July 17, 2013 [Issue 10661] New: Add secureZeroMemory function in Phobos | ||||
|---|---|---|---|---|
| ||||
 | http://d.puremagic.com/issues/show_bug.cgi?id=10661 Summary: Add secureZeroMemory function in Phobos Product: D Version: D2 Platform: All OS/Version: All Status: NEW Severity: enhancement Priority: P2 Component: Phobos AssignedTo: nobody@puremagic.com ReportedBy: bearophile_hugs@eml.cc --- Comment #0 from bearophile_hugs@eml.cc 2013-07-17 04:30:49 PDT --- I propose to add to Phobos a function similar to SecureZeroMemory that the D compiler handles in a special way: http://msdn.microsoft.com/en-us/library/windows/desktop/aa366877%28v=vs.85%29.aspx This function acts like a memset, to zero an interval of memory. What's special of it is that the compiler never optimizes it away. So it's usable in cryptographic functions that must assure undesired information never exits the function. As example usage in std.digest.md, a strongly optimizing D compiler like LDC2 used with link-time optimization can optimize away this zeroing: struct MD5 { ... private nothrow pure void transform(const(ubyte[64])* block) { ... //Zeroize sensitive information. x[] = 0; } That can be replaced by a call to secureZeroMemory() to ensure the desired safety. Having a standard function in Phobos, supported by the compiler makes this small feature portable across all D compilers, unlike C++ where SecureZeroMemory is just a Windows function. -- Configure issuemail: http://d.puremagic.com/issues/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- | |||
Permalink
ReplyCopyright © 1999-2021 by the D Language Foundation