/src/trezor-firmware/crypto/memzero.c
Line | Count | Source |
1 | | #ifndef __STDC_WANT_LIB_EXT1__ |
2 | | #define __STDC_WANT_LIB_EXT1__ 1 // C11's bounds-checking interface. |
3 | | #endif |
4 | | #include <string.h> |
5 | | |
6 | | #ifdef _WIN32 |
7 | | #include <windows.h> |
8 | | #endif |
9 | | |
10 | | #ifdef __unix__ |
11 | | #include <strings.h> |
12 | | #include <sys/param.h> |
13 | | #endif |
14 | | |
15 | | // C11's bounds-checking interface. |
16 | | #if defined(__STDC_LIB_EXT1__) |
17 | | #define HAVE_MEMSET_S 1 |
18 | | #endif |
19 | | |
20 | | // GNU C Library version 2.25 or later. |
21 | | #if defined(__GLIBC__) && \ |
22 | | (__GLIBC__ > 2 || (__GLIBC__ == 2 && __GLIBC_MINOR__ >= 25)) |
23 | | #define HAVE_EXPLICIT_BZERO 1 |
24 | | #endif |
25 | | |
26 | | // Newlib |
27 | | #if defined(__NEWLIB__) |
28 | | #define HAVE_EXPLICIT_BZERO 1 |
29 | | #endif |
30 | | |
31 | | // FreeBSD version 11.0 or later. |
32 | | #if defined(__FreeBSD__) && __FreeBSD_version >= 1100037 |
33 | | #define HAVE_EXPLICIT_BZERO 1 |
34 | | #endif |
35 | | |
36 | | // OpenBSD version 5.5 or later. |
37 | | #if defined(__OpenBSD__) && OpenBSD >= 201405 |
38 | | #define HAVE_EXPLICIT_BZERO 1 |
39 | | #endif |
40 | | |
41 | | // NetBSD version 7.2 or later. |
42 | | #if defined(__NetBSD__) && __NetBSD_Version__ >= 702000000 |
43 | | #define HAVE_EXPLICIT_MEMSET 1 |
44 | | #endif |
45 | | |
46 | | // Adapted from |
47 | | // https://github.com/jedisct1/libsodium/blob/1647f0d53ae0e370378a9195477e3df0a792408f/src/libsodium/sodium/utils.c#L102-L130 |
48 | | |
49 | 28.2M | void memzero(void *const pnt, const size_t len) { |
50 | | #ifdef _WIN32 |
51 | | SecureZeroMemory(pnt, len); |
52 | | #elif defined(HAVE_MEMSET_S) |
53 | | memset_s(pnt, (rsize_t)len, 0, (rsize_t)len); |
54 | | #elif defined(HAVE_EXPLICIT_BZERO) |
55 | | explicit_bzero(pnt, len); |
56 | | #elif defined(HAVE_EXPLICIT_MEMSET) |
57 | | explicit_memset(pnt, 0, len); |
58 | | #else |
59 | | volatile unsigned char *volatile pnt_ = (volatile unsigned char *volatile)pnt; |
60 | | size_t i = (size_t)0U; |
61 | | |
62 | | while (i < len) { |
63 | | pnt_[i++] = 0U; |
64 | | } |
65 | | #endif |
66 | | |
67 | | // explicitly mark the memory as overwritten for the Clang MemorySanitizer |
68 | | // this is only included at compile time if MemorySanitizer is enabled and |
69 | | // should not come with any downsides during regular builds |
70 | 28.2M | #if defined(__has_feature) |
71 | | #if __has_feature(memory_sanitizer) |
72 | | memset(pnt, 0, len); |
73 | | #endif |
74 | 28.2M | #endif |
75 | 28.2M | } |