtls_mpi_shift_r( &M, shift ) ); @@ -1396,7 +1396,7 @@ static inline int ecp_mod_koblitz( mbedtls_mpi *N, mbedtls_mpi_uint *Rp, size_t M.n = N->n - ( p_limbs - adjust ); if( M.n > p_limbs + adjust ) M.n = p_limbs + adjust; - memset( Mp, 0, sizeof Mp ); + mbedtls_platform_memset( Mp, 0, sizeof Mp ); memcpy( Mp, N->p + p_limbs - adjust, M.n * sizeof( mbedtls_mpi_uint ) ); if( shift != 0 ) MBEDTLS_MPI_CHK( mbedtls_mpi_shift_r( &M, shift ) ); diff --git a/library/entropy.c b/library/entropy.c index f8db1a550..4e29b31ec 100644 --- a/library/entropy.c +++ b/library/entropy.c @@ -65,7 +65,7 @@ void mbedtls_entropy_init( mbedtls_entropy_context *ctx ) { ctx->source_count = 0; - memset( ctx->source, 0, sizeof( ctx->source ) ); + mbedtls_platform_memset( ctx->source, 0, sizeof( ctx->source ) ); #if defined(MBEDTLS_THREADING_C) mbedtls_mutex_init( &ctx->mutex ); @@ -370,7 +370,7 @@ int mbedtls_entropy_func( void *data, unsigned char *output, size_t len ) } while( ! done ); - memset( buf, 0, MBEDTLS_ENTROPY_BLOCK_SIZE ); + mbedtls_platform_memset( buf, 0, MBEDTLS_ENTROPY_BLOCK_SIZE ); #if defined(MBEDTLS_ENTROPY_SHA512_ACCUMULATOR) /* @@ -453,7 +453,7 @@ int mbedtls_entropy_update_nv_seed( mbedtls_entropy_context *ctx ) return( MBEDTLS_ERR_ENTROPY_FILE_IO_ERROR ); /* Manually update the remaining stream with a separator value to diverge */ - memset( buf, 0, MBEDTLS_ENTROPY_BLOCK_SIZE ); + mbedtls_platform_memset( buf, 0, MBEDTLS_ENTROPY_BLOCK_SIZE ); ret = mbedtls_entropy_update_manual( ctx, buf, MBEDTLS_ENTROPY_BLOCK_SIZE ); return( ret ); @@ -531,7 +531,7 @@ static int entropy_dummy_source( void *data, unsigned char *output, { ((void) data); - memset( output, 0x2a, len ); + mbedtls_platform_memset( output, 0x2a, len ); *olen = len; return( 0 ); @@ -602,8 +602,8 @@ int mbedtls_entropy_source_self_test( int verbose ) if( verbose != 0 ) mbedtls_printf( " ENTROPY_BIAS test: " ); - memset( buf0, 0x00, sizeof( buf0 ) ); - memset( buf1, 0x00, sizeof( buf1 ) ); + mbedtls_platform_memset( buf0, 0x00, sizeof( buf0 ) ); + mbedtls_platform_memset( buf1, 0x00, sizeof( buf1 ) ); if( ( ret = mbedtls_entropy_source_self_test_gather( buf0, sizeof( buf0 ) ) ) != 0 ) goto cleanup; diff --git a/library/entropy_poll.c b/library/entropy_poll.c index 4556f88a5..413be4a53 100644 --- a/library/entropy_poll.c +++ b/library/entropy_poll.c @@ -106,7 +106,7 @@ static int getrandom_wrapper( void *buf, size_t buflen, unsigned int flags ) /* MemSan cannot understand that the syscall writes to the buffer */ #if defined(__has_feature) #if __has_feature(memory_sanitizer) - memset( buf, 0, buflen ); + mbedtls_platform_memset( buf, 0, buflen ); #endif #endif return( syscall( SYS_getrandom, buf, buflen, flags ) ); @@ -218,7 +218,7 @@ int mbedtls_nv_seed_poll( void *data, size_t use_len = MBEDTLS_ENTROPY_BLOCK_SIZE; ((void) data); - memset( buf, 0, MBEDTLS_ENTROPY_BLOCK_SIZE ); + mbedtls_platform_memset( buf, 0, MBEDTLS_ENTROPY_BLOCK_SIZE ); if( mbedtls_nv_seed_read( buf, MBEDTLS_ENTROPY_BLOCK_SIZE ) < 0 ) return( MBEDTLS_ERR_ENTROPY_SOURCE_FAILED ); diff --git a/library/error.c b/library/error.c index f250fe4c9..5a813f1ac 100644 --- a/library/error.c +++ b/library/error.c @@ -218,7 +218,7 @@ void mbedtls_strerror( int ret, char *buf, size_t buflen ) if( buflen == 0 ) return; - memset( buf, 0x00, buflen ); + mbedtls_platform_memset( buf, 0x00, buflen ); if( ret < 0 ) ret = -ret; diff --git a/library/gcm.c b/library/gcm.c index 675926a51..c40c5dd3f 100644 --- a/library/gcm.c +++ b/library/gcm.c @@ -92,7 +92,7 @@ void mbedtls_gcm_init( mbedtls_gcm_context *ctx ) { GCM_VALIDATE( ctx != NULL ); - memset( ctx, 0, sizeof( mbedtls_gcm_context ) ); + mbedtls_platform_memset( ctx, 0, sizeof( mbedtls_gcm_context ) ); } /* @@ -111,7 +111,7 @@ static int gcm_gen_table( mbedtls_gcm_context *ctx ) unsigned char h[16]; size_t olen = 0; - memset( h, 0, 16 ); + mbedtls_platform_memset( h, 0, 16 ); if( ( ret = mbedtls_cipher_update( &ctx->cipher_ctx, h, 16, h, &olen ) ) != 0 ) return( ret ); @@ -298,8 +298,8 @@ int mbedtls_gcm_starts( mbedtls_gcm_context *ctx, return( MBEDTLS_ERR_GCM_BAD_INPUT ); } - memset( ctx->y, 0x00, sizeof(ctx->y) ); - memset( ctx->buf, 0x00, sizeof(ctx->buf) ); + mbedtls_platform_memset( ctx->y, 0x00, sizeof(ctx->y) ); + mbedtls_platform_memset( ctx->buf, 0x00, sizeof(ctx->buf) ); ctx->mode = mode; ctx->len = 0; @@ -312,7 +312,7 @@ int mbedtls_gcm_starts( mbedtls_gcm_context *ctx, } else { - memset( work_buf, 0x00, 16 ); + mbedtls_platform_memset( work_buf, 0x00, 16 ); PUT_UINT32_BE( iv_len * 8, work_buf, 12 ); p = iv; @@ -444,7 +444,7 @@ int mbedtls_gcm_finish( mbedtls_gcm_context *ctx, if( orig_len || orig_add_len ) { - memset( work_buf, 0x00, 16 ); + mbedtls_platform_memset( work_buf, 0x00, 16 ); PUT_UINT32_BE( ( orig_add_len >> 32 ), work_buf, 0 ); PUT_UINT32_BE( ( orig_add_len ), work_buf, 4 ); diff --git a/library/havege.c b/library/havege.c index c139e1db0..d9891158c 100644 --- a/library/havege.c +++ b/library/havege.c @@ -184,7 +184,7 @@ static void havege_fill( mbedtls_havege_state *hs ) (void)PTX; - memset( RES, 0, sizeof( RES ) ); + mbedtls_platform_memset( RES, 0, sizeof( RES ) ); while( n < MBEDTLS_HAVEGE_COLLECT_SIZE * 4 ) { @@ -206,7 +206,7 @@ static void havege_fill( mbedtls_havege_state *hs ) */ void mbedtls_havege_init( mbedtls_havege_state *hs ) { - memset( hs, 0, sizeof( mbedtls_havege_state ) ); + mbedtls_platform_memset( hs, 0, sizeof( mbedtls_havege_state ) ); havege_fill( hs ); } diff --git a/library/hmac_drbg.c b/library/hmac_drbg.c index b51e9b18d..e00a83497 100644 --- a/library/hmac_drbg.c +++ b/library/hmac_drbg.c @@ -56,7 +56,7 @@ */ void mbedtls_hmac_drbg_init( mbedtls_hmac_drbg_context *ctx ) { - memset( ctx, 0, sizeof( mbedtls_hmac_drbg_context ) ); + mbedtls_platform_memset( ctx, 0, sizeof( mbedtls_hmac_drbg_context ) ); #if defined(MBEDTLS_THREADING_C) mbedtls_mutex_init( &ctx->mutex ); @@ -141,7 +141,7 @@ int mbedtls_hmac_drbg_seed_buf( mbedtls_hmac_drbg_context *ctx, if( ( ret = mbedtls_md_hmac_starts( &ctx->md_ctx, ctx->V, mbedtls_md_get_size( md_info ) ) ) != 0 ) return( ret ); - memset( ctx->V, 0x01, mbedtls_md_get_size( md_info ) ); + mbedtls_platform_memset( ctx->V, 0x01, mbedtls_md_get_size( md_info ) ); if( ( ret = mbedtls_hmac_drbg_update_ret( ctx, data, data_len ) ) != 0 ) return( ret ); @@ -178,7 +178,7 @@ static int hmac_drbg_reseed_core( mbedtls_hmac_drbg_context *ctx, } } - memset( seed, 0, MBEDTLS_HMAC_DRBG_MAX_SEED_INPUT ); + mbedtls_platform_memset( seed, 0, MBEDTLS_HMAC_DRBG_MAX_SEED_INPUT ); /* IV. Gather entropy_len bytes of entropy for the seed */ if( ( ret = ctx->f_entropy( ctx->p_entropy, @@ -268,7 +268,7 @@ int mbedtls_hmac_drbg_seed( mbedtls_hmac_drbg_context *ctx, */ if( ( ret = mbedtls_md_hmac_starts( &ctx->md_ctx, ctx->V, md_size ) ) != 0 ) return( ret ); - memset( ctx->V, 0x01, md_size ); + mbedtls_platform_memset( ctx->V, 0x01, md_size ); ctx->f_entropy = f_entropy; ctx->p_entropy = p_entropy; diff --git a/library/md.c b/library/md.c index 882942e13..92fe3a40e 100644 --- a/library/md.c +++ b/library/md.c @@ -387,7 +387,7 @@ mbedtls_md_handle_t mbedtls_md_info_from_type( mbedtls_md_type_t md_type ) void mbedtls_md_init( mbedtls_md_context_t *ctx ) { - memset( ctx, 0, sizeof( mbedtls_md_context_t ) ); + mbedtls_platform_memset( ctx, 0, sizeof( mbedtls_md_context_t ) ); #if defined(MBEDTLS_MD_SINGLE_HASH) mbedtls_md_info_init( mbedtls_md_get_handle( ctx ), @@ -563,8 +563,8 @@ int mbedtls_md_hmac_starts( mbedtls_md_context_t *ctx, const unsigned char *key, opad = (unsigned char *) ctx->hmac_ctx + mbedtls_md_info_block_size( md_info ); - memset( ipad, 0x36, mbedtls_md_info_block_size( md_info ) ); - memset( opad, 0x5C, mbedtls_md_info_block_size( md_info ) ); + mbedtls_platform_memset( ipad, 0x36, mbedtls_md_info_block_size( md_info ) ); + mbedtls_platform_memset( opad, 0x5C, mbedtls_md_info_block_size( md_info ) ); for( i = 0; i < keylen; i++ ) { diff --git a/library/md2.c b/library/md2.c index 1c0b3df52..fbec00824 100644 --- a/library/md2.c +++ b/library/md2.c @@ -81,7 +81,7 @@ static const unsigned char PI_SUBST[256] = void mbedtls_md2_init( mbedtls_md2_context *ctx ) { - memset( ctx, 0, sizeof( mbedtls_md2_context ) ); + mbedtls_platform_memset( ctx, 0, sizeof( mbedtls_md2_context ) ); } void mbedtls_md2_free( mbedtls_md2_context *ctx ) @@ -103,9 +103,9 @@ void mbedtls_md2_clone( mbedtls_md2_context *dst, */ int mbedtls_md2_starts_ret( mbedtls_md2_context *ctx ) { - memset( ctx->cksum, 0, 16 ); - memset( ctx->state, 0, 46 ); - memset( ctx->buffer, 0, 16 ); + mbedtls_platform_memset( ctx->cksum, 0, 16 ); + mbedtls_platform_memset( ctx->state, 0, 46 ); + mbedtls_platform_memset( ctx->buffer, 0, 16 ); ctx->left = 0; return( 0 ); diff --git a/library/md4.c b/library/md4.c index 828fd4299..6a45df6e6 100644 --- a/library/md4.c +++ b/library/md4.c @@ -74,7 +74,7 @@ void mbedtls_md4_init( mbedtls_md4_context *ctx ) { - memset( ctx, 0, sizeof( mbedtls_md4_context ) ); + mbedtls_platform_memset( ctx, 0, sizeof( mbedtls_md4_context ) ); } void mbedtls_md4_free( mbedtls_md4_context *ctx ) diff --git a/library/md5.c b/library/md5.c index a93da8a06..762923de4 100644 --- a/library/md5.c +++ b/library/md5.c @@ -73,7 +73,7 @@ void mbedtls_md5_init( mbedtls_md5_context *ctx ) { - memset( ctx, 0, sizeof( mbedtls_md5_context ) ); + mbedtls_platform_memset( ctx, 0, sizeof( mbedtls_md5_context ) ); } void mbedtls_md5_free( mbedtls_md5_context *ctx ) @@ -332,17 +332,17 @@ int mbedtls_md5_finish_ret( mbedtls_md5_context *ctx, if( used <= 56 ) { /* Enough room for padding + length in current block */ - memset( ctx->buffer + used, 0, 56 - used ); + mbedtls_platform_memset( ctx->buffer + used, 0, 56 - used ); } else { /* We'll need an extra block */ - memset( ctx->buffer + used, 0, 64 - used ); + mbedtls_platform_memset( ctx->buffer + used, 0, 64 - used ); if( ( ret = mbedtls_internal_md5_process( ctx, ctx->buffer ) ) != 0 ) return( ret ); - memset( ctx->buffer, 0, 56 ); + mbedtls_platform_memset( ctx->buffer, 0, 56 ); } /* diff --git a/library/memory_buffer_alloc.c b/library/memory_buffer_alloc.c index 51ea7c41d..ca08e04f5 100644 --- a/library/memory_buffer_alloc.c +++ b/library/memory_buffer_alloc.c @@ -315,7 +315,7 @@ static void *buffer_alloc_calloc( size_t n, size_t size ) mbedtls_exit( 1 ); ret = (unsigned char *) cur + sizeof( memory_header ); - memset( ret, 0, original_len ); + mbedtls_platform_memset( ret, 0, original_len ); return( ret ); } @@ -373,7 +373,7 @@ static void *buffer_alloc_calloc( size_t n, size_t size ) mbedtls_exit( 1 ); ret = (unsigned char *) cur + sizeof( memory_header ); - memset( ret, 0, original_len ); + mbedtls_platform_memset( ret, 0, original_len ); return( ret ); } @@ -438,7 +438,7 @@ static void buffer_alloc_free( void *ptr ) if( hdr->next != NULL ) hdr->next->prev = hdr; - memset( old, 0, sizeof(memory_header) ); + mbedtls_platform_memset( old, 0, sizeof(memory_header) ); } // Regroup with block after @@ -477,7 +477,7 @@ static void buffer_alloc_free( void *ptr ) if( hdr->next != NULL ) hdr->next->prev = hdr; - memset( old, 0, sizeof(memory_header) ); + mbedtls_platform_memset( old, 0, sizeof(memory_header) ); } // Prepend to free_list if we have not merged @@ -572,7 +572,7 @@ static void buffer_alloc_free_mutexed( void *ptr ) void mbedtls_memory_buffer_alloc_init( unsigned char *buf, size_t len ) { - memset( &heap, 0, sizeof( buffer_alloc_ctx ) ); + mbedtls_platform_memset( &heap, 0, sizeof( buffer_alloc_ctx ) ); #if defined(MBEDTLS_THREADING_C) mbedtls_mutex_init( &heap.mutex ); @@ -593,7 +593,7 @@ void mbedtls_memory_buffer_alloc_init( unsigned char *buf, size_t len ) - (size_t)buf % MBEDTLS_MEMORY_ALIGN_MULTIPLE; } - memset( buf, 0, len ); + mbedtls_platform_memset( buf, 0, len ); heap.buf = buf; heap.len = len; diff --git a/library/net_sockets.c b/library/net_sockets.c index 8d6c788dc..58244e5eb 100644 --- a/library/net_sockets.c +++ b/library/net_sockets.c @@ -154,7 +154,7 @@ int mbedtls_net_connect( mbedtls_net_context *ctx, const char *host, return( ret ); /* Do name resolution with both IPv6 and IPv4 */ - memset( &hints, 0, sizeof( hints ) ); + mbedtls_platform_memset( &hints, 0, sizeof( hints ) ); hints.ai_family = AF_UNSPEC; hints.ai_socktype = proto == MBEDTLS_NET_PROTO_UDP ? SOCK_DGRAM : SOCK_STREAM; hints.ai_protocol = proto == MBEDTLS_NET_PROTO_UDP ? IPPROTO_UDP : IPPROTO_TCP; @@ -201,7 +201,7 @@ int mbedtls_net_bind( mbedtls_net_context *ctx, const char *bind_ip, const char return( ret ); /* Bind to IPv6 and/or IPv4, but only in the desired protocol */ - memset( &hints, 0, sizeof( hints ) ); + mbedtls_platform_memset( &hints, 0, sizeof( hints ) ); hints.ai_family = AF_UNSPEC; hints.ai_socktype = proto == MBEDTLS_NET_PROTO_UDP ? SOCK_DGRAM : SOCK_STREAM; hints.ai_protocol = proto == MBEDTLS_NET_PROTO_UDP ? IPPROTO_UDP : IPPROTO_TCP; @@ -471,8 +471,8 @@ int mbedtls_net_poll( mbedtls_net_context *ctx, uint32_t rw, uint32_t timeout ) /* Ensure that memory sanitizers consider read_fds and write_fds as * initialized even on platforms such as Glibc/x86_64 where FD_ZERO * is implemented in assembly. */ - memset( &read_fds, 0, sizeof( read_fds ) ); - memset( &write_fds, 0, sizeof( write_fds ) ); + mbedtls_platform_memset( &read_fds, 0, sizeof( read_fds ) ); + mbedtls_platform_memset( &write_fds, 0, sizeof( write_fds ) ); #endif #endif diff --git a/library/nist_kw.c b/library/nist_kw.c index 317a2426a..47581443b 100644 --- a/library/nist_kw.c +++ b/library/nist_kw.c @@ -107,7 +107,7 @@ do { \ */ void mbedtls_nist_kw_init( mbedtls_nist_kw_context *ctx ) { - memset( ctx, 0, sizeof( mbedtls_nist_kw_context ) ); + mbedtls_platform_memset( ctx, 0, sizeof( mbedtls_nist_kw_context ) ); } int mbedtls_nist_kw_setkey( mbedtls_nist_kw_context *ctx, @@ -254,7 +254,7 @@ int mbedtls_nist_kw_wrap( mbedtls_nist_kw_context *ctx, KW_SEMIBLOCK_LENGTH / 2 ); memcpy( output + KW_SEMIBLOCK_LENGTH, input, in_len ); - memset( output + KW_SEMIBLOCK_LENGTH + in_len, 0, padlen ); + mbedtls_platform_memset( output + KW_SEMIBLOCK_LENGTH + in_len, 0, padlen ); } semiblocks = ( ( in_len + padlen ) / KW_SEMIBLOCK_LENGTH ) + 1; @@ -307,7 +307,7 @@ cleanup: if( ret != 0) { - memset( output, 0, semiblocks * KW_SEMIBLOCK_LENGTH ); + mbedtls_platform_memset( output, 0, semiblocks * KW_SEMIBLOCK_LENGTH ); } mbedtls_platform_zeroize( inbuff, KW_SEMIBLOCK_LENGTH * 2 ); mbedtls_platform_zeroize( outbuff, KW_SEMIBLOCK_LENGTH * 2 ); @@ -373,7 +373,7 @@ static int unwrap( mbedtls_nist_kw_context *ctx, cleanup: if( ret != 0) - memset( output, 0, ( semiblocks - 1 ) * KW_SEMIBLOCK_LENGTH ); + mbedtls_platform_memset( output, 0, ( semiblocks - 1 ) * KW_SEMIBLOCK_LENGTH ); mbedtls_platform_zeroize( inbuff, sizeof( inbuff ) ); mbedtls_platform_zeroize( outbuff, sizeof( outbuff ) ); @@ -509,7 +509,7 @@ int mbedtls_nist_kw_unwrap( mbedtls_nist_kw_context *ctx, { goto cleanup; } - memset( output + Plen, 0, padlen ); + mbedtls_platform_memset( output + Plen, 0, padlen ); *out_len = Plen; } else @@ -521,7 +521,7 @@ int mbedtls_nist_kw_unwrap( mbedtls_nist_kw_context *ctx, cleanup: if( ret != 0 ) { - memset( output, 0, *out_len ); + mbedtls_platform_memset( output, 0, *out_len ); *out_len = 0; } diff --git a/library/pem.c b/library/pem.c index 897c8a0d6..96e4718f9 100644 --- a/library/pem.c +++ b/library/pem.c @@ -48,7 +48,7 @@ #if defined(MBEDTLS_PEM_PARSE_C) void mbedtls_pem_init( mbedtls_pem_context *ctx ) { - memset( ctx, 0, sizeof( mbedtls_pem_context ) ); + mbedtls_platform_memset( ctx, 0, sizeof( mbedtls_pem_context ) ); } #if defined(MBEDTLS_MD5_C) && defined(MBEDTLS_CIPHER_MODE_CBC) && \ @@ -61,7 +61,7 @@ static int pem_get_iv( const unsigned char *s, unsigned char *iv, { size_t i, j, k; - memset( iv, 0, iv_len ); + mbedtls_platform_memset( iv, 0, iv_len ); for( i = 0; i < iv_len * 2; i++, s++ ) { diff --git a/library/pk.c b/library/pk.c index fb563d0cc..a2d86e125 100644 --- a/library/pk.c +++ b/library/pk.c @@ -511,7 +511,7 @@ static int extract_ecdsa_sig_int( unsigned char **from, const unsigned char *end return( MBEDTLS_ERR_ASN1_LENGTH_MISMATCH ); padding_len = to_len - unpadded_len; - memset( to, 0x00, padding_len ); + mbedtls_platform_memset( to, 0x00, padding_len ); memcpy( to + padding_len, *from, unpadded_len ); ( *from ) += unpadded_len; @@ -941,7 +941,7 @@ static int rsa_alt_check_pair( const void *pub, const void *prv ) if( rsa_alt_get_bitlen( prv ) != rsa_get_bitlen( pub ) ) return( MBEDTLS_ERR_RSA_KEY_CHECK_FAILED ); - memset( hash, 0x2a, sizeof( hash ) ); + mbedtls_platform_memset( hash, 0x2a, sizeof( hash ) ); if( ( ret = rsa_alt_sign_wrap( (void *) prv, MBEDTLS_MD_NONE, hash, sizeof( hash ), @@ -965,7 +965,7 @@ static void *rsa_alt_alloc_wrap( void ) void *ctx = mbedtls_calloc( 1, sizeof( mbedtls_rsa_alt_context ) ); if( ctx != NULL ) - memset( ctx, 0, sizeof( mbedtls_rsa_alt_context ) ); + mbedtls_platform_memset( ctx, 0, sizeof( mbedtls_rsa_alt_context ) ); return( ctx ); } diff --git a/library/pkcs11.c b/library/pkcs11.c index 9ef53533f..ecdfde9e2 100644 --- a/library/pkcs11.c +++ b/library/pkcs11.c @@ -43,7 +43,7 @@ void mbedtls_pkcs11_init( mbedtls_pkcs11_context *ctx ) { - memset( ctx, 0, sizeof( mbedtls_pkcs11_context ) ); + mbedtls_platform_memset( ctx, 0, sizeof( mbedtls_pkcs11_context ) ); } int mbedtls_pkcs11_x509_cert_bind( mbedtls_x509_crt *cert, pkcs11h_certificate_t pkcs11_cert ) diff --git a/library/pkcs12.c b/library/pkcs12.c index e16d0a934..85eb31e43 100644 --- a/library/pkcs12.c +++ b/library/pkcs12.c @@ -99,8 +99,8 @@ static int pkcs12_pbe_derive_key_iv( mbedtls_asn1_buf *pbe_params, mbedtls_md_ty if( pwdlen > PKCS12_MAX_PWDLEN ) return( MBEDTLS_ERR_PKCS12_BAD_INPUT_DATA ); - memset( &salt, 0, sizeof(mbedtls_asn1_buf) ); - memset( &unipwd, 0, sizeof(unipwd) ); + mbedtls_platform_memset( &salt, 0, sizeof(mbedtls_asn1_buf) ); + mbedtls_platform_memset( &unipwd, 0, sizeof(unipwd) ); if( ( ret = pkcs12_parse_pbe_params( pbe_params, &salt, &iterations ) ) != 0 ) @@ -283,7 +283,7 @@ int