lib/mbedtls
1
0
Fork 0
mirror of https://github.com/Mbed-TLS/mbedtls.git synced 2025-07-29 11:41:15 +03:00
Code Activity

Introduce polarssl_zeroize() instead of memset() for zeroization

Browse Source
This commit is contained in:
Paul Bakker
2014-06-13 17:20:13 +02:00
parent bbcb1ce703
commit 3461772559
36 changed files with 325 additions and 129 deletions
Download Patch File Download Diff File Expand all files Collapse all files

7
library/ssl_srv.c
View File

@ -52,6 +52,11 @@
#endif
#if defined(POLARSSL_SSL_SESSION_TICKETS)
/* Implementation that should never be optimized out by the compiler */
static void polarssl_zeroize( void *v, size_t n ) {
volatile unsigned char *p = v; while( n-- ) *p++ = 0;
}
/*
* Serialize a session in the following format:
* 0 . n-1 session structure, n = sizeof(ssl_session)
@ -337,7 +342,7 @@ static int ssl_parse_ticket( ssl_context *ssl,
ssl_session_free( ssl->session_negotiate );
memcpy( ssl->session_negotiate, &session, sizeof( ssl_session ) );
memset( &session, 0, sizeof( ssl_session ) );
polarssl_zeroize( &session, sizeof( ssl_session ) );
return( 0 );
}