diff options
| author | lloyd <[email protected]> | 2015-01-23 15:53:44 +0000 |
|---|---|---|
| committer | lloyd <[email protected]> | 2015-01-23 15:53:44 +0000 |
| commit | 9a0da0565c042c0f0a09caed036621c47e3f494e (patch) | |
| tree | 85d2e78787506882f54bbff497f802c2eb0a186e | |
| parent | 7e6ac35931ed073d01c96d212bba5c7674cba505 (diff) | |
Remove memset_s, not implemented on any machine I can test on and
problematic for requiring a special define before the first include of
string.h. Instead optionally call memset via a volatile function
pointer as a faster alternative to byte at a time writes.
Github 42, 45
| -rw-r--r-- | doc/relnotes/1_11_14.rst | 4 | ||||
| -rw-r--r-- | src/build-data/buildh.in | 6 | ||||
| -rw-r--r-- | src/lib/utils/zero_mem.cpp | 12 |
3 files changed, 13 insertions, 9 deletions
diff --git a/doc/relnotes/1_11_14.rst b/doc/relnotes/1_11_14.rst index 0fabe190e..600f6dae1 100644 --- a/doc/relnotes/1_11_14.rst +++ b/doc/relnotes/1_11_14.rst @@ -1,9 +1,9 @@ -1.11.14, Not Yet Released +Version 1.11.14, Not Yet Released ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^ * OCB mode, which provides a fast and constant time AEAD mode without requiring hardware support, is now supported in TLS, following - draft-zauner-tls-aes-ocb-00. Because this specification is not yet + draft-zauner-tls-aes-ocb-01. Because this specification is not yet finalized is not yet enabled by the default policy, and the ciphersuite numbers used are in the experimental range and may conflict with other uses. diff --git a/src/build-data/buildh.in b/src/build-data/buildh.in index 636552a4f..fdb141ffb 100644 --- a/src/build-data/buildh.in +++ b/src/build-data/buildh.in @@ -44,6 +44,12 @@ /* How many bits per limb in a BigInt */ #define BOTAN_MP_WORD_BITS %{mp_bits} +/* +If enabled uses memset via volatile function pointer to zero memory, +otherwise does a byte at a time write via a volatile pointer. +*/ +#define BOTAN_USE_VOLATILE_MEMSET_FOR_ZERO 1 + /* PK key consistency checking toggles */ #define BOTAN_PUBLIC_KEY_STRONG_CHECKS_ON_LOAD 1 #define BOTAN_PRIVATE_KEY_STRONG_CHECKS_ON_LOAD 0 diff --git a/src/lib/utils/zero_mem.cpp b/src/lib/utils/zero_mem.cpp index d8c438435..1dbf6e213 100644 --- a/src/lib/utils/zero_mem.cpp +++ b/src/lib/utils/zero_mem.cpp @@ -1,6 +1,6 @@ -/* + /* * Zero Memory -* (C) 2012 Jack Lloyd +* (C) 2012,2015 Jack Lloyd * * Botan is released under the Simplified BSD License (see license.txt) */ @@ -9,9 +9,6 @@ #if defined(BOTAN_TARGET_OS_HAS_RTLSECUREZEROMEMORY) #include <windows.h> -#elif defined(BOTAN_TARGET_OS_HAS_MEMSET_S) - #define __STDC_WANT_LIB_EXT1__ 1 - #include <string.h> #endif namespace Botan { @@ -20,8 +17,9 @@ void zero_mem(void* ptr, size_t n) { #if defined(BOTAN_TARGET_OS_HAS_RTLSECUREZEROMEMORY) ::RtlSecureZeroMemory(ptr, n); -#elif defined(BOTAN_TARGET_OS_HAS_MEMSET_S) - ::memset_s(ptr, n, 0, n); +#elif defined(BOTAN_USE_VOLATILE_MEMSET) && (BOTAN_USE_VOLATILE_MEMSET == 1) + static void* (*const volatile memset_ptr)(void*, int, size_t) = memset; + (memset_ptr)(p, 0, n); #else volatile byte* p = reinterpret_cast<volatile byte*>(ptr); |