mbedtls_pkcs12_derivation( unsigned char *data, size_t datalen, else v = 128; - memset( diversifier, (unsigned char) id, v ); + mbedtls_platform_memset( diversifier, (unsigned char) id, v ); pkcs12_fill_buffer( salt_block, v, salt, saltlen ); pkcs12_fill_buffer( pwd_block, v, pwd, pwdlen ); diff --git a/library/pkcs5.c b/library/pkcs5.c index a517778a4..e551547b9 100644 --- a/library/pkcs5.c +++ b/library/pkcs5.c @@ -231,7 +231,7 @@ int mbedtls_pkcs5_pbkdf2_hmac( mbedtls_md_context_t *ctx, const unsigned char *p unsigned char *out_p = output; unsigned char counter[4]; - memset( counter, 0, 4 ); + mbedtls_platform_memset( counter, 0, 4 ); counter[3] = 1; #if UINT_MAX > 0xFFFFFFFF diff --git a/library/pkparse.c b/library/pkparse.c index 4cff8d7e2..cea5a7f0a 100644 --- a/library/pkparse.c +++ b/library/pkparse.c @@ -654,7 +654,7 @@ static int pk_get_pk_alg( unsigned char **p, int ret; mbedtls_asn1_buf alg_oid; - memset( params, 0, sizeof(mbedtls_asn1_buf) ); + mbedtls_platform_memset( params, 0, sizeof(mbedtls_asn1_buf) ); if( ( ret = mbedtls_asn1_get_alg( p, end, &alg_oid, params ) ) != 0 ) return( MBEDTLS_ERR_PK_INVALID_ALG + ret ); diff --git a/library/poly1305.c b/library/poly1305.c index 2b56c5f7e..6fd9044e6 100644 --- a/library/poly1305.c +++ b/library/poly1305.c @@ -404,7 +404,7 @@ int mbedtls_poly1305_finish( mbedtls_poly1305_context *ctx, ctx->queue_len++; /* Pad with zeroes */ - memset( &ctx->queue[ctx->queue_len], + mbedtls_platform_memset( &ctx->queue[ctx->queue_len], 0, POLY1305_BLOCK_SIZE_BYTES - ctx->queue_len ); diff --git a/library/ripemd160.c b/library/ripemd160.c index 0791ae4cc..3a896ae42 100644 --- a/library/ripemd160.c +++ b/library/ripemd160.c @@ -74,7 +74,7 @@ void mbedtls_ripemd160_init( mbedtls_ripemd160_context *ctx ) { - memset( ctx, 0, sizeof( mbedtls_ripemd160_context ) ); + mbedtls_platform_memset( ctx, 0, sizeof( mbedtls_ripemd160_context ) ); } void mbedtls_ripemd160_free( mbedtls_ripemd160_context *ctx ) @@ -520,7 +520,7 @@ int mbedtls_ripemd160_self_test( int verbose ) int i, ret = 0; unsigned char output[20]; - memset( output, 0, sizeof output ); + mbedtls_platform_memset( output, 0, sizeof output ); for( i = 0; i < TESTS; i++ ) { diff --git a/library/rsa.c b/library/rsa.c index 3bfc73ec5..a66de521a 100644 --- a/library/rsa.c +++ b/library/rsa.c @@ -481,7 +481,7 @@ void mbedtls_rsa_init( mbedtls_rsa_context *ctx, RSA_VALIDATE( padding == MBEDTLS_RSA_PKCS_V15 || padding == MBEDTLS_RSA_PKCS_V21 ); - memset( ctx, 0, sizeof( mbedtls_rsa_context ) ); + mbedtls_platform_memset( ctx, 0, sizeof( mbedtls_rsa_context ) ); mbedtls_rsa_set_padding( ctx, padding, hash_id ); @@ -1073,8 +1073,8 @@ static int mgf_mask( unsigned char *dst, size_t dlen, unsigned char *src, size_t i, use_len; int ret = 0; - memset( mask, 0, MBEDTLS_MD_MAX_SIZE ); - memset( counter, 0, 4 ); + mbedtls_platform_memset( mask, 0, MBEDTLS_MD_MAX_SIZE ); + mbedtls_platform_memset( counter, 0, 4 ); hlen = mbedtls_md_get_size( mbedtls_md_get_handle( md_ctx ) ); @@ -1155,7 +1155,7 @@ int mbedtls_rsa_rsaes_oaep_encrypt( mbedtls_rsa_context *ctx, if( ilen + 2 * hlen + 2 < ilen || olen < ilen + 2 * hlen + 2 ) return( MBEDTLS_ERR_RSA_BAD_INPUT_DATA ); - memset( output, 0, olen ); + mbedtls_platform_memset( output, 0, olen ); *p++ = 0; @@ -1510,7 +1510,7 @@ static unsigned if_int( unsigned cond, unsigned if1, unsigned if0 ) * `mem_move_to_left(start, total, offset)` is functionally equivalent to * ``` * memmove(start, start + offset, total - offset); - * memset(start + offset, 0, total - offset); + * mbedtls_platform_memset(start + offset, 0, total - offset); * ``` * but it strives to use a memory access pattern (and thus total timing) * that does not depend on \p offset. This timing independence comes at @@ -1815,7 +1815,7 @@ int mbedtls_rsa_rsassa_pss_sign( mbedtls_rsa_context *ctx, else slen = olen - hlen - 2; - memset( sig, 0, olen ); + mbedtls_platform_memset( sig, 0, olen ); /* Generate salt of length slen */ if( ( ret = f_rng( p_rng, salt, slen ) ) != 0 ) @@ -1958,7 +1958,7 @@ static int rsa_rsassa_pkcs1_v15_encode( mbedtls_md_type_t md_alg, /* Write signature header and padding */ *p++ = 0; *p++ = MBEDTLS_RSA_SIGN; - memset( p, 0xFF, nb_pad ); + mbedtls_platform_memset( p, 0xFF, nb_pad ); p += nb_pad; *p++ = 0; @@ -2198,7 +2198,7 @@ int mbedtls_rsa_rsassa_pss_verify_ext( mbedtls_rsa_context *ctx, hlen = mbedtls_md_get_size( md_info ); - memset( zeros, 0, 8 ); + mbedtls_platform_memset( zeros, 0, 8 ); /* * Note: EMSA-PSS verification is over the length of N - 1 bits diff --git a/library/sha1.c b/library/sha1.c index 355c83d2f..842c11ef8 100644 --- a/library/sha1.c +++ b/library/sha1.c @@ -80,7 +80,7 @@ void mbedtls_sha1_init( mbedtls_sha1_context *ctx ) { SHA1_VALIDATE( ctx != NULL ); - memset( ctx, 0, sizeof( mbedtls_sha1_context ) ); + mbedtls_platform_memset( ctx, 0, sizeof( mbedtls_sha1_context ) ); } void mbedtls_sha1_free( mbedtls_sha1_context *ctx ) @@ -385,17 +385,17 @@ int mbedtls_sha1_finish_ret( mbedtls_sha1_context *ctx, if( used <= 56 ) { /* Enough room for padding + length in current block */ - memset( ctx->buffer + used, 0, 56 - used ); + mbedtls_platform_memset( ctx->buffer + used, 0, 56 - used ); } else { /* We'll need an extra block */ - memset( ctx->buffer + used, 0, 64 - used ); + mbedtls_platform_memset( ctx->buffer + used, 0, 64 - used ); if( ( ret = mbedtls_internal_sha1_process( ctx, ctx->buffer ) ) != 0 ) return( ret ); - memset( ctx->buffer, 0, 56 ); + mbedtls_platform_memset( ctx->buffer, 0, 56 ); } /* @@ -523,7 +523,7 @@ int mbedtls_sha1_self_test( int verbose ) if( i == 2 ) { - memset( buf, 'a', buflen = 1000 ); + mbedtls_platform_memset( buf, 'a', buflen = 1000 ); for( j = 0; j < 1000; j++ ) { diff --git a/library/sha256.c b/library/sha256.c index 98965f7a7..10d3ff590 100644 --- a/library/sha256.c +++ b/library/sha256.c @@ -59,7 +59,7 @@ void mbedtls_sha256_init( mbedtls_sha256_context *ctx ) { SHA256_VALIDATE( ctx != NULL ); - memset( ctx, 