Export sodium_memzero() as this will be required for Blake2, too.

2024-12-19 18:15:18 -07:00 · 2013-03-18 21:40:16 -07:00 · 2013-03-18 21:40:16 -07:00 · 8b728c9034
commit 8b728c9034
parent bc05a0f3d8
7 changed files with 51 additions and 15 deletions
--- a/README.markdown
+++ b/README.markdown
@ -104,6 +104,15 @@ provider.
 A custom implementation of these functions can be registered with
 `randombytes_set_implementation()`.

+In addition, Sodium provides a function to securely wipe a memory
+region:
+
+    void     sodium_memzero(void * const pnt, const size_t size);
+    
+Warning: if a region has been allocated on the heap, you still have
+to make sure that it can't get swapped to disk, possibly using
+`mlock(2)`.
+
 ## Bindings for other languages

 * Ruby: [RbNaCl](https://github.com/cryptosphere/rbnacl)
--- a/src/libsodium/Makefile.am
+++ b/src/libsodium/Makefile.am
@ -77,6 +77,7 @@ libsodium_la_SOURCES = \
 	randombytes/randombytes.c \
 	randombytes/randombytes_salsa20_random.c \
 	randombytes/randombytes_sysrandom.c \
+	utils.c \
 	version.c

 EXTRA_DIST = \
--- a/src/libsodium/include/Makefile.am
+++ b/src/libsodium/include/Makefile.am
@ -40,6 +40,7 @@ SODIUM_EXPORT = \
 	sodium/randombytes.h \
 	sodium/randombytes_salsa20_random.h \
 	sodium/randombytes_sysrandom.h \
+	sodium/utils.h \
 	sodium/version.h

 EXTRA_SRC = $(SODIUM_EXPORT) \
--- a/src/libsodium/include/sodium.h
+++ b/src/libsodium/include/sodium.h
@ -33,6 +33,7 @@
 #include <sodium/crypto_verify_16.h>
 #include <sodium/crypto_verify_32.h>
 #include <sodium/randombytes.h>
+#include <sodium/utils.h>
 #include <sodium/version.h>

 #endif
--- a/src/libsodium/include/sodium/utils.h
+++ b/src/libsodium/include/sodium/utils.h
@ -0,0 +1,17 @@
+
+#ifndef __SODIUM_UTILS_H__
+#define __SODIUM_UTILS_H__
+
+#include <stdlib.h>
+
+#ifdef __cplusplus
+extern "C" {
+#endif
+
+void sodium_memzero(void * const pnt, const size_t size);
+
+#ifdef __cplusplus
+}
+#endif
+    
+#endif
--- a/src/libsodium/randombytes/randombytes_salsa20_random.c
+++ b/src/libsodium/randombytes/randombytes_salsa20_random.c
@ -15,6 +15,7 @@
 #include "crypto_hash_sha256.h"
 #include "crypto_stream_salsa20.h"
 #include "randombytes_salsa20_random.h"
+#include "utils.h"

 #ifdef _WIN32
 # include <Windows.h>
@ -46,21 +47,6 @@ static Salsa20Random stream = {
    .initialized = 0
 };

-static void
-sodium_memzero(void * const pnt, const size_t size)
-{
-#ifdef HAVE_SECUREZEROMEMORY
-    SecureZeroMemory(pnt, size);
-#else
-    volatile unsigned char *pnt_ = (volatile unsigned char *) pnt;
-    size_t                     i = (size_t) 0U;
-
-    while (i < size) {
-        pnt_[i++] = 0U;
-    }
-#endif
-}
-
 static uint64_t
 sodium_hrtime(void)
 {
--- a/src/libsodium/utils.c
+++ b/src/libsodium/utils.c
@ -0,0 +1,21 @@
+
+#include "utils.h"
+#ifdef _WIN32
+# include <Windows.h>
+# include <Wincrypt.h>
+#endif
+
+void
+sodium_memzero(void * const pnt, const size_t size)
+{
+#ifdef HAVE_SECUREZEROMEMORY
+    SecureZeroMemory(pnt, size);
+#else
+    volatile unsigned char *pnt_ = (volatile unsigned char *) pnt;
+    size_t                     i = (size_t) 0U;
+
+    while (i < size) {
+        pnt_[i++] = 0U;
+    }
+#endif
+}