TrustedFirmware Git Browser
Code Review Sign In
review.trustedfirmware.org / mirror / mbed-tls / 7a346b866c2c8a33256da8743c03ebda8a633727^! / . / library / rsa.c
commit7a346b866c2c8a33256da8743c03ebda8a633727[log] [tgz]
authorManuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>Wed Oct 02 14:47:01 2019 +0200
committerManuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>Tue Oct 22 10:03:07 2019 +0200
tree27727e9527f74ed568078ee6a3968a3880966fa5
parentc4315e6d5e73320dffadeccfa4837ca83dd778a2 [diff] [blame]
Replace memset() with mbedtls_platform_memset()

Steps:

1. sed -i 's/\bmemset(\([^)]\)/mbedtls_platform_memset(\1/g' library/*.c tinycrypt/*.c include/mbedtls/*.h scripts/data_files/*.fmt

2. Manually edit library/platform_util.c to revert to memset() in the
implementations of mbedtls_platform_memset() and mbedtls_platform_memcpy()

3. egrep -n '\<memset\>' library/*.c include/mbedtls/*.h tinycrypt/*.c
The remaining occurrences are in three categories:
    a. From point 2 above.
    b. In comments.
    c. In the initialisation of memset_func, to be changed in a future commit.

diff --git a/library/rsa.c b/library/rsa.c
index 3bfc73e..a66de52 100644
--- a/library/rsa.c
+++ b/library/rsa.c

@@ -481,7 +481,7 @@
     RSA_VALIDATE( padding == MBEDTLS_RSA_PKCS_V15 ||
                   padding == MBEDTLS_RSA_PKCS_V21 );
 
-    memset( ctx, 0, sizeof( mbedtls_rsa_context ) );
+    mbedtls_platform_memset( ctx, 0, sizeof( mbedtls_rsa_context ) );
 
     mbedtls_rsa_set_padding( ctx, padding, hash_id );
 
@@ -1073,8 +1073,8 @@
     size_t i, use_len;
     int ret = 0;
 
-    memset( mask, 0, MBEDTLS_MD_MAX_SIZE );
-    memset( counter, 0, 4 );
+    mbedtls_platform_memset( mask, 0, MBEDTLS_MD_MAX_SIZE );
+    mbedtls_platform_memset( counter, 0, 4 );
 
     hlen = mbedtls_md_get_size( mbedtls_md_get_handle( md_ctx ) );
 
@@ -1155,7 +1155,7 @@
     if( ilen + 2 * hlen + 2 < ilen || olen < ilen + 2 * hlen + 2 )
         return( MBEDTLS_ERR_RSA_BAD_INPUT_DATA );
 
-    memset( output, 0, olen );
+    mbedtls_platform_memset( output, 0, olen );
 
     *p++ = 0;
 
@@ -1510,7 +1510,7 @@
  * `mem_move_to_left(start, total, offset)` is functionally equivalent to
  * ```
  * memmove(start, start + offset, total - offset);
- * memset(start + offset, 0, total - offset);
+ * mbedtls_platform_memset(start + offset, 0, total - offset);
  * ```
  * but it strives to use a memory access pattern (and thus total timing)
  * that does not depend on \p offset. This timing independence comes at
@@ -1815,7 +1815,7 @@
     else
         slen = olen - hlen - 2;
 
-    memset( sig, 0, olen );
+    mbedtls_platform_memset( sig, 0, olen );
 
     /* Generate salt of length slen */
     if( ( ret = f_rng( p_rng, salt, slen ) ) != 0 )
@@ -1958,7 +1958,7 @@
     /* Write signature header and padding */
     *p++ = 0;
     *p++ = MBEDTLS_RSA_SIGN;
-    memset( p, 0xFF, nb_pad );
+    mbedtls_platform_memset( p, 0xFF, nb_pad );
     p += nb_pad;
     *p++ = 0;
 
@@ -2198,7 +2198,7 @@
 
     hlen = mbedtls_md_get_size( md_info );
 
-    memset( zeros, 0, 8 );
+    mbedtls_platform_memset( zeros, 0, 8 );
 
     /*
      * Note: EMSA-PSS verification is over the length of N - 1 bits