Index

NAME

cl_clear_secret - Overwrite secret data in memory

SYNOPSIS

#include <libcanlock-3/canlock.h>

int cl_clear_secret(void *sec, size_t sec_size,
                    size_t buf_size);

DESCRIPTION

The cl_clear_secret() function tries to overwrite sec_size bytes of memory starting at the address specified by the sec parameter.

The size buf_size must be set to the size of the whole buffer.

If the operating system provides memset_s(), it is called with both length values. Otherwise nonportable functions like explicit_memset() are used if available.
If neither memset_s() nor a nonportable replacement is available, a call to memset() is used instead, but the compiler maybe optimized this attempt to NOP. A positive value is returned as warning.

RETURN VALUE

Upon successful completion zero is returned.
Negative values indicate an error.
Positive values indicate a warning.

The value -1 is returned if the parameter sec is NULL or if sec_size is greater than buf_size.

The value 1 indicates missing support for explicit memory access from the operating system.

AUTHORS

Michael Bäuerle

REPORTING BUGS

Report bugs to <mailto:michael.baeuerle@gmx.net>.

STANDARDS

libcanlock tries to comply with the following standards:

RFC 5537, RFC 6234, RFC 8315

SEE ALSO

cl_get_key(3), cl_get_lock(3), cl_split(3), cl_verify(3), cl_verify_multi(3), canlock(1), memset(3), memset_s(3)