1/* BEGIN_HEADER */ 2#include "mbedtls/platform_util.h" 3/* END_HEADER */ 4 5/* BEGIN_CASE */ 6void mbedtls_platform_zeroize(int len, int null) 7{ 8 char buf[130]; 9 char *p = NULL; 10 11 TEST_ASSERT(len <= 128); 12 13 /* Write sentinel values */ 14 buf[0] = 2; 15 buf[len + 1] = 2; 16 17 /* Write non-zero content */ 18 if (!null) { 19 p = &buf[1]; 20 for (int i = 0; i < len; i++) { 21 p[i] = 1; 22 } 23 } 24 25 /* Check content is non-zero */ 26 TEST_EQUAL(buf[0], 2); 27 for (int i = 0; i < len; i++) { 28 TEST_ASSERT(p[i] == 1); 29 } 30 TEST_EQUAL(buf[len + 1], 2); 31 32 mbedtls_platform_zeroize(p, len); 33 34 /* Check content is zero and sentinels un-changed */ 35 TEST_EQUAL(buf[0], 2); 36 for (int i = 0; i < len; i++) { 37 TEST_ASSERT(p[i] == 0); 38 } 39 TEST_EQUAL(buf[len + 1], 2); 40} 41/* END_CASE */ 42 43/* BEGIN_CASE */ 44void mbedtls_platform_zeroize_uninitialised(int len, int p) 45{ 46 /* 47 * As per #7301: on some platforms, including modern Linux, Clang with Msan 48 * does not recognize that explicit_bzero() writes well-defined content to 49 * its output buffer. For us, this causes CMAC operations to fail in Msan 50 * builds when mbedtls_platform_zeroize() is implemented over 51 * explicit_bzero(). 52 * 53 * This test ensures we have a simple/obvious MSan test rather than 54 * spurious errors in crypto code that are hard to track down. 55 */ 56 char buf[128]; 57 mbedtls_platform_zeroize(buf, len); 58 59 TEST_EQUAL(buf[p], 0); 60} 61/* END_CASE */ 62