%{_includedir}/ckm/ckm/ckm-pkcs12.h
%{_includedir}/ckm/ckm/ckm-raw-buffer.h
%{_includedir}/ckm/ckm/ckm-type.h
+%{_includedir}/ckm/ckm/ckm-zero-memory.h
%{_includedir}/ckm/ckmc/ckmc-manager.h
%{_includedir}/ckm/ckmc/ckmc-control.h
%{_includedir}/ckm/ckmc/ckmc-error.h
${KEY_MANAGER_SRC_PATH}/include/ckm/ckm-pkcs12.h
${KEY_MANAGER_SRC_PATH}/include/ckm/ckm-raw-buffer.h
${KEY_MANAGER_SRC_PATH}/include/ckm/ckm-type.h
+ ${KEY_MANAGER_SRC_PATH}/include/ckm/ckm-zero-memory.h
DESTINATION /usr/include/ckm/ckm
)
INSTALL(FILES
#define _SAFE_BUFFER_H_
#include <stddef.h>
-#include <string.h>
#include <vector>
+#include <ckm/ckm-zero-memory.h>
+
namespace CKM {
template <typename T>
void deallocate(T *ptr, std::size_t n)
{
// clear the memory before deleting
- memset(ptr, 0 , n * sizeof(T));
+ ZeroMemory(reinterpret_cast<unsigned char*>(ptr), n * sizeof(T));
::operator delete(ptr);
}
--- /dev/null
+/*
+ * Copyright (c) 2019 Samsung Electronics Co., Ltd All Rights Reserved
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License
+ */
+/*
+ * @file ckm-zero-memory.h
+ * @author Krzysztof Jackiewicz (k.jackiewicz@samsung.com)
+ * @version 1.0
+ * @brief
+ */
+
+#pragma once
+
+#include <cstddef>
+
+namespace CKM {
+
+void ZeroMemory(unsigned char* buffer, size_t size);
+
+} // namespace CKM
+
${COMMON_PATH}/common/key-aes-impl.cpp
${COMMON_PATH}/common/pkcs12-impl.cpp
${COMMON_PATH}/common/log-setup.cpp
+ ${COMMON_PATH}/common/ckm-zero-memory.cpp
${COMMON_PATH}/dpl/log/src/abstract_log_provider.cpp
${COMMON_PATH}/dpl/log/src/dlog_log_provider.cpp
${COMMON_PATH}/dpl/log/src/log.cpp
--- /dev/null
+/*
+ * Copyright (c) 2019 Samsung Electronics Co., Ltd All Rights Reserved
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License
+ */
+/*
+ * @file ckm-zero-memory.cpp
+ * @author Krzysztof Jackiewicz (k.jackiewicz@samsung.com)
+ * @version 1.0
+ * @brief
+ */
+
+#include <ckm/ckm-zero-memory.h>
+
+#include <string.h>
+
+#include <symbol-visibility.h>
+
+namespace CKM {
+
+// Temporarily disable optimizations to make sure that memset() is not optimized out.
+#pragma GCC push_options
+#pragma GCC optimize("O0")
+
+COMMON_API void ZeroMemory(unsigned char* buffer, size_t size)
+{
+ memset(buffer, 0, size);
+}
+
+#pragma GCC pop_options
+
+} // namespace CKM
#include <exception.h>
#include <key-provider.h>
#include <dpl/log/log.h>
+#include <ckm/ckm-zero-memory.h>
#include <string.h>
#include <array>
KeyAndInfoContainer::~KeyAndInfoContainer()
{
// overwrite key
- char *ptr = reinterpret_cast<char *>(&keyAndInfo);
- memset(ptr, 0, sizeof(KeyAndInfo));
-
- // verification
- for (size_t size = 0; size < sizeof(KeyAndInfo); ++size) {
- if (ptr[size])
- LogError("Write memory error! Memory used by key was not owerwritten.");
- }
+ ZeroMemory(reinterpret_cast<unsigned char*>(&keyAndInfo), sizeof(KeyAndInfo));
}
KeyProvider::KeyProvider() :
#include <unistd.h>
#include <dirent.h>
#include <sys/stat.h>
+#include <string.h>
#include <dpl/log/log.h>
#include <ss-crypto.h>