From b17ea48c568f9b8e86700cc28c21710be308ebae Mon Sep 17 00:00:00 2001
From: Guillaume Roguez <guillaume.roguez@savoirfairelinux.com>
Date: Thu, 13 Jul 2017 01:25:10 -0400
Subject: [PATCH] security: introduce secure memory wipe function
Add secure memory wipe functions, C and C++ callable.
Could be used to erase sensitive informations from memory.
Note: use SecureZeroMemory() on Win32.
Change-Id: If5e4f44b500af8aa44e4bc52636be4e577243258
---
src/security/Makefile.am | 4 +++-
src/security/memory.cpp | 49 ++++++++++++++++++++++++++++++++++++++++
src/security/memory.h | 46 +++++++++++++++++++++++++++++++++++++
3 files changed, 98 insertions(+), 1 deletion(-)
create mode 100644 src/security/memory.cpp
create mode 100644 src/security/memory.h
diff --git a/src/security/Makefile.am b/src/security/Makefile.am
index 87ae2f1826..382d357323 100644
--- a/src/security/Makefile.am
+++ b/src/security/Makefile.am
@@ -9,4 +9,6 @@ libsecurity_la_SOURCES = \
tlsvalidator.cpp \
tlsvalidator.h \
certstore.cpp \
- certstore.h
+ certstore.h \
+ memory.cpp \
+ memory.h
diff --git a/src/security/memory.cpp b/src/security/memory.cpp
new file mode 100644
index 0000000000..ba79d9d4d6
--- /dev/null
+++ b/src/security/memory.cpp
@@ -0,0 +1,49 @@
+/*
+ * Copyright (C) 2017 Savoir-faire Linux Inc.
+ *
+ * Author: Guillaume Roguez <guillaume.roguez@savoirfairelinux.com>
+ *
+ * This program is free software; you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation; either version 3 of the License, or
+ * (at your option) any later version.
+ *
+ * This program is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License
+ * along with this program; if not, write to the Free Software
+ * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
+ */
+
+#include "memory.h"
+
+#ifdef _WIN32
+#include <windows.h>
+#include <wincrypt.h>
+#endif
+
+#include <algorithm>
+
+namespace ring { namespace secure {
+
+void
+memzero(void* ptr, std::size_t length)
+{
+#ifdef _WIN32
+ SecureZeroMemory(ptr, length);
+#else
+ volatile auto* p = static_cast<unsigned char*>(ptr);
+ std::fill_n(p, length, 0);
+#endif
+}
+
+}}
+
+extern "C" void
+ring_secure_memzero(void* ptr, size_t length)
+{
+ ring::secure::memzero(ptr, length);
+}
diff --git a/src/security/memory.h b/src/security/memory.h
new file mode 100644
index 0000000000..067166f4a8
--- /dev/null
+++ b/src/security/memory.h
@@ -0,0 +1,46 @@
+/*
+ * Copyright (C) 2017 Savoir-faire Linux Inc.
+ *
+ * Author: Guillaume Roguez <guillaume.roguez@savoirfairelinux.com>
+ *
+ * This program is free software; you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation; either version 3 of the License, or
+ * (at your option) any later version.
+ *
+ * This program is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License
+ * along with this program; if not, write to the Free Software
+ * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
+ */
+
+#pragma once
+
+#ifdef __cplusplus
+#include <cstddef>
+#else
+#include <stddef.h>
+#endif
+
+// C-callable versions of C++ APIs.
+#ifdef __cplusplus
+namespace { extern "C" {
+#endif
+
+void ring_secure_memzero(void* ptr, size_t length);
+
+#ifdef __cplusplus
+}; }
+
+namespace ring { namespace secure {
+
+/// Erase with \a size '0' the given memory starting at \a ptr pointer.
+void memzero(void* ptr, std::size_t length);
+
+}}
+
+#endif // __cplusplus
--
GitLab