On Tue, Nov 12, 2013 at 4:56 PM, Niels Möller nisse@lysator.liu.se wrote:
Attached is a patch that allows overwriting values (points and scalars) in the ECC API.
What's the use case? Just to clear sensitive memory, or do you do any operations on these values after zeroize? In the former case, maybe it's better to just let the ecc_*_clear functions do that? Cost should be negligible, compared to doing any real ecc operation.
I've checked it a bit further. Would the following on top of nettle be equivalent? void ecc_point_zeroize (struct ecc_point *p) { memset(p->p, 0, 2*ecc_size(p->ecc)*sizeof(mp_limb_t)); /* or using ecc_size_a() be better here? */ }
void ecc_scalar_zeroize (struct ecc_scalar *s); { memset(s->p, 0, ecc_size(s->ecc)*sizeof(mp_limb_t)); }
Then the only change needed in nettle would be for those sizes to be documented.
regards, Nikos