/* * Memory Operations * (C) 1999-2009,2012,2015 Jack Lloyd * * Botan is released under the Simplified BSD License (see license.txt) */ #ifndef BOTAN_MEMORY_OPS_H__ #define BOTAN_MEMORY_OPS_H__ #include #include #include namespace Botan { /** * Scrub memory contents in a way that a compiler should not elide, * using some system specific technique. Note that this function might * not zero the memory (for example, in some hypothetical * implementation it might combine the memory contents with the output * of a system PRNG), but if you can detect any difference in behavior * at runtime then the clearing is side-effecting and you can just * use `clear_mem`. * * Use this function to scrub memory just before deallocating it, or on * a stack buffer before returning from the function. * * @param ptr a pointer to memory to scrub * @param n the number of bytes pointed to by ptr */ BOTAN_DLL void secure_scrub_memory(void* ptr, size_t n); /** * Zero out some bytes * @param ptr a pointer to memory to zero * @param bytes the number of bytes to zero in ptr */ inline void clear_bytes(void* ptr, size_t bytes) { if(bytes > 0) { std::memset(ptr, 0, bytes); } } /** * Zero memory before use. This simply calls memset and should not be * used in cases where the compiler cannot see the call as a * side-effecting operation (for example, if calling clear_mem before * deallocating memory, the compiler would be allowed to omit the call * to memset entirely under the as-if rule.) * * @param ptr a pointer to an array of Ts to zero * @param n the number of Ts pointed to by ptr */ template inline void clear_mem(T* ptr, size_t n) { clear_bytes(ptr, sizeof(T)*n); } /** * Copy memory * @param out the destination array * @param in the source array * @param n the number of elements of in/out */ template inline void copy_mem(T* out, const T* in, size_t n) { if(n > 0) { std::memmove(out, in, sizeof(T)*n); } } /** * Set memory to a fixed value * @param ptr a pointer to an array * @param n the number of Ts pointed to by ptr * @param val the value to set each byte to */ template inline void set_mem(T* ptr, size_t n, uint8_t val) { if(n > 0) { std::memset(ptr, val, sizeof(T)*n); } } /** * Memory comparison, input insensitive * @param p1 a pointer to an array * @param p2 a pointer to another array * @param n the number of Ts in p1 and p2 * @return true iff p1[i] == p2[i] forall i in [0...n) */ template inline bool same_mem(const T* p1, const T* p2, size_t n) { volatile T difference = 0; for(size_t i = 0; i != n; ++i) difference |= (p1[i] ^ p2[i]); return difference == 0; } /** * XOR_ arrays. Postcondition out[i] = in[i] ^ out[i] forall i = 0...length * @param out the input/output buffer * @param in the read-only input buffer * @param length the length of the buffers */ template void xor_buf(T out[], const T in[], size_t length) { for(size_t i = 0; i != length; ++i) { out[i] ^= in[i]; } } /** * XOR arrays. Postcondition out[i] = in[i] ^ in2[i] forall i = 0...length * @param out the output buffer * @param in the first input buffer * @param in2 the second output buffer * @param length the length of the three buffers */ template void xor_buf(T out[], const T in[], const T in2[], size_t length) { for(size_t i = 0; i != length; ++i) { out[i] = in[i] ^ in2[i]; } } template void xor_buf(std::vector& out, const std::vector& in, size_t n) { xor_buf(out.data(), in.data(), n); } template void xor_buf(std::vector& out, const uint8_t* in, size_t n) { xor_buf(out.data(), in, n); } template void xor_buf(std::vector& out, const uint8_t* in, const std::vector& in2, size_t n) { xor_buf(out.data(), in, in2.data(), n); } template std::vector& operator^=(std::vector& out, const std::vector& in) { if(out.size() < in.size()) out.resize(in.size()); xor_buf(out.data(), in.data(), in.size()); return out; } } #endif