Hi, On Tue, Nov 29, 2016 at 12:36:25AM +0100, David Sommerseth wrote: > If we "do not care" if a memory region is wiped or not (just that it's > nice if it happens), then I'd say these are code paths which *do* *not* > require CLEAR() at all.
"wiping" and "clearing a structure before using, so everything is
well-defined" are two very different things.
> If we *know* a certain memory region *must* be cleared, then we do the
> proper call which does what it promises us.
CLEAR() will also do what it promises: that the block in question is
zeroed *for subsequent use*.
What it does not promise is "if we never use it again, it is cleared
nevertheless" - that's what secure_memzero() is for.
One thing is "initialization before use", one is "scrubbing so secret
material doesn't leak *after* use".
Different requirements, different functions. Reasonable approach.
gert
--
USENET is *not* the non-clickable part of WWW!
//www.muc.de/~gert/
Gert Doering - Munich, Germany g...@greenie.muc.de
fax: +49-89-35655025 g...@net.informatik.tu-muenchen.de
signature.asc
Description: PGP signature
------------------------------------------------------------------------------
_______________________________________________ Openvpn-devel mailing list Openvpn-devel@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/openvpn-devel
