lib/mbedtls
1
0
Fork 0
mirror of https://github.com/Mbed-TLS/mbedtls.git synced 2025-07-30 22:43:08 +03:00
Code Activity

Documentation

Browse Source 
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
This commit is contained in:
Dave Rodgman
2023-02-24 17:43:00 +00:00
parent f55182d2bf
commit 4daca63734
1 changed files with 9 additions and 4 deletions
Download Patch File Download Diff File Expand all files Collapse all files

9
library/platform_util.c
View File

@ -56,7 +56,12 @@
#if !defined(MBEDTLS_PLATFORM_ZEROIZE_ALT) #if !defined(MBEDTLS_PLATFORM_ZEROIZE_ALT)
/* /*
* This implementation should never be optimized out by the compiler * Where possible, we try to detect the presence of a platform-provided
* secure memset, such as explicit_bzero(), that is safe against being optimized
* out, and use that.
*
* For other platforms, we provide an implementation that aims not to be
* optimized out by the compiler.
* *
* This implementation for mbedtls_platform_zeroize() was inspired from Colin * This implementation for mbedtls_platform_zeroize() was inspired from Colin
* Percival's blog article at: * Percival's blog article at:
@ -75,7 +80,7 @@
* memset_func(buf, 0, len); * memset_func(buf, 0, len);
* *
* Note that it is extremely difficult to guarantee that * Note that it is extremely difficult to guarantee that
* mbedtls_platform_zeroize() will not be optimized out by aggressive compilers * the memset() call will not be optimized out by aggressive compilers
* in a portable way. For this reason, Mbed TLS also provides the configuration * in a portable way. For this reason, Mbed TLS also provides the configuration
* option MBEDTLS_PLATFORM_ZEROIZE_ALT, which allows users to configure * option MBEDTLS_PLATFORM_ZEROIZE_ALT, which allows users to configure
* mbedtls_platform_zeroize() to use a suitable implementation for their * mbedtls_platform_zeroize() to use a suitable implementation for their