mirror/mbedtls
1
0
Fork 0
mirror of https://github.com/Mbed-TLS/mbedtls.git synced 2025-03-03 19:13:39 +00:00
Code Issues Actions Packages Projects Releases Wiki Activity

Make utils module part of the platform

Browse Source
This commit is contained in:
Andres Amaya Garcia 2018-04-17 09:16:30 -05:00
parent ae8e306973
commit 904e1efb8c
4 changed files with 38 additions and 26 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

35
include/mbedtls/utils.h → include/mbedtls/platform_util.h
View File

@ -1,8 +1,10 @@
/** /**
* \file utils.h * \file platform_util.h
*
* \brief Mbed TLS utility functions
* *
* \brief Common and shared functions used by multiple modules in the Mbed TLS
* library.
*/
/*
* Copyright (C) 2018, Arm Limited, All Rights Reserved * Copyright (C) 2018, Arm Limited, All Rights Reserved
* SPDX-License-Identifier: Apache-2.0 * SPDX-License-Identifier: Apache-2.0
* *
@ -20,11 +22,15 @@
* *
* This file is part of Mbed TLS (https://tls.mbed.org) * This file is part of Mbed TLS (https://tls.mbed.org)
*/ */
#ifndef MBEDTLS_UTILS_H #ifndef MBEDTLS_PLATFORM_UTIL_H
#define MBEDTLS_UTILS_H #define MBEDTLS_PLATFORM_UTIL_H
#include <stddef.h> #include <stddef.h>
#ifdef __cplusplus
extern "C" {
#endif
/** /**
* \brief Securely zeroize a buffer * \brief Securely zeroize a buffer
* *
@ -35,12 +41,17 @@
* compiler * compiler
* *
* \note It is extremely difficult to guarantee that calls to * \note It is extremely difficult to guarantee that calls to
* mbedtls_zeroize() are not removed by aggressive compiler * mbedtls_platform_zeroize() are not removed by aggressive
* optimizations in a portable way. For this reason, Mbed TLS * compiler optimizations in a portable way. For this reason, Mbed
* provides the configuration option MBEDTLS_UTILS_ZEROIZE_ALT, * TLS provides the configuration option
* which allows users to configure mbedtls_zeroize() to use a * MBEDTLS_PLATFORM_ZEROIZE_ALT, which allows users to configure
* suitable implementation for their platform and needs * mbedtls_platform_zeroize() to use a suitable implementation for
* their platform and needs
*/ */
void mbedtls_zeroize( void *buf, size_t len ); void mbedtls_platform_zeroize( void *buf, size_t len );
#endif /* MBEDTLS_UTILS_H */ #ifdef __cplusplus
}
#endif
#endif /* MBEDTLS_PLATFORM_UTIL_H */

2
library/CMakeLists.txt
View File

@ -57,7 +57,7 @@ set(src_crypto
version.c version.c
version_features.c version_features.c
xtea.c xtea.c
utils.c platform_util.c
) )
set(src_x509 set(src_x509

2
library/Makefile
View File

@ -66,7 +66,7 @@ OBJS_CRYPTO= aes.o aesni.o arc4.o \
sha1.o sha256.o sha512.o \ sha1.o sha256.o sha512.o \
threading.o timing.o version.o \ threading.o timing.o version.o \
version_features.o xtea.o \ version_features.o xtea.o \
utils.o platform_util.o
OBJS_X509= certs.o pkcs11.o x509.o \ OBJS_X509= certs.o pkcs11.o x509.o \
x509_create.o x509_crl.o x509_crt.o \ x509_create.o x509_crl.o x509_crt.o \

25
library/utils.c → library/platform_util.c
View File

@ -1,5 +1,6 @@
/* /*
* Mbed TLS utility functions * Common and shared functions used by multiple modules in the Mbed TLS
* library.
* *
* Copyright (C) 2018, Arm Limited, All Rights Reserved * Copyright (C) 2018, Arm Limited, All Rights Reserved
* SPDX-License-Identifier: Apache-2.0 * SPDX-License-Identifier: Apache-2.0
@ -30,12 +31,12 @@
#include <stddef.h> #include <stddef.h>
#include <string.h> #include <string.h>
#if !defined(MBEDTLS_UTILS_ZEROIZE_ALT) #if !defined(MBEDTLS_PLATFORM_ZEROIZE_ALT)
/* /*
* This implementation should never be optimized out by the compiler * This implementation should never be optimized out by the compiler
* *
* This implementation for mbedtls_zeroize() was inspired from Colin Percival's * This implementation for mbedtls_platform_zeroize() was inspired from Colin
* blog article at: * Percival's blog article at:
* *
* http://www.daemonology.net/blog/2014-09-04-how-to-zero-a-buffer.html * http://www.daemonology.net/blog/2014-09-04-how-to-zero-a-buffer.html
* *
@ -50,17 +51,17 @@
* if( memset_func != memset ) * if( memset_func != memset )
* memset_func( buf, 0, len ); * memset_func( buf, 0, len );
* *
* Note that it is extremely difficult to guarantee that mbedtls_zeroize() * Note that it is extremely difficult to guarantee that
* will not be optimized out by aggressive compilers in a portable way. For * mbedtls_platform_zeroize() will not be optimized out by aggressive compilers
* this reason, Mbed TLS also provides the configuration option * in a portable way. For this reason, Mbed TLS also provides the configuration
* MBEDTLS_UTILS_ZEROIZE_ALT, which allows users to configure * option MBEDTLS_PLATFORM_ZEROIZE_ALT, which allows users to configure
* mbedtls_zeroize() to use a suitable implementation for their platform and * mbedtls_platform_zeroize() to use a suitable implementation for their
* needs. * platform and needs.
*/ */
static void * (* const volatile memset_func)( void *, int, size_t ) = memset; static void * (* const volatile memset_func)( void *, int, size_t ) = memset;
void mbedtls_zeroize( void *buf, size_t len ) void mbedtls_platform_zeroize( void *buf, size_t len )
{ {
memset_func( buf, 0, len ); memset_func( buf, 0, len );
} }
#endif /* MBEDTLS_UTILS_ZEROIZE_ALT */ #endif /* MBEDTLS_PLATFORM_ZEROIZE_ALT */