From b17ea48c568f9b8e86700cc28c21710be308ebae Mon Sep 17 00:00:00 2001 From: Guillaume Roguez <guillaume.roguez@savoirfairelinux.com> Date: Thu, 13 Jul 2017 01:25:10 -0400 Subject: [PATCH] security: introduce secure memory wipe function Add secure memory wipe functions, C and C++ callable. Could be used to erase sensitive informations from memory. Note: use SecureZeroMemory() on Win32. Change-Id: If5e4f44b500af8aa44e4bc52636be4e577243258 --- src/security/Makefile.am | 4 +++- src/security/memory.cpp | 49 ++++++++++++++++++++++++++++++++++++++++ src/security/memory.h | 46 +++++++++++++++++++++++++++++++++++++ 3 files changed, 98 insertions(+), 1 deletion(-) create mode 100644 src/security/memory.cpp create mode 100644 src/security/memory.h diff --git a/src/security/Makefile.am b/src/security/Makefile.am index 87ae2f1826..382d357323 100644 --- a/src/security/Makefile.am +++ b/src/security/Makefile.am @@ -9,4 +9,6 @@ libsecurity_la_SOURCES = \ tlsvalidator.cpp \ tlsvalidator.h \ certstore.cpp \ - certstore.h + certstore.h \ + memory.cpp \ + memory.h diff --git a/src/security/memory.cpp b/src/security/memory.cpp new file mode 100644 index 0000000000..ba79d9d4d6 --- /dev/null +++ b/src/security/memory.cpp @@ -0,0 +1,49 @@ +/* + * Copyright (C) 2017 Savoir-faire Linux Inc. + * + * Author: Guillaume Roguez <guillaume.roguez@savoirfairelinux.com> + * + * This program is free software; you can redistribute it and/or modify + * it under the terms of the GNU General Public License as published by + * the Free Software Foundation; either version 3 of the License, or + * (at your option) any later version. + * + * This program is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU General Public License for more details. + * + * You should have received a copy of the GNU General Public License + * along with this program; if not, write to the Free Software + * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA. + */ + +#include "memory.h" + +#ifdef _WIN32 +#include <windows.h> +#include <wincrypt.h> +#endif + +#include <algorithm> + +namespace ring { namespace secure { + +void +memzero(void* ptr, std::size_t length) +{ +#ifdef _WIN32 + SecureZeroMemory(ptr, length); +#else + volatile auto* p = static_cast<unsigned char*>(ptr); + std::fill_n(p, length, 0); +#endif +} + +}} + +extern "C" void +ring_secure_memzero(void* ptr, size_t length) +{ + ring::secure::memzero(ptr, length); +} diff --git a/src/security/memory.h b/src/security/memory.h new file mode 100644 index 0000000000..067166f4a8 --- /dev/null +++ b/src/security/memory.h @@ -0,0 +1,46 @@ +/* + * Copyright (C) 2017 Savoir-faire Linux Inc. + * + * Author: Guillaume Roguez <guillaume.roguez@savoirfairelinux.com> + * + * This program is free software; you can redistribute it and/or modify + * it under the terms of the GNU General Public License as published by + * the Free Software Foundation; either version 3 of the License, or + * (at your option) any later version. + * + * This program is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU General Public License for more details. + * + * You should have received a copy of the GNU General Public License + * along with this program; if not, write to the Free Software + * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA. + */ + +#pragma once + +#ifdef __cplusplus +#include <cstddef> +#else +#include <stddef.h> +#endif + +// C-callable versions of C++ APIs. +#ifdef __cplusplus +namespace { extern "C" { +#endif + +void ring_secure_memzero(void* ptr, size_t length); + +#ifdef __cplusplus +}; } + +namespace ring { namespace secure { + +/// Erase with \a size '0' the given memory starting at \a ptr pointer. +void memzero(void* ptr, std::size_t length); + +}} + +#endif // __cplusplus -- GitLab