Suyu/mbedtls
1
0
Fork 0
mirror of https://git.suyu.dev/suyu/mbedtls.git synced 2025-12-21 21:36:21 +01:00
Code Issues Projects Releases Packages Wiki Activity Actions

Introduce polarssl_zeroize() instead of memset() for zeroization

Browse source
This commit is contained in:
Paul Bakker 2014-06-13 17:20:13 +02:00
parent bbcb1ce703
commit 3461772559
36 changed files with 325 additions and 129 deletions
Download patch file Download diff file Expand all files Collapse all files

6
library/cipher.c
View file

@ -57,6 +57,11 @@
#define strcasecmp _stricmp
#endif
/* Implementation that should never be optimized out by the compiler */
static void polarssl_zeroize( void *v, size_t n ) {
volatile unsigned char *p = v; while( n-- ) *p++ = 0;
}
static int supported_init = 0;
const int *cipher_list( void )
@ -152,6 +157,7 @@ int cipher_free_ctx( cipher_context_t *ctx )
return POLARSSL_ERR_CIPHER_BAD_INPUT_DATA;
ctx->cipher_info->base->ctx_free_func( ctx->cipher_ctx );
polarssl_zeroize( ctx, sizeof(cipher_context_t) );
return 0;
}