In message <[EMAIL PROTECTED]> on Sat, 23 Nov 2002 13:36:43
-0500, Geoff Thorpe <[EMAIL PROTECTED]> said:
geoff> But then we already knew that - Peter Gutmann had pointed out in the past
geoff> that a single write of zeroes to disk or memory doesn't protect against
geoff> the previous values being retrieved if you have physical (power-off)
geoff> access. So aggressive compilers are simply forcing an issue we should
geoff> have confronted anyway - clean the memory properly.
geoff>
geoff> Eg.
geoff> CRYPTO_cleanse(void *ptr, size_t len)
geoff> {
geoff> static unsigned char foo = 0;
geoff> unsigned char *p = ptr;
geoff> size_t loop = len;
geoff> while(loop--) {
geoff> *(p++) = foo++;
geoff> foo += (17 + (unsigned char)(p & 0xF))
geoff> }
geoff> if(memchr(ptr, foo, len))
geoff> foo += 63;
geoff> }
I like that one. If noone sees a problem, I'll insert that as soon as
I have some time.
--
Richard Levitte \ Spannvägen 38, II \ [EMAIL PROTECTED]
Redakteur@Stacken \ S-168 35 BROMMA \ T: +46-8-26 52 47
\ SWEDEN \ or +46-708-26 53 44
Procurator Odiosus Ex Infernis -- [EMAIL PROTECTED]
Member of the OpenSSL development team: http://www.openssl.org/
Unsolicited commercial email is subject to an archival fee of $400.
See <http://www.stacken.kth.se/~levitte/mail/> for more info.
______________________________________________________________________
OpenSSL Project http://www.openssl.org
User Support Mailing List [EMAIL PROTECTED]
Automated List Manager [EMAIL PROTECTED]
