1 module crypto.utils; 2 3 /* 4 The MIT License (MIT) 5 6 Copyright (c) 2019 DarkRiDDeR 7 8 Permission is hereby granted, free of charge, to any person obtaining a copy 9 of this software and associated documentation files (the "Software"), to deal 10 in the Software without restriction, including without limitation the rights 11 to use, copy, modify, merge, publish, distribute, sublicense, and/or sell 12 copies of the Software, and to permit persons to whom the Software is 13 furnished to do so, subject to the following conditions: 14 15 The above copyright notice and this permission notice shall be included in all 16 copies or substantial portions of the Software. 17 18 THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR 19 IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, 20 FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE 21 AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER 22 LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, 23 OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE 24 SOFTWARE. 25 */ 26 27 /** 28 * Fills a block of memory with zeros. It is designed to be a more secure version of ZeroMemory. 29 * 30 * !!! function secureZeroMemory processes data by byte. 31 * 32 * Use this function instead of ZeroMemory when you want to ensure that your data will be overwritten promptly, 33 * as some compilers can optimize a call to ZeroMemory by removing it entirely. 34 */ 35 void secureZeroMemory(void* p, in size_t length) pure nothrow @nogc 36 { 37 version (D_InlineAsm_X86_64) 38 { 39 asm pure nothrow @nogc 40 { 41 mov RBX, [p]; 42 mov RDX, p; 43 mov RCX, length; 44 iter: 45 xor RBX, RBX; 46 mov [RDX], RBX; 47 inc RDX; 48 loop iter; 49 } 50 } 51 else version (D_InlineAsm_X86) 52 { 53 asm pure nothrow @nogc 54 { 55 mov EBX, [p]; 56 mov EDX, p; 57 mov ECX, length; 58 iter: 59 xor EBX, EBX; 60 mov [EDX], EBX; 61 inc EDX; 62 loop iter; 63 } 64 } 65 else version (LDC) 66 { 67 import ldc.intrinsics : llvm_memset; 68 llvm_memset(p, 0, length, true); // The "true" means volatile. 69 } 70 else 71 { 72 static if (__VERSION__ >= 2089) 73 import core..volatile : volatileStore; 74 else 75 import core.bitop : volatileStore; 76 static void zero(void* p, size_t remaining) @nogc nothrow 77 { 78 for (; remaining != 0 && (cast(size_t) p) % size_t.alignof != 0; ++p, --remaining) 79 volatileStore(cast(ubyte*) p, ubyte(0)); 80 for (; remaining >= size_t.sizeof; p += size_t.sizeof, remaining -= size_t.sizeof) 81 volatileStore(cast(size_t*) p, size_t(0)); 82 for (; remaining != 0; ++p, --remaining) 83 volatileStore(cast(ubyte*) p, ubyte(0)); 84 } 85 // Workaround because volatileStore is not annotated "pure". 86 (cast(void function(void*, size_t) @nogc nothrow pure) &zero)(p, length); 87 } 88 } 89 90 void secureZeroMemory(void[] ar) pure nothrow @nogc 91 { 92 if (ar.length == 0) 93 { 94 return; 95 } 96 97 secureZeroMemory(ar.ptr, ar.length); 98 } 99 100 unittest 101 { 102 auto ar = new ubyte[255]; 103 auto ar2 = ar.dup; 104 105 foreach (i, ref e; ar2) 106 e = cast(ubyte)i; 107 assert(ar != ar2); 108 109 secureZeroMemory(ar2.ptr, ar2.length); 110 assert(ar == ar2); 111 112 113 uint[] i = [0, 0, 0, 0, 0 ]; 114 uint[] i2 = [8, 5, 99, 5, 99]; 115 // !!! function secureZeroMemory processes data by byte. Therefore, it is wrong: 116 secureZeroMemory(i2.ptr, i2.length); 117 assert(i != i2); 118 // Need to calculate the length: 119 secureZeroMemory(i2.ptr, uint.sizeof * i2.length); 120 assert(i == i2); 121 122 // or use a cast to type void[] 123 i2 = [8, 5, 99, 5, 99]; 124 secureZeroMemory(cast(void[])i2); 125 assert(i == i2); 126 }