security: introduce secure memory wipe function

Add secure memory wipe functions, C and C++ callable. Could be used to erase sensitive informations from memory. Note: use SecureZeroMemory() on Win32. Change-Id: If5e4f44b500af8aa44e4bc52636be4e577243258

security: introduce secure memory wipe function
b17ea48c · Guillaume Roguez · 86cdc438 · b17ea48c · b17ea48c · b17ea48c
Commit b17ea48c authored 8 years ago by Guillaume Roguez
--- a/src/security/Makefile.am
+++ b/src/security/Makefile.am
@@ -9,4 +9,6 @@ libsecurity_la_SOURCES = \
 		tlsvalidator.cpp \
 		tlsvalidator.h \
 		certstore.cpp \
-		certstore.h
+		certstore.h \
+		memory.cpp \
+		memory.h
--- a/src/security/memory.cpp
+++ b/src/security/memory.cpp
+/*
+ *  Copyright (C) 2017 Savoir-faire Linux Inc.
+ *
+ *  Author: Guillaume Roguez <guillaume.roguez@savoirfairelinux.com>
+ *
+ *  This program is free software; you can redistribute it and/or modify
+ *  it under the terms of the GNU General Public License as published by
+ *  the Free Software Foundation; either version 3 of the License, or
+ *  (at your option) any later version.
+ *
+ *  This program is distributed in the hope that it will be useful,
+ *  but WITHOUT ANY WARRANTY; without even the implied warranty of
+ *  MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+ *  GNU General Public License for more details.
+ *
+ *  You should have received a copy of the GNU General Public License
+ *  along with this program; if not, write to the Free Software
+ *  Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA  02110-1301 USA.
+ */
+#include "memory.h"
+#ifdef _WIN32
+#include <windows.h>
+#include <wincrypt.h>
+#endif
+#include <algorithm>
+namespace ring { namespace secure {
+void
+memzero(void* ptr, std::size_t length)
+{
+#ifdef _WIN32
+    SecureZeroMemory(ptr, length);
+#else
+    volatile auto* p = static_cast<unsigned char*>(ptr);
+    std::fill_n(p, length, 0);
+#endif
+}
+}}
+extern "C" void
+ring_secure_memzero(void* ptr, size_t length)
+{
+    ring::secure::memzero(ptr, length);
+}
--- a/src/security/memory.h
+++ b/src/security/memory.h
+/*
+ *  Copyright (C) 2017 Savoir-faire Linux Inc.
+ *
+ *  Author: Guillaume Roguez <guillaume.roguez@savoirfairelinux.com>
+ *
+ *  This program is free software; you can redistribute it and/or modify
+ *  it under the terms of the GNU General Public License as published by
+ *  the Free Software Foundation; either version 3 of the License, or
+ *  (at your option) any later version.
+ *
+ *  This program is distributed in the hope that it will be useful,
+ *  but WITHOUT ANY WARRANTY; without even the implied warranty of
+ *  MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+ *  GNU General Public License for more details.
+ *
+ *  You should have received a copy of the GNU General Public License
+ *  along with this program; if not, write to the Free Software
+ *  Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA  02110-1301 USA.
+ */
+#pragma once
+#ifdef __cplusplus
+#include <cstddef>
+#else
+#include <stddef.h>
+#endif
+// C-callable versions of C++ APIs.
+#ifdef __cplusplus
+namespace { extern "C" {
+#endif
+void ring_secure_memzero(void* ptr, size_t length);
+#ifdef __cplusplus
+}; }
+namespace ring { namespace secure {
+/// Erase with \a size '0' the given memory starting at \a ptr pointer.
+void memzero(void* ptr, std::size_t length);
+}}
+#endif // __cplusplus