Introduce polarssl_zeroize() instead of memset() for zeroization
diff --git a/library/cipher_wrap.c b/library/cipher_wrap.c
index e80a365..c045322 100644
--- a/library/cipher_wrap.c
+++ b/library/cipher_wrap.c
@@ -74,6 +74,11 @@
#include <stdlib.h>
+/* Implementation that should never be optimized out by the compiler */
+static void polarssl_zeroize( void *v, size_t n ) {
+ volatile unsigned char *p = v; while( n-- ) *p++ = 0;
+}
+
#if defined(POLARSSL_GCM_C)
/* shared by all GCM ciphers */
static void *gcm_ctx_alloc( void )
@@ -187,6 +192,7 @@
static void aes_ctx_free( void *ctx )
{
+ polarssl_zeroize( ctx, sizeof( aes_context ) );
polarssl_free( ctx );
}
@@ -540,6 +546,7 @@
static void camellia_ctx_free( void *ctx )
{
+ polarssl_zeroize( ctx, sizeof( camellia_context ) );
polarssl_free( ctx );
}
@@ -948,6 +955,13 @@
static void des_ctx_free( void *ctx )
{
+ polarssl_zeroize( ctx, sizeof( des_context ) );
+ polarssl_free( ctx );
+}
+
+static void des3_ctx_free( void *ctx )
+{
+ polarssl_zeroize( ctx, sizeof( des3_context ) );
polarssl_free( ctx );
}
@@ -998,7 +1012,7 @@
des3_set2key_enc_wrap,
des3_set2key_dec_wrap,
des3_ctx_alloc,
- des_ctx_free
+ des3_ctx_free
};
const cipher_info_t des_ede_ecb_info = {
@@ -1035,7 +1049,7 @@
des3_set3key_enc_wrap,
des3_set3key_dec_wrap,
des3_ctx_alloc,
- des_ctx_free
+ des3_ctx_free
};
const cipher_info_t des_ede3_ecb_info = {
@@ -1143,6 +1157,7 @@
static void blowfish_ctx_free( void *ctx )
{
+ polarssl_zeroize( ctx, sizeof( blowfish_context ) );
polarssl_free( ctx );
}
@@ -1236,6 +1251,7 @@
static void arc4_ctx_free( void *ctx )
{
+ polarssl_zeroize( ctx, sizeof( arc4_context ) );
polarssl_free( ctx );
}