diff options
| author | rl1987 <rl1987@sdf.lonestar.org> | 2016-01-03 17:08:21 +0100 |
|---|---|---|
| committer | Nick Mathewson <nickm@torproject.org> | 2016-01-07 14:25:31 -0800 |
| commit | fb373a9ef6f07229b20cf1176522c625cd5c0a4d (patch) | |
| tree | af5db95093a5e7ed41974e2885fc996dab1041f0 /src | |
| parent | 3783046f3b519533fc721472f38ccf437d2d12a5 (diff) | |
| download | tor-fb373a9ef6f07229b20cf1176522c625cd5c0a4d.tar.gz tor-fb373a9ef6f07229b20cf1176522c625cd5c0a4d.zip | |
On win32, use SecureZeroMemory() to securely wipe buffers.
{Also tweak the comments. -nickm)
Diffstat (limited to 'src')
| -rw-r--r-- | src/common/crypto.c | 15 |
1 files changed, 10 insertions, 5 deletions
diff --git a/src/common/crypto.c b/src/common/crypto.c index e62cc0a511..134e69aa20 100644 --- a/src/common/crypto.c +++ b/src/common/crypto.c @@ -2960,6 +2960,16 @@ memwipe(void *mem, uint8_t byte, size_t sz) * have this function call "memset". A smart compiler could inline it, then * eliminate dead memsets, and declare itself to be clever. */ +#ifdef _WIN32 + /* Here's what you do on windows. */ + SecureZeroMemory(mem,sz); +#elif defined(HAVE_EXPLICIT_BZERO) + /* The BSDs provide this. */ + explicit_bzero(mem, sz); +#elif defined(HAVE_MEMSET_S) + /* This is in the C99 standard. */ + memset_s(mem, sz, 0, sz); +#else /* This is a slow and ugly function from OpenSSL that fills 'mem' with junk * based on the pointer value, then uses that junk to update a global * variable. It's an elaborate ruse to trick the compiler into not @@ -2971,11 +2981,6 @@ memwipe(void *mem, uint8_t byte, size_t sz) * OPENSSL_cleanse() on most platforms, which ought to do the job. **/ -#ifdef HAVE_EXPLICIT_BZERO - explicit_bzero(mem, sz); -#elif HAVE_MEMSET_S - memset_s( mem, sz, 0, sz ); -#else OPENSSL_cleanse(mem, sz); #endif |