TrustedFirmware Git Browser
Code Review Sign In
review.trustedfirmware.org / mirror / mbed-crypto / 1e8ea5fa68223351553192a608ac06a6ac8dfbc3 / . / library / utils.c
blob: e7fef6da1bede926cb82eebf4e81a5fe097e4771 [file] [log] [blame]
Andres Amaya Garcia614d9c02017-10-24 21:27:43 +0100[diff] [blame]1/*
Andres Amaya Garcia0bd42372017-10-26 23:19:01 +0100[diff] [blame]2 * mbed TLS utility functions
Andres Amaya Garcia614d9c02017-10-24 21:27:43 +0100[diff] [blame]3 *
4 * Copyright (C) 2017, ARM Limited, All Rights Reserved
5 * SPDX-License-Identifier: Apache-2.0
6 *
7 * Licensed under the Apache License, Version 2.0 (the "License"); you may
8 * not use this file except in compliance with the License.
9 * You may obtain a copy of the License at
10 *
11 * http://www.apache.org/licenses/LICENSE-2.0
12 *
13 * Unless required by applicable law or agreed to in writing, software
14 * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
15 * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
16 * See the License for the specific language governing permissions and
17 * limitations under the License.
18 *
19 * This file is part of mbed TLS (https://tls.mbed.org)
20 */
21
Andres Amaya Garciab1262a32017-10-25 09:51:14 +0100[diff] [blame]22#if !defined(MBEDTLS_CONFIG_FILE)
23#include "mbedtls/config.h"
24#else
25#include MBEDTLS_CONFIG_FILE
26#endif
27
Andres Amaya Garcia614d9c02017-10-24 21:27:43 +0100[diff] [blame]28#include "mbedtls/utils.h"
29
30#include <stddef.h>
Andres Amaya Garciaecd18912017-10-26 22:43:41 +0100[diff] [blame]31#include <string.h>
Andres Amaya Garcia614d9c02017-10-24 21:27:43 +0100[diff] [blame]32
Andres Amaya Garciab1262a32017-10-25 09:51:14 +0100[diff] [blame]33#if !defined(MBEDTLS_UTILS_ZEROIZE_ALT)
Andres Amaya Garciaecd18912017-10-26 22:43:41 +0100[diff] [blame]34/*
35 * This implementation should never be optimized out by the compiler
36 *
Andres Amaya Garcia1e8ea5f2018-03-08 20:46:39 +0000[diff] [blame^]37 * This implementation for mbedtls_zeroize() was inspired from Colin Percival's
38 * blog article at:
39 *
40 * http://www.daemonology.net/blog/2014-09-04-how-to-zero-a-buffer.html
41 *
42 * It uses a volatile function pointer to the standard memset(). Because the
43 * pointer is volatile the compiler expects it to change at
44 * any time and will not optimize out the call that could potentially perform
45 * other operations on the input buffer instead of just setting it to 0.
46 * Nevertheless, as pointed out by davidtgoldblatt on Hacker News
47 * (refer to http://www.daemonology.net/blog/2014-09-05-erratum.html for
48 * details), optimizations of the following form are still possible:
Andres Amaya Garciaecd18912017-10-26 22:43:41 +0100[diff] [blame]49 *
50 * if( memset_func != memset )
51 * memset_func( buf, 0, len );
52 *
53 * Note that it is extremely difficult to guarantee that mbedtls_zeroize()
54 * will not be optimized out by aggressive compilers in a portable way. For
Andres Amaya Garcia1e8ea5f2018-03-08 20:46:39 +0000[diff] [blame^]55 * this reason, Mbed TLS also provides the configuration option
Andres Amaya Garciaecd18912017-10-26 22:43:41 +0100[diff] [blame]56 * MBEDTLS_UTILS_ZEROIZE_ALT, which allows users to configure
57 * mbedtls_zeroize() to use a suitable implementation for their platform and
58 * needs.
59 */
60static void * (* const volatile memset_func)( void *, int, size_t ) = memset;
61
Andres Amaya Garcia614d9c02017-10-24 21:27:43 +0100[diff] [blame]62void mbedtls_zeroize( void *buf, size_t len )
63{
Andres Amaya Garciaecd18912017-10-26 22:43:41 +0100[diff] [blame]64 memset_func( buf, 0, len );
Andres Amaya Garcia614d9c02017-10-24 21:27:43 +0100[diff] [blame]65}
Andres Amaya Garciab1262a32017-10-25 09:51:14 +0100[diff] [blame]66#endif /* MBEDTLS_UTILS_ZEROIZE_ALT */