yuzu/mbedtls
1
0
Fork 0
mirror of https://github.com/yuzu-emu/mbedtls.git synced 2025-07-08 06:50:36 +00:00
Code Issues Packages Projects Releases Wiki Activity

Add config.h docs for MBEDTLS_UTILS_ZEROIZE_ALT

Browse source
This commit is contained in:
Andres Amaya Garcia 2018-03-08 20:25:29 +00:00
parent 1962405be1
commit 6606d5c414
1 changed files with 14 additions and 1 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

15
include/mbedtls/config.h
View file

@ -2856,7 +2856,20 @@
* \def MBEDTLS_UTILS_ZEROIZE_ALT * \def MBEDTLS_UTILS_ZEROIZE_ALT
* *
* Uncomment the macro to let mbed TLS use your alternate implementation of * Uncomment the macro to let mbed TLS use your alternate implementation of
* mbedtls_zeroize(). * mbedtls_zeroize(). This replaced the default implementation in utils.c.
*
* mbedtls_zeroize() is a widely used function across the library to zero a
* block of memory. The implementation is expected to be secure in the sense
* that it has been written to prevent the compiler from removing calls to
* mbedtls_zeroize() as part of redundant code elimination optimizations.
* However, it is difficult to guarantee that calls to mbedtls_zeroize() will
* not be optimized by the compiler as older versions of the C language
* standards do not provide a secure implementation of memset(). Therefore,
* MBEDTLS_UTILS_ZEROIZE_ALT enables users to configure their own
* implementation of mbedtls_zeroize(), for example by using directives
* specific to their compiler, features from the C standard (e.g using
* memset_s() in C11) or calling a secure memset() from their system (e.g
* explicit_bzero() in BSD).
*/ */
//#define MBEDTLS_UTILS_ZEROIZE_ALT //#define MBEDTLS_UTILS_ZEROIZE_ALT