yuzu-emu/mbedtls
2
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity

Modernize documentation of MBEDTLS_PLATFORM_ZEROIZE_ALT

Browse source 
The documentation was not updated when we started detecting memset_s() and
such.

Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
This commit is contained in:
Gilles Peskine 2023-09-07 15:02:39 +02:00
parent f9e4caf388
commit 86733834bc
1 changed files with 18 additions and 15 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

33
include/mbedtls/mbedtls_config.h
View file

@ -292,22 +292,25 @@
//#define MBEDTLS_PLATFORM_GMTIME_R_ALT //#define MBEDTLS_PLATFORM_GMTIME_R_ALT
/** /**
* Uncomment the macro to let mbed TLS use your alternate implementation of * Uncomment the macro to let Mbed TLS use your alternate implementation of
* mbedtls_platform_zeroize(). This replaces the default implementation in * mbedtls_platform_zeroize(), to wipe sensitive data in memory. This replaces
* platform_util.c. * the default implementation in platform_util.c.
* *
* mbedtls_platform_zeroize() is a widely used function across the library to * By default, the library uses a system function such as memset_s()
* zero a block of memory. The implementation is expected to be secure in the * (optional feature of C11), explicit_bzero() (BSD and compatible), or
* sense that it has been written to prevent the compiler from removing calls * SecureZeroMemory (Windows). If no such function is detected, the library
* to mbedtls_platform_zeroize() as part of redundant code elimination * falls back to a plain C implementation. Compilers are technically
* optimizations. However, it is difficult to guarantee that calls to * permitted to optimize this implementation out, meaning that the memory is
* mbedtls_platform_zeroize() will not be optimized by the compiler as older * not actually wiped. The library tries to prevent that, but the C language
* versions of the C language standards do not provide a secure implementation * makes it impossible to guarantee that the memory will always be wiped.
* of memset(). Therefore, MBEDTLS_PLATFORM_ZEROIZE_ALT enables users to *
* configure their own implementation of mbedtls_platform_zeroize(), for * If your platform provides a guaranteed method to wipe memory which
* example by using directives specific to their compiler, features from newer * `platform_util.c` does not detect, define this macro to the name of
* C standards (e.g using memset_s() in C11) or calling a secure memset() from * a function that takes two arguments, a `void *` pointer and a length,
* their system (e.g explicit_bzero() in BSD). * and wipes that many bytes starting at the specified address. For example,
* if your platform has explicit_bzero() but `platform_util.c` does not
* detect its presence, define `MBEDTLS_PLATFORM_ZEROIZE_ALT` to be
* `explicit_bzero` to use that function as mbedtls_platform_zeroize().
*/ */
//#define MBEDTLS_PLATFORM_ZEROIZE_ALT //#define MBEDTLS_PLATFORM_ZEROIZE_ALT