Introduce polarssl_zeroize() instead of memset() for zeroization
diff --git a/library/ssl_tls.c b/library/ssl_tls.c
index 2cd0cce..1374e11 100644
--- a/library/ssl_tls.c
+++ b/library/ssl_tls.c
@@ -61,6 +61,11 @@
#define strcasecmp _stricmp
#endif
+/* Implementation that should never be optimized out by the compiler */
+static void polarssl_zeroize( void *v, size_t n ) {
+ volatile unsigned char *p = v; while( n-- ) *p++ = 0;
+}
+
#if defined(POLARSSL_SSL_MAX_FRAGMENT_LENGTH)
/*
* Convert max_fragment_length codes to length.
@@ -175,11 +180,11 @@
md5_finish( &md5, dstbuf + i * 16 );
}
- memset( &md5, 0, sizeof( md5 ) );
- memset( &sha1, 0, sizeof( sha1 ) );
+ polarssl_zeroize( &md5, sizeof( md5 ) );
+ polarssl_zeroize( &sha1, sizeof( sha1 ) );
- memset( padding, 0, sizeof( padding ) );
- memset( sha1sum, 0, sizeof( sha1sum ) );
+ polarssl_zeroize( padding, sizeof( padding ) );
+ polarssl_zeroize( sha1sum, sizeof( sha1sum ) );
return( 0 );
}
@@ -241,8 +246,8 @@
dstbuf[i + j] = (unsigned char)( dstbuf[i + j] ^ h_i[j] );
}
- memset( tmp, 0, sizeof( tmp ) );
- memset( h_i, 0, sizeof( h_i ) );
+ polarssl_zeroize( tmp, sizeof( tmp ) );
+ polarssl_zeroize( h_i, sizeof( h_i ) );
return( 0 );
}
@@ -284,8 +289,8 @@
dstbuf[i + j] = h_i[j];
}
- memset( tmp, 0, sizeof( tmp ) );
- memset( h_i, 0, sizeof( h_i ) );
+ polarssl_zeroize( tmp, sizeof( tmp ) );
+ polarssl_zeroize( h_i, sizeof( h_i ) );
return( 0 );
}
@@ -326,8 +331,8 @@
dstbuf[i + j] = h_i[j];
}
- memset( tmp, 0, sizeof( tmp ) );
- memset( h_i, 0, sizeof( h_i ) );
+ polarssl_zeroize( tmp, sizeof( tmp ) );
+ polarssl_zeroize( h_i, sizeof( h_i ) );
return( 0 );
}
@@ -466,7 +471,7 @@
"master secret",
handshake->randbytes, 64, session->master, 48 );
- memset( handshake->premaster, 0, sizeof( handshake->premaster ) );
+ polarssl_zeroize( handshake->premaster, sizeof(handshake->premaster) );
}
else
SSL_DEBUG_MSG( 3, ( "no premaster (session resumed)" ) );
@@ -477,7 +482,7 @@
memcpy( tmp, handshake->randbytes, 64 );
memcpy( handshake->randbytes, tmp + 32, 32 );
memcpy( handshake->randbytes + 32, tmp, 32 );
- memset( tmp, 0, sizeof( tmp ) );
+ polarssl_zeroize( tmp, sizeof( tmp ) );
/*
* SSLv3:
@@ -500,7 +505,7 @@
SSL_DEBUG_BUF( 4, "random bytes", handshake->randbytes, 64 );
SSL_DEBUG_BUF( 4, "key block", keyblk, 256 );
- memset( handshake->randbytes, 0, sizeof( handshake->randbytes ) );
+ polarssl_zeroize( handshake->randbytes, sizeof( handshake->randbytes ) );
/*
* Determine the appropriate key, IV and MAC length.
