Try to ensure the compiler cannot optimise away attempts to erase secrets from memory

author: Mark Haines <mark.haines@matrix.org> 2015-02-27 16:11:30 +0000
committer: Mark Haines <mark.haines@matrix.org> 2015-02-27 16:11:30 +0000
commit: c7419e7cdffc8c8d54dd918b03ed2c497fe7ca42 (patch)
tree: 6fd1bf8666863e36ab4729ec0f1ca8438e88e745 /include/axolotl
parent: b3496b0aa16b8c4f9974ed54fca59ef631f83705 (diff)
2 files changed, 19 insertions, 0 deletions
diff --git a/include/axolotl/crypto.hh b/include/axolotl/crypto.hh
index 09e5b8e..162099f 100644
--- a/include/axolotl/crypto.hh
+++ b/include/axolotl/crypto.hh
@@ -28,6 +28,7 @@ struct Curve25519KeyPair : public Curve25519PublicKey {
     std::uint8_t private_key[32];
 };
 
+
 /** Generate a curve25519 key pair from 32 random bytes. */
 void generate_key(
     std::uint8_t const * random_32_bytes,
@@ -37,6 +38,7 @@ void generate_key(
 
 const std::size_t CURVE25519_SHARED_SECRET_LENGTH = 32;
 
+
 /** Create a shared secret using our private key and their public key.
  * The output buffer must be at least 32 bytes long. */
 void curve25519_shared_secret(
diff --git a/include/axolotl/memory.hh b/include/axolotl/memory.hh
new file mode 100644
index 0000000..7749c54
--- /dev/null
+++ b/include/axolotl/memory.hh
@@ -0,0 +1,17 @@
+#include <cstddef>
+
+namespace axolotl {
+
+/** Clear the memory held in the buffer */
+void unset(
+    volatile void * buffer, std::size_t buffer_length
+);
+
+/** Clear the memory backing an object */
+template<typename T>
+void unset(T & value) {
+    unset(reinterpret_cast<volatile void *>(&value), sizeof(T));
+}
+
+
+} // namespace axolotl
author	Mark Haines <mark.haines@matrix.org>	2015-02-27 16:11:30 +0000
committer	Mark Haines <mark.haines@matrix.org>	2015-02-27 16:11:30 +0000
commit	c7419e7cdffc8c8d54dd918b03ed2c497fe7ca42 (patch)
tree	6fd1bf8666863e36ab4729ec0f1ca8438e88e745 /include/axolotl
parent	b3496b0aa16b8c4f9974ed54fca59ef631f83705 (diff)