Leichter, Jerry wrote:

On Wed, 12 Dec 2007, Thierry Moreau wrote:

| Date: Wed, 12 Dec 2007 16:24:43 -0500
| From: Thierry Moreau <[EMAIL PROTECTED]>
| To: "Leichter, Jerry" <[EMAIL PROTECTED]>
| Cc: Peter Gutmann <[EMAIL PROTECTED]>, cryptography@metzdowd.com
| Subject: Re: More on in-memory zeroisation
| | /************ testf.c ************/
| #include <stdio.h>
| #include <string.h>
| | typedef void *(*fpt_t)(void *, int, size_t); | | void f(fpt_t arg)
| {
|       if (memset==arg)
|               printf("Hello world!\n");
| }
| | /************ test.c ************/
| #include <stdlib.h>
| #include <string.h>
| | typedef void *(*fpt_t)(void *, int, size_t); | | extern void f(fpt_t arg); | | int main(int argc, char *argv[])
| {
|       f(memset);
|       return EXIT_SUCCESS;
| }
| | /* I don't want to argue too theoretically. | | - Thierry Moreau */
I'm not sure what you are trying to prove here.  Yes, I believe that
in most implementations, this will print "Hello world\n".  Is it,
however, a strictly conforming program (I think that's the right
standardese) - i.e., are the results guaranteed to be the same on
all conforming implementations?  I think you'll find it difficult
to prove that.

If there is a consensus among comforming implementation developers that the above program is comforming, that's a good enough "proof" for me.

As a consequence of alleged consensus above, my understanding of the C standard would prevail and (memset)(?,0,?) would refer to an external linkage function, which would guarantee (to the sterngth of the above consensus) resetting an arbitrary memory area for secret intermediate result protection.

Reading ANSI X3.159-1989, I believe there would be such a consensus, and I find it quite obvious. You may disagree, and I will no further argument.



- Thierry Moreau

The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to [EMAIL PROTECTED]

Reply via email to