From 41b1e738dbcbf2c33b418d2da235a56ad11feb9a Mon Sep 17 00:00:00 2001 From: Jack Lloyd Date: Mon, 29 May 2017 05:55:05 -0400 Subject: Add FFI func botan_scrub_mem --- src/lib/ffi/ffi.cpp | 6 ++++++ src/lib/ffi/ffi.h | 6 ++++++ src/tests/test_ffi.cpp | 4 ++++ 3 files changed, 16 insertions(+) diff --git a/src/lib/ffi/ffi.cpp b/src/lib/ffi/ffi.cpp index 7e96e5514..46755ff54 100644 --- a/src/lib/ffi/ffi.cpp +++ b/src/lib/ffi/ffi.cpp @@ -393,6 +393,12 @@ int botan_same_mem(const uint8_t* x, const uint8_t* y, size_t len) return Botan::same_mem(x, y, len) ? 0 : -1; } +int botan_scrub_mem(uint8_t* mem, size_t bytes) + { + Botan::secure_scrub_memory(mem, bytes); + return 0; + } + int botan_hex_encode(const uint8_t* in, size_t len, char* out, uint32_t flags) { try diff --git a/src/lib/ffi/ffi.h b/src/lib/ffi/ffi.h index 5ce86a9b0..d194c4794 100644 --- a/src/lib/ffi/ffi.h +++ b/src/lib/ffi/ffi.h @@ -147,6 +147,12 @@ doesn't exactly work well either! */ BOTAN_DLL int botan_same_mem(const uint8_t* x, const uint8_t* y, size_t len); +/** +* Clear out memory using a system specific approach to bypass elision by the +* compiler (currently using RtlSecureZeroMemory or tricks with volatile pointers). +*/ +BOTAN_DLL int botan_scrub_mem(uint8_t* mem, size_t bytes); + #define BOTAN_FFI_HEX_LOWER_CASE 1 /** diff --git a/src/tests/test_ffi.cpp b/src/tests/test_ffi.cpp index cf97dd947..0e238ab1e 100644 --- a/src/tests/test_ffi.cpp +++ b/src/tests/test_ffi.cpp @@ -51,6 +51,10 @@ class FFI_Unit_Tests : public Test TEST_FFI_RC(0, botan_same_mem, (mem1.data(), mem2.data(), mem1.size())); TEST_FFI_RC(-1, botan_same_mem, (mem1.data(), mem3.data(), mem1.size())); + std::vector to_zero = { 0xFF, 0xA0 }; + TEST_FFI_OK(botan_scrub_mem, (to_zero.data(), to_zero.size())); + result.confirm("scrub_memory zeros", to_zero[0] == 0 && to_zero[1] == 0); + const std::vector bin = { 0xAA, 0xDE, 0x01 }; const char* input_str = "ABC"; -- cgit v1.2.3