mbedTLS
mbedtls_platform_zeroize() is only used within mbedTLS.
 
Symbols
loading...
Files
loading...
CodeScopeSTM32 Libraries and SamplesmbedTLSmbedtls_platform_zeroize()

mbedtls_platform_zeroize() function

Securely zeroize a buffer The function is meant to wipe the data contained in a buffer so that it can no longer be recovered even if the program memory is later compromised. Call this function on sensitive data stored on the stack before returning from a function, and on sensitive data stored on the heap before freeing the heap object. It is extremely difficult to guarantee that calls to mbedtls_platform_zeroize() are not removed by aggressive compiler optimizations in a portable way. For this reason, Mbed TLS provides the configuration option MBEDTLS_PLATFORM_ZEROIZE_ALT, which allows users to configure mbedtls_platform_zeroize() to use a suitable implementation for their platform and needs

Syntax

void mbedtls_platform_zeroize( void *buf,     size_t len );
Implemented in platform_util.c:73

Arguments

buf

Buffer to be zeroized

len

Length of the buffer in bytes

References

LocationReferrerText
platform_util.c:73
void mbedtls_platform_zeroize( void *buf, size_t len )
platform_util.h:148
void mbedtls_platform_zeroize( void *buf, size_t len );
aes.c:530mbedtls_aes_free()
mbedtls_platform_zeroize( ctx, sizeof( mbedtls_aes_context ) );
asn1parse.c:312mbedtls_asn1_get_alg()
mbedtls_platform_zeroize( params, sizeof(mbedtls_asn1_buf) );
asn1parse.c:357mbedtls_asn1_free_named_data()
mbedtls_platform_zeroize( cur, sizeof( mbedtls_asn1_named_data ) );
bignum.c:83mbedtls_mpi_zeroize()
mbedtls_platform_zeroize( v, ciL * n );
camellia.c:339mbedtls_camellia_free()
mbedtls_platform_zeroize( ctx, sizeof( mbedtls_camellia_context ) );
cipher.c:179mbedtls_cipher_free()
mbedtls_platform_zeroize( ctx, sizeof(mbedtls_cipher_context_t) );
ctr_drbg.c:136mbedtls_ctr_drbg_free()
mbedtls_platform_zeroize( ctx, sizeof( mbedtls_ctr_drbg_context ) );
ctr_drbg.c:256block_cipher_df()
mbedtls_platform_zeroize( buf, sizeof( buf ) );
ctr_drbg.c:257block_cipher_df()
mbedtls_platform_zeroize( tmp, sizeof( tmp ) );
ctr_drbg.c:258block_cipher_df()
mbedtls_platform_zeroize( key, sizeof( key ) );
ctr_drbg.c:259block_cipher_df()
mbedtls_platform_zeroize( chain, sizeof( chain ) );
ctr_drbg.c:265block_cipher_df()
mbedtls_platform_zeroize( output, MBEDTLS_CTR_DRBG_SEEDLEN );
ctr_drbg.c:318ctr_drbg_update_internal()
mbedtls_platform_zeroize( tmp, sizeof( tmp ) );
ctr_drbg.c:350mbedtls_ctr_drbg_update_ret()
mbedtls_platform_zeroize( add_input, sizeof( add_input ) );
ctr_drbg.c:426mbedtls_ctr_drbg_reseed()
mbedtls_platform_zeroize( seed, sizeof( seed ) );
ctr_drbg.c:518mbedtls_ctr_drbg_random_with_add()
mbedtls_platform_zeroize( add_input, sizeof( add_input ) );
ctr_drbg.c:519mbedtls_ctr_drbg_random_with_add()
mbedtls_platform_zeroize( tmp, sizeof( tmp ) );
ecp.c:623mbedtls_ecp_group_free()
mbedtls_platform_zeroize( grp, sizeof( mbedtls_ecp_group ) );
entropy.c:139mbedtls_entropy_free()
mbedtls_platform_zeroize( ctx->source, sizeof( ctx->source ) );
entropy.c:231entropy_update()
mbedtls_platform_zeroize( tmp, sizeof( tmp ) );
entropy.c:299entropy_gather_internal()
mbedtls_platform_zeroize( buf, sizeof( buf ) );
entropy.c:432mbedtls_entropy_func()
mbedtls_platform_zeroize( buf, sizeof( buf ) );
gcm.c:536mbedtls_gcm_auth_decrypt()
mbedtls_platform_zeroize( output, length );
gcm.c:548mbedtls_gcm_free()
mbedtls_platform_zeroize( ctx, sizeof( mbedtls_gcm_context ) );
md.c:192mbedtls_md_free()
mbedtls_platform_zeroize( ctx->hmac_ctx,
md.c:197mbedtls_md_free()
mbedtls_platform_zeroize( ctx, sizeof( mbedtls_md_context_t ) );
md.c:361mbedtls_md_hmac_starts()
mbedtls_platform_zeroize( sum, sizeof( sum ) );
pem.c:358mbedtls_pem_read_buffer()
mbedtls_platform_zeroize( buf, len );
pem.c:411mbedtls_pem_read_buffer()
mbedtls_platform_zeroize( buf, len );
pem.c:428mbedtls_pem_free()
mbedtls_platform_zeroize( ctx->buf, ctx->buflen );
pem.c:433mbedtls_pem_free()
mbedtls_platform_zeroize( ctx, sizeof( mbedtls_pem_context ) );
pk.c:75mbedtls_pk_free()
mbedtls_platform_zeroize( ctx, sizeof( mbedtls_pk_context ) );
sha256.c:93mbedtls_sha256_free()
mbedtls_platform_zeroize( ctx, sizeof( mbedtls_sha256_context ) );
sha512.c:107mbedtls_sha512_free()
mbedtls_platform_zeroize( ctx, sizeof( mbedtls_sha512_context ) );
ssl_tls.c:551tls_prf_generic()
mbedtls_platform_zeroize( tmp, sizeof( tmp ) );
ssl_tls.c:552tls_prf_generic()
mbedtls_platform_zeroize( h_i, sizeof( h_i ) );
ssl_tls.c:761mbedtls_ssl_derive_keys()
mbedtls_platform_zeroize( handshake->premaster,
ssl_tls.c:773mbedtls_ssl_derive_keys()
mbedtls_platform_zeroize( tmp, sizeof( tmp ) );
ssl_tls.c:801mbedtls_ssl_derive_keys()
mbedtls_platform_zeroize( handshake->randbytes,
ssl_tls.c:1083mbedtls_ssl_derive_keys()
mbedtls_platform_zeroize( keyblk, sizeof( keyblk ) );
ssl_tls.c:6252ssl_calc_finished_tls_sha256()
mbedtls_platform_zeroize( padbuf, sizeof( padbuf ) );
ssl_tls.c:6301ssl_calc_finished_tls_sha384()
mbedtls_platform_zeroize( padbuf, sizeof( padbuf ) );
ssl_tls.c:7526mbedtls_ssl_set_hostname()
mbedtls_platform_zeroize( ssl->hostname, strlen( ssl->hostname ) );
ssl_tls.c:8763mbedtls_ssl_transform_free()
mbedtls_platform_zeroize( transform, sizeof( mbedtls_ssl_transform ) );
ssl_tls.c:8903mbedtls_ssl_handshake_free()
mbedtls_platform_zeroize( handshake,
ssl_tls.c:8924mbedtls_ssl_session_free()
mbedtls_platform_zeroize( session, sizeof( mbedtls_ssl_session ) );
ssl_tls.c:8939mbedtls_ssl_free()
mbedtls_platform_zeroize( ssl->out_buf, MBEDTLS_SSL_OUT_BUFFER_LEN );
ssl_tls.c:8945mbedtls_ssl_free()
mbedtls_platform_zeroize( ssl->in_buf, MBEDTLS_SSL_IN_BUFFER_LEN );
ssl_tls.c:8983mbedtls_ssl_free()
mbedtls_platform_zeroize( ssl->hostname, strlen( ssl->hostname ) );
ssl_tls.c:9003mbedtls_ssl_free()
mbedtls_platform_zeroize( ssl, sizeof( mbedtls_ssl_context ) );
ssl_tls.c:9249mbedtls_ssl_config_free()
mbedtls_platform_zeroize( conf, sizeof( mbedtls_ssl_config ) );
x509_crt.c:2644mbedtls_x509_crt_free()
mbedtls_platform_zeroize( name_prv, sizeof( mbedtls_x509_name ) );
x509_crt.c:2653mbedtls_x509_crt_free()
mbedtls_platform_zeroize( name_prv, sizeof( mbedtls_x509_name ) );
x509_crt.c:2662mbedtls_x509_crt_free()
mbedtls_platform_zeroize( seq_prv,
x509_crt.c:2672mbedtls_x509_crt_free()
mbedtls_platform_zeroize( seq_prv,
x509_crt.c:2679mbedtls_x509_crt_free()
mbedtls_platform_zeroize( cert_cur->raw.p, cert_cur->raw.len );
x509_crt.c:2693mbedtls_x509_crt_free()
mbedtls_platform_zeroize( cert_prv, sizeof( mbedtls_x509_crt ) );

Call Tree

Data read by mbedtls_platform_zeroize()
all items filtered out
mbedtls_platform_zeroize()