-
Notifications
You must be signed in to change notification settings - Fork 2.6k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
How to use macro for mbedtls_platform_zeroize() in Windows? #8490
Comments
What's wrong with the |
|
Yes, with one subtlety: By default, on Windows, |
With this definition the library compiles: |
That's odd. Is it just this program and no other? What build system are you using? We do one test build with |
Windows 11, Visual Studio 2022, library 3.5.0. Edit. The symbol is undefined in the library, hence any program that needs to zeroize memory cannot be built. |
Hmm, the doc says "Uncomment the macro to let Mbed TLS use your alternate implementation of While the documentation goes on to say "For example, define To actually use it as a
and ensure the header needed for |
Has it ever been tested in Windows? |
Too much time passed since experiments with a pointer to |
Agreed.
Also this part should be taken into account: mbedtls/include/mbedtls/platform_util.h Line 140 in 4122c16
If mbedtls_platform_zeroize macro was defined, then this block either declares an undefined external symbol or redeclares the target cleaner - RtlSecureZeroMemory in this case.
https://learn.microsoft.com/en-us/windows-hardware/drivers/ddi/wdm/nf-wdm-rtlsecurezeromemory |
I'm labeling this [bug] with the objective of fixing the documentation. I want to make the platform interfaces consistent, but that's an API change which has to wait for a major version. Hopefully we'll do this in 4.0. |
Should the code be made at least working in more than a trivial test case? This might be beneficial even when the drastic future changes were applied. |
mbedtls/include/mbedtls/mbedtls_config.h
Lines 299 to 301 in 4122c16
Suppose the goal is to replace
mbedtls_platform_zeroize
withRtlSecureZeroMemory
in MSVC.The quoted text hints it is sufficient to write:
#define MBEDTLS_PLATFORM_ZEROIZE_ALT RtlSecureZeroMemory
Is this correct?
The text was updated successfully, but these errors were encountered: