commit 312da33ef121dcbaad3dee049f7b34243aead792
author Paul Bakker <p.j.bakker@polarssl.org> Fri Jun 13 17:20:13 2014 +0200
committer Paul Bakker <p.j.bakker@polarssl.org> Tue Jul 08 18:28:52 2014 +0200
tree 5b864d1aaca37ffff03d3e46ef10557b701ed8cf
parent 1b08bd9525e9c880dd05873831b38844d0d8c8d6

Introduce polarssl_zeroize() instead of memset() for zeroization

library/md2.c

diff --git a/library/md2.c b/library/md2.c
index 2c8754a..8646f66 100644
--- a/library/md2.c
+++ b/library/md2.c
@@ -39,6 +39,11 @@
 #include <stdio.h>
 #endif
 
+/* Implementation that should never be optimized out by the compiler */
+static void polarssl_zeroize( void *v, size_t n ) {
+    volatile unsigned char *p = v; while( n-- ) *p++ = 0;
+}
+
 #if !defined(POLARSSL_MD2_ALT)
 
 static const unsigned char PI_SUBST[256] =
@@ -178,7 +183,7 @@
     md2_update( &ctx, input, ilen );
     md2_finish( &ctx, output );
 
-    memset( &ctx, 0, sizeof( md2_context ) );
+    polarssl_zeroize( &ctx, sizeof( md2_context ) );
 }
 
 #if defined(POLARSSL_FS_IO)
@@ -202,7 +207,7 @@
 
     md2_finish( &ctx, output );
 
-    memset( &ctx, 0, sizeof( md2_context ) );
+    polarssl_zeroize( &ctx, sizeof( md2_context ) );
 
     if( ferror( f ) != 0 )
     {
@@ -242,7 +247,7 @@
     md2_starts( ctx );
     md2_update( ctx, ctx->ipad, 16 );
 
-    memset( sum, 0, sizeof( sum ) );
+    polarssl_zeroize( sum, sizeof( sum ) );
 }
 
 /*
@@ -266,7 +271,7 @@
     md2_update( ctx, tmpbuf, 16 );
     md2_finish( ctx, output );
 
-    memset( tmpbuf, 0, sizeof( tmpbuf ) );
+    polarssl_zeroize( tmpbuf, sizeof( tmpbuf ) );
 }
 
 /*
@@ -291,7 +296,7 @@
     md2_hmac_update( &ctx, input, ilen );
     md2_hmac_finish( &ctx, output );
 
-    memset( &ctx, 0, sizeof( md2_context ) );
+    polarssl_zeroize( &ctx, sizeof( md2_context ) );
 }
 
 #if defined(POLARSSL_SELF_TEST)