@@ -699,7 +704,7 @@
}
#endif /* POLARSSL_CIPHER_MODE_CBC */
- memset( keyblk, 0, sizeof( keyblk ) );
+ polarssl_zeroize( keyblk, sizeof( keyblk ) );
#if defined(POLARSSL_ZLIB_SUPPORT)
// Initialize compression
@@ -2846,12 +2851,12 @@
SSL_DEBUG_BUF( 3, "calc finished result", buf, 36 );
- memset( &md5, 0, sizeof( md5_context ) );
- memset( &sha1, 0, sizeof( sha1_context ) );
+ polarssl_zeroize( &md5, sizeof( md5_context ) );
+ polarssl_zeroize( &sha1, sizeof( sha1_context ) );
- memset( padbuf, 0, sizeof( padbuf ) );
- memset( md5sum, 0, sizeof( md5sum ) );
- memset( sha1sum, 0, sizeof( sha1sum ) );
+ polarssl_zeroize( padbuf, sizeof( padbuf ) );
+ polarssl_zeroize( md5sum, sizeof( md5sum ) );
+ polarssl_zeroize( sha1sum, sizeof( sha1sum ) );
SSL_DEBUG_MSG( 2, ( "<= calc finished" ) );
}
@@ -2904,10 +2909,10 @@
SSL_DEBUG_BUF( 3, "calc finished result", buf, len );
- memset( &md5, 0, sizeof( md5_context ) );
- memset( &sha1, 0, sizeof( sha1_context ) );
+ polarssl_zeroize( &md5, sizeof( md5_context ) );
+ polarssl_zeroize( &sha1, sizeof( sha1_context ) );
- memset( padbuf, 0, sizeof( padbuf ) );
+ polarssl_zeroize( padbuf, sizeof( padbuf ) );
SSL_DEBUG_MSG( 2, ( "<= calc finished" ) );
}
@@ -2953,9 +2958,9 @@
SSL_DEBUG_BUF( 3, "calc finished result", buf, len );
- memset( &sha256, 0, sizeof( sha256_context ) );
+ polarssl_zeroize( &sha256, sizeof( sha256_context ) );
- memset( padbuf, 0, sizeof( padbuf ) );
+ polarssl_zeroize( padbuf, sizeof( padbuf ) );
SSL_DEBUG_MSG( 2, ( "<= calc finished" ) );
}
@@ -3000,9 +3005,9 @@
SSL_DEBUG_BUF( 3, "calc finished result", buf, len );
- memset( &sha512, 0, sizeof( sha512_context ) );
+ polarssl_zeroize( &sha512, sizeof( sha512_context ) );
- memset( padbuf, 0, sizeof( padbuf ) );
+ polarssl_zeroize( padbuf, sizeof( padbuf ) );
SSL_DEBUG_MSG( 2, ( "<= calc finished" ) );
}
@@ -4402,7 +4407,7 @@
md_free_ctx( &transform->md_ctx_enc );
md_free_ctx( &transform->md_ctx_dec );
- memset( transform, 0, sizeof( ssl_transform ) );
+ polarssl_zeroize( transform, sizeof( ssl_transform ) );
}
#if defined(POLARSSL_X509_CRT_PARSE_C)
@@ -4459,7 +4464,7 @@
}
#endif /* POLARSSL_X509_CRT_PARSE_C && POLARSSL_SSL_SERVER_NAME_INDICATION */
- memset( handshake, 0, sizeof( ssl_handshake_params ) );
+ polarssl_zeroize( handshake, sizeof( ssl_handshake_params ) );
}
void ssl_session_free( ssl_session *session )
@@ -4476,7 +4481,7 @@
polarssl_free( session->ticket );
#endif
- memset( session, 0, sizeof( ssl_session ) );
+ polarssl_zeroize( session, sizeof( ssl_session ) );
}
/*
@@ -4488,20 +4493,20 @@
if( ssl->out_ctr != NULL )
{
- memset( ssl->out_ctr, 0, SSL_BUFFER_LEN );
+ polarssl_zeroize( ssl->out_ctr, SSL_BUFFER_LEN );
polarssl_free( ssl->out_ctr );
}
if( ssl->in_ctr != NULL )
{
- memset( ssl->in_ctr, 0, SSL_BUFFER_LEN );
+ polarssl_zeroize( ssl->in_ctr, SSL_BUFFER_LEN );
polarssl_free( ssl->in_ctr );
}
#if defined(POLARSSL_ZLIB_SUPPORT)
if( ssl->compress_buf != NULL )
{
- memset( ssl->compress_buf, 0, SSL_BUFFER_LEN );
+ polarssl_zeroize( ssl->compress_buf, SSL_BUFFER_LEN );
polarssl_free( ssl->compress_buf );
}
#endif
@@ -4541,7 +4546,7 @@
#if defined(POLARSSL_SSL_SERVER_NAME_INDICATION)
if ( ssl->hostname != NULL )
{
- memset( ssl->hostname, 0, ssl->hostname_len );
+ polarssl_zeroize( ssl->hostname, ssl->hostname_len );
polarssl_free( ssl->hostname );
ssl->hostname_len = 0;
}
@@ -4550,8 +4555,8 @@
#if defined(POLARSSL_KEY_EXCHANGE__SOME__PSK_ENABLED)
if( ssl->psk != NULL )
{
- memset( ssl->psk, 0, ssl->psk_len );
- memset( ssl->psk_identity, 0, ssl->psk_identity_len );
+ polarssl_zeroize( ssl->psk, ssl->psk_len );
+ polarssl_zeroize( ssl->psk_identity, ssl->psk_identity_len );
polarssl_free( ssl->psk );
polarssl_free( ssl->psk_identity );
ssl->psk_len = 0;
@@ -4574,7 +4579,7 @@
SSL_DEBUG_MSG( 2, ( "<= free" ) );
/* Actually clear after last debug message */
- memset( ssl, 0, sizeof( ssl_context ) );
+ polarssl_zeroize( ssl, sizeof( ssl_context ) );
}
#if defined(POLARSSL_PK_C)