[Issue 10661] New: Add secureZeroMemory function in Phobos
d-bugmail at puremagic.com
d-bugmail at puremagic.com
Wed Jul 17 04:30:52 PDT 2013
http://d.puremagic.com/issues/show_bug.cgi?id=10661
Summary: Add secureZeroMemory function in Phobos
Product: D
Version: D2
Platform: All
OS/Version: All
Status: NEW
Severity: enhancement
Priority: P2
Component: Phobos
AssignedTo: nobody at puremagic.com
ReportedBy: bearophile_hugs at eml.cc
--- Comment #0 from bearophile_hugs at eml.cc 2013-07-17 04:30:49 PDT ---
I propose to add to Phobos a function similar to SecureZeroMemory that the D
compiler handles in a special way:
http://msdn.microsoft.com/en-us/library/windows/desktop/aa366877%28v=vs.85%29.aspx
This function acts like a memset, to zero an interval of memory. What's special
of it is that the compiler never optimizes it away. So it's usable in
cryptographic functions that must assure undesired information never exits the
function.
As example usage in std.digest.md, a strongly optimizing D compiler like LDC2
used with link-time optimization can optimize away this zeroing:
struct MD5
{
...
private nothrow pure void transform(const(ubyte[64])* block)
{
...
//Zeroize sensitive information.
x[] = 0;
}
That can be replaced by a call to secureZeroMemory() to ensure the desired
safety. Having a standard function in Phobos, supported by the compiler makes
this small feature portable across all D compilers, unlike C++ where
SecureZeroMemory is just a Windows function.
--
Configure issuemail: http://d.puremagic.com/issues/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
More information about the Digitalmars-d-bugs
mailing list