Modernize documentation of MBEDTLS_PLATFORM_ZEROIZE_ALT
The documentation was not updated when we started detecting memset_s() and such. Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
This commit is contained in:
parent
f9e4caf388
commit
86733834bc
1 changed files with 18 additions and 15 deletions
|
@ -292,22 +292,25 @@
|
||||||
//#define MBEDTLS_PLATFORM_GMTIME_R_ALT
|
//#define MBEDTLS_PLATFORM_GMTIME_R_ALT
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* Uncomment the macro to let mbed TLS use your alternate implementation of
|
* Uncomment the macro to let Mbed TLS use your alternate implementation of
|
||||||
* mbedtls_platform_zeroize(). This replaces the default implementation in
|
* mbedtls_platform_zeroize(), to wipe sensitive data in memory. This replaces
|
||||||
* platform_util.c.
|
* the default implementation in platform_util.c.
|
||||||
*
|
*
|
||||||
* mbedtls_platform_zeroize() is a widely used function across the library to
|
* By default, the library uses a system function such as memset_s()
|
||||||
* zero a block of memory. The implementation is expected to be secure in the
|
* (optional feature of C11), explicit_bzero() (BSD and compatible), or
|
||||||
* sense that it has been written to prevent the compiler from removing calls
|
* SecureZeroMemory (Windows). If no such function is detected, the library
|
||||||
* to mbedtls_platform_zeroize() as part of redundant code elimination
|
* falls back to a plain C implementation. Compilers are technically
|
||||||
* optimizations. However, it is difficult to guarantee that calls to
|
* permitted to optimize this implementation out, meaning that the memory is
|
||||||
* mbedtls_platform_zeroize() will not be optimized by the compiler as older
|
* not actually wiped. The library tries to prevent that, but the C language
|
||||||
* versions of the C language standards do not provide a secure implementation
|
* makes it impossible to guarantee that the memory will always be wiped.
|
||||||
* of memset(). Therefore, MBEDTLS_PLATFORM_ZEROIZE_ALT enables users to
|
*
|
||||||
* configure their own implementation of mbedtls_platform_zeroize(), for
|
* If your platform provides a guaranteed method to wipe memory which
|
||||||
* example by using directives specific to their compiler, features from newer
|
* `platform_util.c` does not detect, define this macro to the name of
|
||||||
* C standards (e.g using memset_s() in C11) or calling a secure memset() from
|
* a function that takes two arguments, a `void *` pointer and a length,
|
||||||
* their system (e.g explicit_bzero() in BSD).
|
* and wipes that many bytes starting at the specified address. For example,
|
||||||
|
* if your platform has explicit_bzero() but `platform_util.c` does not
|
||||||
|
* detect its presence, define `MBEDTLS_PLATFORM_ZEROIZE_ALT` to be
|
||||||
|
* `explicit_bzero` to use that function as mbedtls_platform_zeroize().
|
||||||
*/
|
*/
|
||||||
//#define MBEDTLS_PLATFORM_ZEROIZE_ALT
|
//#define MBEDTLS_PLATFORM_ZEROIZE_ALT
|
||||||
|
|
||||||
|
|
Loading…
Reference in a new issue