Issue 10661 - Add secureZeroMemory function in Phobos
Summary: Add secureZeroMemory function in Phobos
Status: NEW
Alias: None
Product: D
Classification: Unclassified
Component: phobos (show other issues)
Version: D2
Hardware: All All
: P4 enhancement
Assignee: No Owner
URL:
Keywords:
Depends on:
Blocks:
 
Reported: 2013-07-17 04:30 UTC by bearophile_hugs
Modified: 2024-12-01 16:18 UTC (History)
3 users (show)

See Also:

Attachments
Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this issue.
Description bearophile_hugs 2013-07-17 04:30:49 UTC 
I propose to add to Phobos a function similar to SecureZeroMemory that the D compiler handles in a special way:

http://msdn.microsoft.com/en-us/library/windows/desktop/aa366877%28v=vs.85%29.aspx

This function acts like a memset, to zero an interval of memory. What's special of it is that the compiler never optimizes it away. So it's usable in cryptographic functions that must assure undesired information never exits the function.


As example usage in std.digest.md, a strongly optimizing D compiler like LDC2 used with link-time optimization can optimize away this zeroing:


struct MD5
{
...
        private nothrow pure void transform(const(ubyte[64])* block)
        {
...
            //Zeroize sensitive information.
            x[] = 0;
        }


That can be replaced by a call to secureZeroMemory() to ensure the desired safety. Having a standard function in Phobos, supported by the compiler makes this small feature portable across all D compilers, unlike C++ where SecureZeroMemory is just a Windows function.
Comment 1 David Nadlinger 2014-04-27 13:16:37 UTC 
+1, this is essential for resilient crypto code.
Comment 2 Walter Bright 2014-04-27 18:47:38 UTC 
So who wants to implement it?
Comment 3 bearophile_hugs 2014-04-27 18:52:25 UTC 
(In reply to Walter Bright from comment #2)
> So who wants to implement it?

How do you like to implement it? As a special case, or introducing some kind of generic and reusable annotation, like @keep_function that tells the D compiler to never optimize away the calls to a specific function? I don't know what other cases there are of functions that must never be removed.
Comment 4 yebblies 2014-07-31 17:40:05 UTC 
(In reply to bearophile_hugs from comment #3)
> (In reply to Walter Bright from comment #2)
> > So who wants to implement it?
> 
> How do you like to implement it? As a special case, or introducing some kind
> of generic and reusable annotation, like @keep_function that tells the D
> compiler to never optimize away the calls to a specific function? I don't
> know what other cases there are of functions that must never be removed.

volatileMemset
Comment 5 Walter Bright 2014-09-09 19:03:32 UTC 
volatileMemset() should call the C memset_s() function, if that function exists.

Also, there should be a zeroRegisters() function that zeros out all the scratch registers.
Comment 6 Orvid King 2014-09-09 19:12:24 UTC 
I believe this should be in the runtime rather than phobos, primarily because 
it is very dependent on the specific architecture in use.
Comment 7 dlangBugzillaToGithub 2024-12-01 16:18:21 UTC 
THIS ISSUE HAS BEEN MOVED TO GITHUB

https://github.com/dlang/phobos/issues/9611

DO NOT COMMENT HERE ANYMORE, NOBODY WILL SEE IT, THIS ISSUE HAS BEEN MOVED TO GITHUB