-Adding explicit include for mbedtls/platform_util.h to get acces to mbedtls_platform_zeroize in ITS. Somehow not visibile in Zephyr but it caused build issues in nRF Connect SDK.
mbedtls_zeroize( void *v, size_t n ) { 00055 volatile unsigned char *p = v; while( n-- ) *p++ = 0; 00056 } 00057 #endif 00058 00059 #if defined(MBEDTLS_SSL_DTLS_HELLO_VERIFY) 00060 int mbedtls_ssl_set_client_transport_id( mbedtls_ssl_context *ssl, 00061...
In include/mbedtls/platform_util.h, since #8143, we skip the declaration of mbedtls_platform_zeroize in some test builds, based on whether MBEDTLS_TEST_DEFINES_ZEROIZE is defined. There's a good reason for wanting to skip the declaration: we want to make mbedtls_platform_zeroize a macro ...
mbedtls_platform_zeroize(local_output, 16); return ret; } int mbedtls_ccm_finish(mbedtls_ccm_context *ctx, unsigned char *tag, size_t tag_len) { int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; unsigned char i; if (ctx->state & CCM_STATE__ERROR) { return MBEDTLS...
( void *, int, size_t ) = memset; void mbedtls_platform_zeroize( void *buf, size_t len ) { if( buf && len > 0 ) memset_func( buf, 0, len ); } void mbedtls_sha256_init( mbedtls_sha256_context *ctx ) { memset( ctx, 0, sizeof( mbedtls_sha256_context ) ); } void ...
mbedtls_platform_zeroize(ctx, sizeof(*ctx)); } int mbedtls_lmots_import_public_key(mbedtls_lmots_public_t *ctx, const unsigned char *key, size_t key_len) { if (key_len < MBEDTLS_LMOTS_SIG_TYPE_OFFSET + MBEDTLS_LMOTS_TYPE_LEN) { ...
#endif/* MBEDTLS_PLATFORM_C */ #endif/* MBEDTLS_SELF_TEST */ #if!defined(MBEDTLS_AES_ALT) /* Implementation that should never be optimized out by the compiler */ static void mbedtls_zeroize( void *v size_t n ) { volatile unsigned char *p = v; while( n-- ) *p++ =0; ...
_PLATFORM_C) 00050 #include "mbedtls/platform.h" 00051 #else 00052 #include <stdlib.h> 00053 #define mbedtls_calloc calloc 00054 #define mbedtls_free free 00055 #endif 00056 00057 /* Implementation that should never be optimized out by the compiler */ 00058 static void mbedtls_zeroize( ...
Description Add a new internal function mbedtls_zeroize_and_free() which is just a wrapper around consecutive calls to mbedtls_platform_zeroize() and mbedtls_free(). This is common enough that it s...
Zeroize temporary heap buffers used in PSA operations. Fix a vulnerability in the TLS 1.2 handshake. If memory allocation failed or there was a cryptographic hardware failure when calculating the Finished message, it could be calculated incorrectly. This would break ...