portable method to zeroize memory when destroying a mpz number
Vincent Lefevre
vincent at vinc17.net
Thu Mar 20 14:30:04 UTC 2014
On 2014-03-20 14:42:11 +0100, Vicente Benjumea wrote:
> void
> mpz_clear_zeroize (mpz_ptr m)
> {
> if (PTR (m) != NULL) {
> memset(PTR (m), 0, ALLOC (m) * BYTES_PER_MP_LIMB);
Are you sure that memset is safe? AFAIK, the C implementation
could have some optimization to do nothing if it knows that
the memory will never be read in the context of the C virtual
machine.
And what if the data have been stored in some swap space?
IMHO, you should use your own memory interface.
--
Vincent Lefèvre <vincent at vinc17.net> - Web: <https://www.vinc17.net/>
100% accessible validated (X)HTML - Blog: <https://www.vinc17.net/blog/>
Work: CR INRIA - computer arithmetic / AriC project (LIP, ENS-Lyon)
More information about the gmp-discuss
mailing list