commit 7a346b866c2c8a33256da8743c03ebda8a633727
author Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com> Wed Oct 02 14:47:01 2019 +0200
committer Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com> Tue Oct 22 10:03:07 2019 +0200
tree 27727e9527f74ed568078ee6a3968a3880966fa5
parent c4315e6d5e73320dffadeccfa4837ca83dd778a2

Replace memset() with mbedtls_platform_memset()

Steps:

1. sed -i 's/\bmemset(\([^)]\)/mbedtls_platform_memset(\1/g' library/*.c tinycrypt/*.c include/mbedtls/*.h scripts/data_files/*.fmt

2. Manually edit library/platform_util.c to revert to memset() in the
implementations of mbedtls_platform_memset() and mbedtls_platform_memcpy()

3. egrep -n '\<memset\>' library/*.c include/mbedtls/*.h tinycrypt/*.c
The remaining occurrences are in three categories:
    a. From point 2 above.
    b. In comments.
    c. In the initialisation of memset_func, to be changed in a future commit.

library/ccm.c

diff --git a/library/ccm.c b/library/ccm.c
index c6211ee..a21e3c3 100644
--- a/library/ccm.c
+++ b/library/ccm.c
@@ -66,7 +66,7 @@
 void mbedtls_ccm_init( mbedtls_ccm_context *ctx )
 {
     CCM_VALIDATE( ctx != NULL );
-    memset( ctx, 0, sizeof( mbedtls_ccm_context ) );
+    mbedtls_platform_memset( ctx, 0, sizeof( mbedtls_ccm_context ) );
 }
 
 int mbedtls_ccm_setkey( mbedtls_ccm_context *ctx,
@@ -211,7 +211,7 @@
 
 
     /* Start CBC-MAC with first block */
-    memset( y, 0, 16 );
+    mbedtls_platform_memset( y, 0, 16 );
     UPDATE_CBC_MAC;
 
     /*
@@ -224,7 +224,7 @@
         len_left = add_len;
         src = add;
 
-        memset( b, 0, 16 );
+        mbedtls_platform_memset( b, 0, 16 );
         b[0] = (unsigned char)( ( add_len >> 8 ) & 0xFF );
         b[1] = (unsigned char)( ( add_len      ) & 0xFF );
 
@@ -239,7 +239,7 @@
         {
             use_len = len_left > 16 ? 16 : len_left;
 
-            memset( b, 0, 16 );
+            mbedtls_platform_memset( b, 0, 16 );
             memcpy( b, src, use_len );
             UPDATE_CBC_MAC;
 
@@ -260,7 +260,7 @@
      */
     ctr[0] = q - 1;
     memcpy( ctr + 1, iv, iv_len );
-    memset( ctr + 1 + iv_len, 0, q );
+    mbedtls_platform_memset( ctr + 1 + iv_len, 0, q );
     ctr[15] = 1;
 
     /*
@@ -279,7 +279,7 @@
 
         if( mode == CCM_ENCRYPT )
         {
-            memset( b, 0, 16 );
+            mbedtls_platform_memset( b, 0, 16 );
             memcpy( b, src, use_len );
             UPDATE_CBC_MAC;
         }
@@ -288,7 +288,7 @@
 
         if( mode == CCM_DECRYPT )
         {
-            memset( b, 0, 16 );
+            mbedtls_platform_memset( b, 0, 16 );
             memcpy( b, dst, use_len );
             UPDATE_CBC_MAC;
         }
@@ -495,8 +495,8 @@
         if( verbose != 0 )
             mbedtls_printf( "  CCM-AES #%u: ", (unsigned int) i + 1 );
 
-        memset( plaintext, 0, CCM_SELFTEST_PT_MAX_LEN );
-        memset( ciphertext, 0, CCM_SELFTEST_CT_MAX_LEN );
+        mbedtls_platform_memset( plaintext, 0, CCM_SELFTEST_PT_MAX_LEN );
+        mbedtls_platform_memset( ciphertext, 0, CCM_SELFTEST_CT_MAX_LEN );
         memcpy( plaintext, msg, msg_len[i] );
 
         ret = mbedtls_ccm_encrypt_and_tag( &ctx, msg_len[i],
@@ -512,7 +512,7 @@
 
             return( 1 );
         }
-        memset( plaintext, 0, CCM_SELFTEST_PT_MAX_LEN );
+        mbedtls_platform_memset( plaintext, 0, CCM_SELFTEST_PT_MAX_LEN );
 
         ret = mbedtls_ccm_auth_decrypt( &ctx, msg_len[i],
                                         iv, iv_len[i], ad, add_len[i],