commit 994193326be25c29be2b525552db401d3e432067
author Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com> Thu Oct 03 10:40:57 2019 +0200
committer Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com> Tue Oct 22 10:03:07 2019 +0200
tree 004e4ea1c7c18dbd6f65660d7c65342577bbeda0
parent 14f33e74c0452afec9740ab49e501027fedb80eb

Use plain memset() in context init functions

We call xxx_init() on a structure when it has been freshly allocated (on the
stack or heap).

At this point it contains random-looking data none of which should be
sensitive, as all sensitive data is wiped using mbedtls_platform_zeroize()
when we're done using it and the memory area is going to be reclaimed (by
exiting the function or free()ing the buffer).

library/aes.c

diff --git a/library/aes.c b/library/aes.c
index 4850fab..247bbde 100644
--- a/library/aes.c
+++ b/library/aes.c
@@ -519,7 +519,7 @@
 {
     AES_VALIDATE( ctx != NULL );
 
-    mbedtls_platform_memset( ctx, 0, sizeof( mbedtls_aes_context ) );
+    memset( ctx, 0, sizeof( mbedtls_aes_context ) );
 }
 
 void mbedtls_aes_free( mbedtls_aes_context *ctx )

library/ccm.c

diff --git a/library/ccm.c b/library/ccm.c
index a21e3c3..9258082 100644
--- a/library/ccm.c
+++ b/library/ccm.c
@@ -66,7 +66,7 @@
 void mbedtls_ccm_init( mbedtls_ccm_context *ctx )
 {
     CCM_VALIDATE( ctx != NULL );
-    mbedtls_platform_memset( ctx, 0, sizeof( mbedtls_ccm_context ) );
+    memset( ctx, 0, sizeof( mbedtls_ccm_context ) );
 }
 
 int mbedtls_ccm_setkey( mbedtls_ccm_context *ctx,

library/cipher.c

diff --git a/library/cipher.c b/library/cipher.c
index 47dfe24..53ed9b3 100644
--- a/library/cipher.c
+++ b/library/cipher.c
@@ -156,7 +156,7 @@
 void mbedtls_cipher_init( mbedtls_cipher_context_t *ctx )
 {
     CIPHER_VALIDATE( ctx != NULL );
-    mbedtls_platform_memset( ctx, 0, sizeof( mbedtls_cipher_context_t ) );
+    memset( ctx, 0, sizeof( mbedtls_cipher_context_t ) );
 }
 
 void mbedtls_cipher_free( mbedtls_cipher_context_t *ctx )

library/entropy.c

diff --git a/library/entropy.c b/library/entropy.c
index 4e29b31..8f28733 100644
--- a/library/entropy.c
+++ b/library/entropy.c
@@ -65,7 +65,7 @@
 void mbedtls_entropy_init( mbedtls_entropy_context *ctx )
 {
     ctx->source_count = 0;
-    mbedtls_platform_memset( ctx->source, 0, sizeof( ctx->source ) );
+    memset( ctx->source, 0, sizeof( ctx->source ) );
 
 #if defined(MBEDTLS_THREADING_C)
     mbedtls_mutex_init( &ctx->mutex );

library/hmac_drbg.c

diff --git a/library/hmac_drbg.c b/library/hmac_drbg.c
index e00a834..9d26a73 100644
--- a/library/hmac_drbg.c
+++ b/library/hmac_drbg.c
@@ -56,7 +56,7 @@
  */
 void mbedtls_hmac_drbg_init( mbedtls_hmac_drbg_context *ctx )
 {
-    mbedtls_platform_memset( ctx, 0, sizeof( mbedtls_hmac_drbg_context ) );
+    memset( ctx, 0, sizeof( mbedtls_hmac_drbg_context ) );
 
 #if defined(MBEDTLS_THREADING_C)
     mbedtls_mutex_init( &ctx->mutex );

library/md.c

diff --git a/library/md.c b/library/md.c
index 92fe3a4..d9d6509 100644
--- a/library/md.c
+++ b/library/md.c
@@ -387,7 +387,7 @@
 
 void mbedtls_md_init( mbedtls_md_context_t *ctx )
 {
-    mbedtls_platform_memset( ctx, 0, sizeof( mbedtls_md_context_t ) );
+    memset( ctx, 0, sizeof( mbedtls_md_context_t ) );
 
 #if defined(MBEDTLS_MD_SINGLE_HASH)
     mbedtls_md_info_init( mbedtls_md_get_handle( ctx ),

library/pk.c

diff --git a/library/pk.c b/library/pk.c
index a2d86e1..688a1fc 100644
--- a/library/pk.c
+++ b/library/pk.c
@@ -1291,7 +1291,7 @@
     ctx->pk_info = MBEDTLS_PK_INVALID_HANDLE;
     ctx->pk_ctx = NULL;
 #else
-    mbedtls_platform_zeroize( ctx, sizeof( mbedtls_pk_context ) );
+    memset( ctx, 0, sizeof( mbedtls_pk_context ) );
 #endif
 }
 

library/sha256.c

diff --git a/library/sha256.c b/library/sha256.c
index 10d3ff5..1c200c8 100644
--- a/library/sha256.c
+++ b/library/sha256.c
@@ -59,7 +59,7 @@
 {
     SHA256_VALIDATE( ctx != NULL );
 
-    mbedtls_platform_memset( ctx, 0, sizeof( mbedtls_sha256_context ) );
+    memset( ctx, 0, sizeof( mbedtls_sha256_context ) );
 }
 
 void mbedtls_sha256_free( mbedtls_sha256_context *ctx )

library/ssl_tls.c

diff --git a/library/ssl_tls.c b/library/ssl_tls.c
index 64d3335..ddc58a4 100644
--- a/library/ssl_tls.c
+++ b/library/ssl_tls.c
@@ -7955,7 +7955,7 @@
 
 static void ssl_handshake_params_init( mbedtls_ssl_handshake_params *handshake )
 {
-    mbedtls_platform_memset( handshake, 0, sizeof( mbedtls_ssl_handshake_params ) );
+    memset( handshake, 0, sizeof( mbedtls_ssl_handshake_params ) );
 
 #if defined(MBEDTLS_SSL_PROTO_SSL3) || defined(MBEDTLS_SSL_PROTO_TLS1) || \
     defined(MBEDTLS_SSL_PROTO_TLS1_1)
@@ -8010,7 +8010,7 @@
 
 void mbedtls_ssl_transform_init( mbedtls_ssl_transform *transform )
 {
-    mbedtls_platform_memset( transform, 0, sizeof(mbedtls_ssl_transform) );
+    memset( transform, 0, sizeof(mbedtls_ssl_transform) );
 
     mbedtls_cipher_init( &transform->cipher_ctx_enc );
     mbedtls_cipher_init( &transform->cipher_ctx_dec );
@@ -8023,7 +8023,7 @@
 
 void mbedtls_ssl_session_init( mbedtls_ssl_session *session )
 {
-    mbedtls_platform_memset( session, 0, sizeof(mbedtls_ssl_session) );
+    memset( session, 0, sizeof(mbedtls_ssl_session) );
 }
 
 static int ssl_handshake_init( mbedtls_ssl_context *ssl )
@@ -8226,7 +8226,7 @@
  */
 void mbedtls_ssl_init( mbedtls_ssl_context *ssl )
 {
-    mbedtls_platform_memset( ssl, 0, sizeof( mbedtls_ssl_context ) );
+    memset( ssl, 0, sizeof( mbedtls_ssl_context ) );
 }
 
 /*
@@ -11773,7 +11773,7 @@
  */
 void mbedtls_ssl_config_init( mbedtls_ssl_config *conf )
 {
-    mbedtls_platform_memset( conf, 0, sizeof( mbedtls_ssl_config ) );
+    memset( conf, 0, sizeof( mbedtls_ssl_config ) );
 
 #if !defined(MBEDTLS_SSL_PROTO_TLS)
     conf->transport = MBEDTLS_SSL_TRANSPORT_DATAGRAM;

library/x509_crt.c

diff --git a/library/x509_crt.c b/library/x509_crt.c
index 0aebb39..5919303 100644
--- a/library/x509_crt.c
+++ b/library/x509_crt.c
@@ -292,7 +292,7 @@
 
 static void x509_crt_cache_init( mbedtls_x509_crt_cache *cache )
 {
-    mbedtls_platform_memset( cache, 0, sizeof( *cache ) );
+    memset( cache, 0, sizeof( *cache ) );
 #if defined(MBEDTLS_THREADING_C)
     mbedtls_mutex_init( &cache->frame_mutex );
     mbedtls_mutex_init( &cache->pk_mutex );
@@ -3834,7 +3834,7 @@
  */
 void mbedtls_x509_crt_init( mbedtls_x509_crt *crt )
 {
-    mbedtls_platform_memset( crt, 0, sizeof(mbedtls_x509_crt) );
+    memset( crt, 0, sizeof(mbedtls_x509_crt) );
 }
 
 /*