1 // Copyright 2024 Google LLC 2 // 3 // Licensed under the Apache License, Version 2.0 (the "License"); you may not 4 // use this file except in compliance with the License. You may obtain a copy of 5 // the License at 6 // 7 // https://www.apache.org/licenses/LICENSE-2.0 8 // 9 // Unless required by applicable law or agreed to in writing, software 10 // distributed under the License is distributed on an "AS IS" BASIS, WITHOUT 11 // WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the 12 // License for the specific language governing permissions and limitations under 13 // the License. 14 15 #ifndef DICE_OPS_CLEAR_MEMORY_H_ 16 #define DICE_OPS_CLEAR_MEMORY_H_ 17 18 #include <stddef.h> 19 20 #ifdef __cplusplus 21 extern "C" { 22 #endif 23 24 // Securely clears |size| bytes at |address|. This project contains a basic 25 // implementation. OPENSSL_cleanse from boringssl, SecureZeroMemory from 26 // Windows and memset_s from C11 could also be used as an implementation but a 27 // particular target platform or toolchain may have a better implementation 28 // available that can be plugged in here. Care may be needed to ensure sensitive 29 // data does not leak due to features such as caches. 30 void DiceClearMemory(void* context, size_t size, void* address); 31 32 #ifdef __cplusplus 33 } // extern "C" 34 #endif 35 36 #endif // DICE_OPS_CLEAR_MEMORY_H_ 37