Introduce polarssl_zeroize() instead of memset() for zeroization
diff --git a/library/pem.c b/library/pem.c
index e2e3998..bc4af25 100644
--- a/library/pem.c
+++ b/library/pem.c
@@ -36,6 +36,11 @@
#include <stdlib.h>
+/* Implementation that should never be optimized out by the compiler */
+static void polarssl_zeroize( void *v, size_t n ) {
+ volatile unsigned char *p = v; while( n-- ) *p++ = 0;
+}
+
void pem_init( pem_context *ctx )
{
memset( ctx, 0, sizeof( pem_context ) );
@@ -86,8 +91,8 @@
{
memcpy( key, md5sum, keylen );
- memset( &md5_ctx, 0, sizeof( md5_ctx ) );
- memset( md5sum, 0, 16 );
+ polarssl_zeroize( &md5_ctx, sizeof( md5_ctx ) );
+ polarssl_zeroize( md5sum, 16 );
return;
}
@@ -108,8 +113,8 @@
memcpy( key + 16, md5sum, use_len );
- memset( &md5_ctx, 0, sizeof( md5_ctx ) );
- memset( md5sum, 0, 16 );
+ polarssl_zeroize( &md5_ctx, sizeof( md5_ctx ) );
+ polarssl_zeroize( md5sum, 16 );
}
#if defined(POLARSSL_DES_C)
@@ -129,8 +134,8 @@
des_crypt_cbc( &des_ctx, DES_DECRYPT, buflen,
des_iv, buf, buf );
- memset( &des_ctx, 0, sizeof( des_ctx ) );
- memset( des_key, 0, 8 );
+ polarssl_zeroize( &des_ctx, sizeof( des_ctx ) );
+ polarssl_zeroize( des_key, 8 );
}
/*
@@ -149,8 +154,8 @@
des3_crypt_cbc( &des3_ctx, DES_DECRYPT, buflen,
des3_iv, buf, buf );
- memset( &des3_ctx, 0, sizeof( des3_ctx ) );
- memset( des3_key, 0, 24 );
+ polarssl_zeroize( &des3_ctx, sizeof( des3_ctx ) );
+ polarssl_zeroize( des3_key, 24 );
}
#endif /* POLARSSL_DES_C */
@@ -171,8 +176,8 @@
aes_crypt_cbc( &aes_ctx, AES_DECRYPT, buflen,
aes_iv, buf, buf );
- memset( &aes_ctx, 0, sizeof( aes_ctx ) );
- memset( aes_key, 0, keylen );
+ polarssl_zeroize( &aes_ctx, sizeof( aes_ctx ) );
+ polarssl_zeroize( aes_key, keylen );
}
#endif /* POLARSSL_AES_C */
@@ -349,7 +354,7 @@
if( ctx->info )
free( ctx->info );
- memset( ctx, 0, sizeof( pem_context ) );
+ polarssl_zeroize( ctx, sizeof( pem_context ) );
}
#endif