From 2baeba26b8f8e5699688e7b8b685cf86ef1c147e Mon Sep 17 00:00:00 2001 From: David Carlier Date: Sun, 7 Apr 2019 15:39:51 +0100 Subject: [PATCH 3/3] Using modern secure function to clear memory when available. --- configure.ac | 1 + sha2.c | 8 ++++++++ 2 files changed, 9 insertions(+) diff --git a/configure.ac b/configure.ac index 89072f0..194ea0d 100644 --- a/configure.ac +++ b/configure.ac @@ -12,6 +12,7 @@ AC_ARG_WITH(tfm, AS_HELP_STRING([--with-tfm], [Use tfm (TomsFastMath) instead of AM_CONDITIONAL(WITH_OPENSSL, [test x"$with_openssl" != xno]) AM_CONDITIONAL(WITH_TOMMATH, [test x"$with_tommath" != xno]) AM_CONDITIONAL(WITH_TOMSFASTMATH, [test x"$with_tfm" != xno]) +AC_CHECK_FUNCS(explicit_bzero memset_s) AS_IF([test x"$with_tommath" != xno], [AC_SEARCH_LIBS(mp_init, tommath, , diff --git a/sha2.c b/sha2.c index 1ca0f81..4d31cec 100644 --- a/sha2.c +++ b/sha2.c @@ -189,6 +189,14 @@ typedef u_int64_t sha2_word64; /* Exactly 8 bytes */ #define MEMCPY_BCOPY(d,s,l) bcopy((s), (d), (l)) #endif +#if HAVE_MEMSET_S +#undef MEMSET_BZERO +#define MEMSET_BZERO(p, l) memset_s((p), (l), 0, (l)) +#elif HAVE_EXPLICIT_BZERO +#undef MEMSET_BZERO +#define MEMSET_BZERO(p, l) explicit_bzero((p), (l)) +#endif + /*** THE SIX LOGICAL FUNCTIONS ****************************************/ /* -- 2.30.0