0, sizeof( mbedtls_sha256_context ) ); + mbedtls_platform_memset( ctx, 0, sizeof( mbedtls_sha256_context ) ); } void mbedtls_sha256_free( mbedtls_sha256_context *ctx ) @@ -337,17 +337,17 @@ int mbedtls_sha256_finish_ret( mbedtls_sha256_context *ctx, if( used <= 56 ) { /* Enough room for padding + length in current block */ - memset( ctx->buffer + used, 0, 56 - used ); + mbedtls_platform_memset( ctx->buffer + used, 0, 56 - used ); } else { /* We'll need an extra block */ - memset( ctx->buffer + used, 0, 64 - used ); + mbedtls_platform_memset( ctx->buffer + used, 0, 64 - used ); if( ( ret = mbedtls_internal_sha256_process( ctx, ctx->buffer ) ) != 0 ) return( ret ); - memset( ctx->buffer, 0, 56 ); + mbedtls_platform_memset( ctx->buffer, 0, 56 ); } /* @@ -527,7 +527,7 @@ int mbedtls_sha256_self_test( int verbose ) if( j == 2 ) { - memset( buf, 'a', buflen = 1000 ); + mbedtls_platform_memset( buf, 'a', buflen = 1000 ); for( j = 0; j < 1000; j++ ) { diff --git a/library/sha512.c b/library/sha512.c index bdd20b284..44c087dea 100644 --- a/library/sha512.c +++ b/library/sha512.c @@ -96,7 +96,7 @@ void mbedtls_sha512_init( mbedtls_sha512_context *ctx ) { SHA512_VALIDATE( ctx != NULL ); - memset( ctx, 0, sizeof( mbedtls_sha512_context ) ); + mbedtls_platform_memset( ctx, 0, sizeof( mbedtls_sha512_context ) ); } void mbedtls_sha512_free( mbedtls_sha512_context *ctx ) @@ -383,17 +383,17 @@ int mbedtls_sha512_finish_ret( mbedtls_sha512_context *ctx, if( used <= 112 ) { /* Enough room for padding + length in current block */ - memset( ctx->buffer + used, 0, 112 - used ); + mbedtls_platform_memset( ctx->buffer + used, 0, 112 - used ); } else { /* We'll need an extra block */ - memset( ctx->buffer + used, 0, 128 - used ); + mbedtls_platform_memset( ctx->buffer + used, 0, 128 - used ); if( ( ret = mbedtls_internal_sha512_process( ctx, ctx->buffer ) ) != 0 ) return( ret ); - memset( ctx->buffer, 0, 112 ); + mbedtls_platform_memset( ctx->buffer, 0, 112 ); } /* @@ -585,7 +585,7 @@ int mbedtls_sha512_self_test( int verbose ) if( j == 2 ) { - memset( buf, 'a', buflen = 1000 ); + mbedtls_platform_memset( buf, 'a', buflen = 1000 ); for( j = 0; j < 1000; j++ ) { diff --git a/library/ssl_cache.c b/library/ssl_cache.c index 90e2a81ca..fefc6d0dd 100644 --- a/library/ssl_cache.c +++ b/library/ssl_cache.c @@ -46,7 +46,7 @@ void mbedtls_ssl_cache_init( mbedtls_ssl_cache_context *cache ) { - memset( cache, 0, sizeof( mbedtls_ssl_cache_context ) ); + mbedtls_platform_memset( cache, 0, sizeof( mbedtls_ssl_cache_context ) ); cache->timeout = MBEDTLS_SSL_CACHE_DEFAULT_TIMEOUT; cache->max_entries = MBEDTLS_SSL_CACHE_DEFAULT_MAX_ENTRIES; @@ -260,7 +260,7 @@ int mbedtls_ssl_cache_set( void *data, const mbedtls_ssl_session *session ) if( cur->peer_cert.p != NULL ) { mbedtls_free( cur->peer_cert.p ); - memset( &cur->peer_cert, 0, sizeof(mbedtls_x509_buf) ); + mbedtls_platform_memset( &cur->peer_cert, 0, sizeof(mbedtls_x509_buf) ); } #endif /* MBEDTLS_X509_CRT_PARSE_C && MBEDTLS_SSL_KEEP_PEER_CERTIFICATE */ diff --git a/library/ssl_srv.c b/library/ssl_srv.c index 747b9f45f..ad049343e 100644 --- a/library/ssl_srv.c +++ b/library/ssl_srv.c @@ -1215,12 +1215,12 @@ static int ssl_parse_client_hello_v2( mbedtls_ssl_context *ssl ) p = buf + 6 + ciph_len; ssl->session_negotiate->id_len = sess_len; - memset( ssl->session_negotiate->id, 0, + mbedtls_platform_memset( ssl->session_negotiate->id, 0, sizeof( ssl->session_negotiate->id ) ); memcpy( ssl->session_negotiate->id, p, ssl->session_negotiate->id_len ); p += sess_len; - memset( ssl->handshake->randbytes, 0, 64 ); + mbedtls_platform_memset( ssl->handshake->randbytes, 0, 64 ); memcpy( ssl->handshake->randbytes + 32 - chal_len, p, chal_len ); /* @@ -1735,7 +1735,7 @@ read_record_header: MBEDTLS_SSL_DEBUG_BUF( 3, "client hello, session id", buf + 35, sess_len ); ssl->session_negotiate->id_len = sess_len; - memset( ssl->session_negotiate->id, 0, + mbedtls_platform_memset( ssl->session_negotiate->id, 0, sizeof( ssl->session_negotiate->id ) ); memcpy( ssl->session_negotiate->id, buf + 35, ssl->session_negotiate->id_len ); @@ -2863,7 +2863,7 @@ static int ssl_write_server_hello( mbedtls_ssl_context *ssl ) if( ssl->handshake->new_session_ticket != 0 ) { ssl->session_negotiate->id_len = n = 0; - memset( ssl->session_negotiate->id, 0, 32 ); + mbedtls_platform_memset( ssl->session_negotiate->id, 0, 32 ); } else #endif /* MBEDTLS_SSL_SESSION_TICKETS */ diff --git a/library/ssl_ticket.c b/library/ssl_ticket.c index 285e73663..30f04ab08 100644 --- a/library/ssl_ticket.c +++ b/library/ssl_ticket.c @@ -45,7 +45,7 @@ */ void mbedtls_ssl_ticket_init( mbedtls_ssl_ticket_context *ctx ) { - memset( ctx, 0, sizeof( mbedtls_ssl_ticket_context ) ); + mbedtls_platform_memset( ctx, 0, sizeof( mbedtls_ssl_ticket_context ) ); #if defined(MBEDTLS_THREADING_C) mbedtls_mutex_init( &ctx->mutex ); diff --git a/library/ssl_tls.c b/library/ssl_tls.c index 981009051..64d33354f 100644 --- a/library/ssl_tls.c +++ b/library/ssl_tls.c @@ -615,7 +615,7 @@ MBEDTLS_NO_INLINE static int ssl3_prf( const unsigned char *secret, size_t slen, */ for( i = 0; i < dlen / 16; i++ ) { - memset( padding, (unsigned char) ('A' + i), 1 + i ); + mbedtls_platform_memset( padding, (unsigned char) ('A' + i), 1 + i ); if( ( ret = mbedtls_sha1_starts_ret( &sha1 ) ) != 0 ) goto exit; @@ -942,7 +942,7 @@ MBEDTLS_NO_INLINE static void ssl_calc_finished_ssl( sender = ( from == MBEDTLS_SSL_IS_CLIENT ) ? "CLNT" : "SRVR"; - memset( padbuf, 0x36, 48 ); + mbedtls_platform_memset( padbuf, 0x36, 48 ); mbedtls_md5_update_ret( &md5, (const unsigned char *) sender, 4 ); mbedtls_md5_update_ret( &md5, session->master, 48 ); @@ -954,7 +954,7 @@ MBEDTLS_NO_INLINE static void ssl_calc_finished_ssl( mbedtls_sha1_update_ret( &sha1, padbuf, 40 ); mbedtls_sha1_finish_ret( &sha1, sha1sum ); - memset( padbuf, 0x5C, 48 ); + mbedtls_platform_memset( padbuf, 0x5C, 48 ); mbedtls_md5_starts_ret( &md5 ); mbedtls_md5_update_ret( &md5, session->master, 48 ); @@ -1600,8 +1600,8 @@ int ssl_populate_transform( mbedtls_ssl_transform *transform, { MBEDTLS_SSL_DEBUG_MSG( 3, ( "Initializing zlib states" ) ); - memset( &transform->ctx_deflate, 0, sizeof( transform->ctx_deflate ) ); - memset( &transform->ctx_inflate, 0, sizeof( transform->ctx_inflate ) ); + mbedtls_platform_memset( &transform->ctx_deflate, 0, sizeof( transform->ctx_deflate ) ); + mbedtls_platform_memset( &transform->ctx_inflate, 0, sizeof( transform->ctx_inflate ) ); if( deflateInit( &transform->ctx_deflate, Z_DEFAULT_COMPRESSION ) != Z_OK || @@ -1634,8 +1634,8 @@ static inline void ssl_calc_verify_ssl( const mbedtls_ssl_context *ssl, mbedtls_md5_clone( &md5, &ssl->handshake->fin_md5 ); mbedtls_sha1_clone( &sha1, &ssl->handshake->fin_sha1 ); - memset( pad_1, 0x36, 48 ); - memset( pad_2, 0x5C, 48 ); + mbedtls_platform_memset( pad_1, 0x36, 48 ); + mbedtls_platform_memset( pad_2, 0x5C, 48 ); mbedtls_md5_update_ret( &md5, ssl->session_negotiate->master, 48 ); mbedtls_md5_update_ret( &md5, pad_1, 48 ); @@ -2116,7 +2116,7 @@ int mbedtls_ssl_psk_derive_premaster( mbedtls_ssl_context *ssl, mbedtls_key_exch if( end < p || (size_t)( end - p ) < psk_len ) return( MBEDTLS_ERR_SSL_BAD_INPUT_DATA ); - memset( p, 0, psk_len ); + mbedtls_platform_memset( p, 0, psk_len ); p += psk_len; } else @@ -2247,7 +2247,7 @@ static void ssl_mac( mbedtls_md_context_t *md_ctx, header[8] = (unsigned char) type; (void)mbedtls_platform_put_uint16_be( &header[9], len ); - memset( padding, 0x36, padlen ); + mbedtls_platform_memset( padding, 0x36, padlen ); mbedtls_md_starts( md_ctx ); mbedtls_md_update( md_ctx, secret, md_size ); mbedtls_md_update( md_ctx, padding, padlen ); @@ -2255,7 +2255,7 @@ static void ssl_mac( mbedtls_md_context_t *md_ctx, mbedtls_md_update( md_ctx, buf, len ); mbedtls_md_finish( md_ctx, out ); - memset( padding, 0x5C, padlen ); + mbedtls_platform_memset( padding, 0x5C, padlen ); mbedtls_md_starts( md_ctx ); mbedtls_md_update( md_ctx, secret, md_size ); mbedtls_md_update( md_ctx, padding, padlen ); @@ -2335,7 +2335,7 @@ static int ssl_cid_build_inner_plaintext( unsigned char *content, if( remaining < pad ) return( -1 ); - memset( content + len, 0, pad ); + mbedtls_platform_memset( content + len, 0, pad ); len += pad; remaining -= pad; @@ -3376,7 +3376,7 @@ int mbedtls_ssl_decrypt_buf( mbedtls_ssl_context const *ssl, const size_t max_len = rec->data_len + padlen; const size_t min_len = ( max_len > 256 ) ? max_len - 256 : 0; - memset( tmp, 0, sizeof( tmp ) ); + mbedtls_platform_memset( tmp, 0, sizeof( tmp ) ); switch( mbedtls_md_get_type( mbedtls_md_get_handle( &transform->md_ctx_dec ) ) ) @@ -4400,7 +4400,7 @@ int mbedtls_ssl_write_handshake_msg( mbedtls_ssl_context *ssl ) /* Handshake hashes are computed without fragmentation, * so set frag_offset = 0 and frag_len = hs_len for now */ - memset( ssl->out_msg + 6, 0x00, 3 ); + mbedtls_platform_memset( ssl->out_msg + 6, 0x00, 3 ); memcpy( ssl->out_msg + 9, ssl->out_msg + 1, 3 ); } #endif /* MBEDTLS_SSL_PROTO_DTLS */ @@ -4712,7 +4712,7 @@ static void ssl_bitmask_set( unsigned char *mask, size_t offset, size_t len ) mask[last_byte_idx] |= 1 << ( 8 - end_bits ); } - memset( mask + offset / 8, 0xFF, len / 8 ); + mbedtls_platform_memset( mask + offset / 8, 0xFF, len / 8 ); } /* @@ -4886,7 +4886,7 @@ void mbedtls_ssl_update_handshake_status( mbedtls_ssl_context *ssl ) } /* Create a fresh last entry */ - memset( hs_buf, 0, sizeof( mbedtls_ssl_hs_buffer ) ); + mbedtls_platform_memset( hs_buf, 0, sizeof( mbedtls_ssl_hs_buffer ) ); } #endif } @@ -6003,7 +6003,7 @@ static int ssl_buffer_message( mbedtls_ssl_context *ssl ) /* Prepare final header: copy msg_type, length and message_seq, * then add standardised fragment_offset and fragment_length */ memcpy( hs_buf->data, ssl->in_msg, 6 ); - memset( hs_buf->data + 6, 0, 3 ); + mbedtls_platform_memset( hs_buf->data + 6, 0, 3 ); memcpy( hs_buf->data + 9, hs_buf->data + 1, 3 ); hs_buf->is_valid = 1; @@ -7594,7 +7594,7 @@ int mbedtls_ssl_parse_change_cipher_spec( mbedtls_ssl_context *ssl ) #endif /* MBEDTLS_SSL_PROTO_DTLS */ #if defined(MBEDTLS_SSL_PROTO_TLS) { - memset( ssl->in_ctr, 0, 8 ); + mbedtls_platform_memset( ssl->in_ctr, 0, 8 ); } #endif @@ -7799,7 +7799,7 @@ int mbedtls_ssl_write_finished( mbedtls_ssl_context *ssl ) memcpy( ssl->handshake->alt_out_ctr, ssl->cur_out_ctr, 8 ); /* Set sequence_number to zero */ - memset( ssl->cur_out_ctr + 2, 0, 6 ); + mbedtls_platform_memset( ssl->cur_out_ctr + 2, 0, 6 ); /* Increment epoch */ for( i = 2; i > 0; i-- ) @@ -7817,7 +7817,7 @@ int mbedtls_ssl_write_finished( mbedtls_ssl_context *ssl ) #endif /* MBEDTLS_SSL_PROTO_DTLS */ #if defined(MBEDTLS_SSL_PROTO_TLS) { - memset( ssl->cur_out_ctr, 0, 8 ); + mbedtls_platform_memset( ssl->cur_out_ctr, 0, 8 ); } #endif @@ -7955,7 +7955,7 @@ int mbedtls_ssl_parse_finished( mbedtls_ssl_context *ssl ) static void ssl_handshake_params_init( mbedtls_ssl_handshake_params *handshake ) { - memset( handshake, 0, sizeof( mbedtls_ssl_handshake_params ) ); + mbedtls_platform_memset( handshake, 0, sizeof( mbedtls_ssl_handshake_params ) ); #if defined(MBEDTLS_SSL_PROTO_SSL3) || defined(MBEDTLS_SSL_PROTO_TLS1) || \ defined(MBEDTLS_SSL_PROTO_TLS1_1) @@ -8010,7 +8010,7 @@ static void ssl_handshake_params_init( mbedtls_ssl_handshake_params *handshake ) void mbedtls_ssl_transform_init( mbedtls_ssl_transform *transform ) { - memset( transform, 0, sizeof(mbedtls_ssl_transform) ); + mbedtls_platform_memset( transform, 0, sizeof(mbedtls_ssl_transform) ); mbedtls_cipher_init( &transform->cipher_ctx_enc ); mbedtls_cipher_init( &transform->cipher_ctx_dec ); @@ -8023,7 +8023,7 @@ void mbedtls_ssl_transform_init( mbedtls_ssl_transform *transform ) void mbedtls_ssl_session_init( mbedtls_ssl_session *session ) { - memset( session, 0, sizeof(mbedtls_ssl_session) ); + mbedtls_platform_memset( session, 0, sizeof(mbedtls_ssl_session) ); } static int ssl_handshake_init( mbedtls_ssl_context *ssl ) @@ -8226,7 +8226,7 @@ static void ssl_update_in_pointers( mbedtls_ssl_context *ssl ) */ void mbedtls_ssl_init( mbedtls_ssl_context *ssl ) { - memset( ssl, 0, sizeof( mbedtls_ssl_context ) ); + mbedtls_platform_memset( ssl, 0, sizeof( mbedtls_ssl_context ) ); } /* @@ -8348,8 +8348,8 @@ static int ssl_session_reset_int( mbedtls_ssl_context *ssl, int partial ) ssl->renego_records_seen = 0; ssl->verify_data_len = 0; - memset( ssl->own_verify_data, 0, MBEDTLS_SSL_VERIFY_DATA_MAX_LEN ); - memset( ssl->peer_verify_data, 0, MBEDTLS_SSL_VERIFY_DATA_MAX_LEN ); + mbedtls_platform_memset( ssl->own_verify_data, 0, MBEDTLS_SSL_VERIFY_DATA_MAX_LEN ); + mbedtls_platform_memset( ssl->peer_verify_data, 0, MBEDTLS_SSL_VERIFY_DATA_MAX_LEN ); #endif ssl->secure_renegotiation = MBEDTLS_SSL_LEGACY_RENEGOTIATION; @@ -8379,7 +8379,7 @@ static int ssl_session_reset_int( mbedtls_ssl_context *ssl, int partial ) ssl->split_done = 0; #endif - memset( ssl->cur_out_ctr, 0, sizeof( ssl->cur_out_ctr ) ); + mbedtls_platform_memset( ssl->cur_out_ctr, 0, sizeof( ssl->cur_out_ctr ) ); ssl->transform_in = NULL; ssl->transform_out = NULL; @@ -8387,14 +8387,14 @@ static int ssl_session_reset_int( mbedtls_ssl_context *ssl, int partial ) ssl->session_in = NULL; ssl->session_out = NULL; - memset( ssl->out_buf, 0, MBEDTLS_SSL_OUT_BUFFER_LEN ); + mbedtls_platform_memset( ssl->out_buf, 0, MBEDTLS_SSL_OUT_BUFFER_LEN ); #if defined(MBEDTLS_SSL_DTLS_CLIENT_PORT_REUSE) && defined(MBEDTLS_SSL_SRV_C) if( partial == 0 ) #endif /* MBEDTLS_SSL_DTLS_CLIENT_PORT_REUSE && MBEDTLS_SSL_SRV_C */ { ssl->in_left = 0; - memset( ssl->in_buf, 0, MBEDTLS_SSL_IN_BUFFER_LEN ); + mbedtls_platform_memset( ssl->in_buf, 0, MBEDTLS_SSL_IN_BUFFER_LEN ); } #if defined(MBEDTLS_SSL_HW_RECORD_ACCEL) @@ -10992,7 +10992,7 @@ static void ssl_buffering_free_slot( mbedtls_ssl_context *ssl, hs->buffering.total_bytes_buffered -= hs_buf->data_len; mbedtls_platform_zeroize( hs_buf->data, hs_buf->data_len ); mbedtls_free( hs_buf->data ); - memset( hs_buf, 0, sizeof( mbedtls_ssl_hs_buffer ) ); + mbedtls_platform_memset( hs_buf, 0, sizeof( mbedtls_ssl_hs_buffer ) ); } } @@ -11773,7 +11773,7 @@ void mbedtls_ssl_free( mbedtls_ssl_context *ssl ) */ void mbedtls_ssl_config_init( mbedtls_ssl_config *conf ) { - memset( conf, 0, sizeof( mbedtls_ssl_config ) ); + mbedtls_platform_memset( conf, 0, sizeof( mbedtls_ssl_config ) ); #if !defined(MBEDTLS_SSL_PROTO_TLS) conf->transport = MBEDTLS_SSL_TRANSPORT_DATAGRAM; @@ -11908,8 +11908,8 @@ int mbedtls_ssl_config_defaults( mbedtls_ssl_config *conf, #if defined(MBEDTLS_SSL_RENEGOTIATION) conf->renego_max_records = MBEDTLS_SSL_RENEGO_MAX_RECORDS_DEFAULT; - memset( conf->renego_period, 0x00, 2 ); - memset( conf->renego_period + 2, 0xFF, 6 ); + mbedtls_platform_memset( conf->renego_period, 0x00, 2 ); + mbedtls_platform_memset( conf->renego_period + 2, 0xFF, 6 ); #endif #if defined(MBEDTLS_DHM_C) && defined(MBEDTLS_SSL_SRV_C) diff --git a/library/x509.c b/library/x509.c index d570f71ea..33dc0b90e 100644 --- a/library/x509.c +++ b/library/x509.c @@ -650,7 +650,7 @@ int mbedtls_x509_get_name( unsigned char *p, mbedtls_x509_name *cur ) { mbedtls_x509_buf_raw name_buf = { p, len }; - memset( cur, 0, sizeof( mbedtls_x509_name ) ); + mbedtls_platform_memset( cur, 0, sizeof( mbedtls_x509_name ) ); return( mbedtls_x509_name_cmp_raw( &name_buf, &name_buf, x509_get_name_cb, &cur ) ); @@ -943,7 +943,7 @@ int mbedtls_x509_dn_gets( char *buf, size_t size, const mbedtls_x509_name *dn ) const char *short_name = NULL; char s[MBEDTLS_X509_MAX_DN_NAME_SIZE], *p; - memset( s, 0, sizeof( s ) ); + mbedtls_platform_memset( s, 0, sizeof( s ) ); name = dn; p = buf; diff --git a/library/x509_crl.c b/library/x509_crl.c index 3113de42c..bf8ab5c74 100644 --- a/library/x509_crl.c +++ b/library/x509_crl.c @@ -313,9 +313,9 @@ int mbedtls_x509_crl_parse_der( mbedtls_x509_crl *chain, if( crl == NULL || buf == NULL ) return( MBEDTLS_ERR_X509_BAD_INPUT_DATA ); - memset( &sig_params1, 0, sizeof( mbedtls_x509_buf ) ); - memset( &sig_params2, 0, sizeof( mbedtls_x509_buf ) ); - memset( &sig_oid2, 0, sizeof( mbedtls_x509_buf ) ); + mbedtls_platform_memset( &sig_params1, 0, sizeof( mbedtls_x509_buf ) ); + mbedtls_platform_memset( &sig_params2, 0, sizeof( mbedtls_x509_buf ) ); + mbedtls_platform_memset( &sig_oid2, 0, sizeof( mbedtls_x509_buf ) ); /* * Add new CRL on the end of the chain if needed. @@ -709,7 +709,7 @@ int mbedtls_x509_crl_info( char *buf, size_t size, const char *prefix, */ void mbedtls_x509_crl_init( mbedtls_x509_crl *crl ) { - memset( crl, 0, sizeof(mbedtls_x509_crl) ); + mbedtls_platform_memset( crl, 0, sizeof(mbedtls_x509_crl) ); } /* diff --git a/library/x509_crt.c b/library/x509_crt.c index 1923abf9c..0aebb390f 100644 --- a/library/x509_crt.c +++ b/library/x509_crt.c @@ -292,7 +292,7 @@ int mbedtls_x509_crt_cache_provide_pk( mbedtls_x509_crt const *crt ) static void x509_crt_cache_init( mbedtls_x509_crt_cache *cache ) { - memset( cache, 0, sizeof( *cache ) ); + mbedtls_platform_memset( cache, 0, sizeof( *cache ) ); #if defined(MBEDTLS_THREADING_C) mbedtls_mutex_init( &cache->frame_mutex ); mbedtls_mutex_init( &cache->pk_mutex ); @@ -332,7 +332,7 @@ static void x509_crt_cache_free( mbedtls_x509_crt_cache *cache ) x509_crt_cache_clear_frame( cache ); x509_crt_cache_clear_pk( cache ); - memset( cache, 0, sizeof( *cache ) ); + mbedtls_platform_memset( cache, 0, sizeof( *cache ) ); } #if !defined(MBEDTLS_X509_REMOVE_HOSTNAME_VERIFICATION) @@ -1182,7 +1182,7 @@ static int x509_crt_parse_frame( unsigned char *start, size_t inner_sig_alg_len; unsigned char *inner_sig_alg_start; - memset( frame, 0, sizeof( *frame ) ); + mbedtls_platform_memset( frame, 0, sizeof( *frame ) ); /* * Certificate ::= SEQUENCE { @@ -1484,7 +1484,7 @@ static int x509_crt_subject_alt_from_frame( mbedtls_x509_crt_frame const *frame, unsigned char *p = frame->subject_alt_raw.p; unsigned char *end = p + frame->subject_alt_raw.len; - memset( subject_alt, 0, sizeof( *subject_alt ) ); + mbedtls_platform_memset( subject_alt, 0, sizeof( *subject_alt ) ); if( ( frame->ext_types & MBEDTLS_X509_EXT_SUBJECT_ALT_NAME ) == 0 ) return( 0 ); @@ -1503,7 +1503,7 @@ static int x509_crt_ext_key_usage_from_frame( mbedtls_x509_crt_frame const *fram unsigned char *p = frame->ext_key_usage_raw.p; unsigned char *end = p + frame->ext_key_usage_raw.len; - memset( ext_key_usage, 0, sizeof( *ext_key_usage ) ); + mbedtls_platform_memset( ext_key_usage, 0, sizeof( *ext_key_usage ) ); if( ( frame->ext_types & MBEDTLS_X509_EXT_EXTENDED_KEY_USAGE ) == 0 ) return( 0 ); @@ -1940,8 +1940,8 @@ int mbedtls_x509_crt_parse_path( mbedtls_x509_crt *chain, const char *path ) if( len > MAX_PATH - 3 ) return( MBEDTLS_ERR_X509_BAD_INPUT_DATA ); - memset( szDir, 0, sizeof(szDir) ); - memset( filename, 0, MAX_PATH ); + mbedtls_platform_memset( szDir, 0, sizeof(szDir) ); + mbedtls_platform_memset( filename, 0, MAX_PATH ); memcpy( filename, path, len ); filename[len++] = '\\'; p = filename + len; @@ -1959,7 +1959,7 @@ int mbedtls_x509_crt_parse_path( mbedtls_x509_crt *chain, const char *path ) len = MAX_PATH - len; do { - memset( p, 0, len ); + mbedtls_platform_memset( p, 0, len ); if( file_data.dwFileAttributes & FILE_ATTRIBUTE_DIRECTORY ) continue; @@ -2271,7 +2271,7 @@ int mbedtls_x509_crt_info( char *buf, size_t size, const char *prefix, p = buf; n = size; - memset( &sig_info, 0, sizeof( mbedtls_x509_crt_sig_info ) ); + mbedtls_platform_memset( &sig_info, 0, sizeof( mbedtls_x509_crt_sig_info ) ); mbedtls_pk_init( &pk ); if( NULL == crt ) @@ -3834,7 +3834,7 @@ exit: */ void mbedtls_x509_crt_init( mbedtls_x509_crt *crt ) { - memset( crt, 0, sizeof(mbedtls_x509_crt) ); + mbedtls_platform_memset( crt, 0, sizeof(mbedtls_x509_crt) ); } /* diff --git a/library/x509_csr.c b/library/x509_csr.c index 9b58a86fe..4407742f9 100644 --- a/library/x509_csr.c +++ b/library/x509_csr.c @@ -96,7 +96,7 @@ int mbedtls_x509_csr_parse_der( mbedtls_x509_csr *csr, unsigned char *p, *end; mbedtls_x509_buf sig_params; - memset( &sig_params, 0, sizeof( mbedtls_x509_buf ) ); + mbedtls_platform_memset( &sig_params, 0, sizeof( mbedtls_x509_buf ) ); /* * Check for valid input @@ -383,7 +383,7 @@ int mbedtls_x509_csr_info( char *buf, size_t size, const char *prefix, */ void mbedtls_x509_csr_init( mbedtls_x509_csr *csr ) { - memset( csr, 0, sizeof(mbedtls_x509_csr) ); + mbedtls_platform_memset( csr, 0, sizeof(mbedtls_x509_csr) ); } /* diff --git a/library/x509write_crt.c b/library/x509write_crt.c index 4804d7a3c..40db15a42 100644 --- a/library/x509write_crt.c +++ b/library/x509write_crt.c @@ -58,7 +58,7 @@ void mbedtls_x509write_crt_init( mbedtls_x509write_cert *ctx ) { - memset( ctx, 0, sizeof( mbedtls_x509write_cert ) ); + mbedtls_platform_memset( ctx, 0, sizeof( mbedtls_x509write_cert ) ); mbedtls_mpi_init( &ctx->serial ); ctx->version = MBEDTLS_X509_CRT_VERSION_3; @@ -150,7 +150,7 @@ int mbedtls_x509write_crt_set_basic_constraints( mbedtls_x509write_cert *ctx, unsigned char *c = buf + sizeof(buf); size_t len = 0; - memset( buf, 0, sizeof(buf) ); + mbedtls_platform_memset( buf, 0, sizeof(buf) ); if( is_ca && max_pathlen > 127 ) return( MBEDTLS_ERR_X509_BAD_INPUT_DATA ); @@ -181,7 +181,7 @@ int mbedtls_x509write_crt_set_subject_key_identifier( mbedtls_x509write_cert *ct unsigned char *c = buf + sizeof(buf); size_t len = 0; - memset( buf, 0, sizeof(buf) ); + mbedtls_platform_memset( buf, 0, sizeof(buf) ); MBEDTLS_ASN1_CHK_ADD( len, mbedtls_pk_write_pubkey( &c, buf, ctx->subject_key ) ); ret = mbedtls_sha1_ret( buf + sizeof( buf ) - len, len, @@ -206,7 +206,7 @@ int mbedtls_x509write_crt_set_authority_key_identifier( mbedtls_x509write_cert * unsigned char *c = buf + sizeof( buf ); size_t len = 0; - memset( buf, 0, sizeof(buf) ); + mbedtls_platform_memset( buf, 0, sizeof(buf) ); MBEDTLS_ASN1_CHK_ADD( len, mbedtls_pk_write_pubkey( &c, buf, ctx->issuer_key ) ); ret = mbedtls_sha1_ret( buf + sizeof( buf ) - len, len, diff --git a/library/x509write_csr.c b/library/x509write_csr.c index 6105f148c..77059c157 100644 --- a/library/x509write_csr.c +++ b/library/x509write_csr.c @@ -57,7 +57,7 @@ void mbedtls_x509write_csr_init( mbedtls_x509write_csr *ctx ) { - memset( ctx, 0, sizeof( mbedtls_x509write_csr ) ); + mbedtls_platform_memset( ctx, 0, sizeof( mbedtls_x509write_csr ) ); } void mbedtls_x509write_csr_free( mbedtls_x509write_csr *ctx ) diff --git a/library/xtea.c b/library/xtea.c index a33707bc1..5cb45c94f 100644 --- a/library/xtea.c +++ b/library/xtea.c @@ -68,7 +68,7 @@ void mbedtls_xtea_init( mbedtls_xtea_context *ctx ) { - memset( ctx, 0, sizeof( mbedtls_xtea_context ) ); + mbedtls_platform_memset( ctx, 0, sizeof( mbedtls_xtea_context ) ); } void mbedtls_xtea_free( mbedtls_xtea_context *ctx ) @@ -86,7 +86,7 @@ void mbedtls_xtea_setup( mbedtls_xtea_context *ctx, const unsigned char key[16] { int i; - memset( ctx, 0, sizeof(mbedtls_xtea_context) ); + mbedtls_platform_memset( ctx, 0, sizeof(mbedtls_xtea_context) ); for( i = 0; i < 4; i++ ) { diff --git a/scripts/data_files/error.fmt b/scripts/data_files/error.fmt index a08742c83..f3bbee548 100644 --- a/scripts/data_files/error.fmt +++ b/scripts/data_files/error.fmt @@ -51,7 +51,7 @@ void mbedtls_strerror( int ret, char *buf, size_t buflen ) if( buflen == 0 ) return; - memset( buf, 0x00, buflen ); + mbedtls_platform_memset( buf, 0x00, buflen ); if( ret < 0 ) ret = -ret; diff --git a/tinycrypt/ecc_dh.c b/tinycrypt/ecc_dh.c index ec1328e14..54b9a8ab4 100644 --- a/tinycrypt/ecc_dh.c +++ b/tinycrypt/ecc_dh.c @@ -105,7 +105,7 @@ int uECC_make_key_with_d(uint8_t *public_key, uint8_t *private_key, _public + curve->num_words); /* erasing temporary buffer used to store secret: */ - memset(_private, 0, NUM_ECC_BYTES); + mbedtls_platform_memset(_private, 0, NUM_ECC_BYTES); return 1; } @@ -146,7 +146,7 @@ int uECC_make_key(uint8_t *public_key, uint8_t *private_key, uECC_Curve curve) _public + curve->num_words); /* erasing temporary buffer that stored secret: */ - memset(_private, 0, NUM_ECC_BYTES); + mbedtls_platform_memset(_private, 0, NUM_ECC_BYTES); return 1; }