mbedtls_platform_zeroize() function

Securely zeroize a buffer The function is meant to wipe the data contained in a buffer so that it can no longer be recovered even if the program memory is later compromised. Call this function on sensitive data stored on the stack before returning from a function, and on sensitive data stored on the heap before freeing the heap object. It is extremely difficult to guarantee that calls to mbedtls_platform_zeroize() are not removed by aggressive compiler optimizations in a portable way. For this reason, Mbed TLS provides the configuration option MBEDTLS_PLATFORM_ZEROIZE_ALT, which allows users to configure mbedtls_platform_zeroize() to use a suitable implementation for their platform and needs

Syntax

Show:

Summary

Declaration

Definition

from platform_util.h:148

void mbedtls_platform_zeroize( void *buf, size_t len );

Implemented in platform_util.c:73

Arguments

Argument

Declared as

Description

buf

void *

Buffer to be zeroized

len

size_t

Length of the buffer in bytes

Examples

References

from examples

mbedtls_platform_zeroize() function

Syntax

Arguments

Examples

References

Call Tree

Data Use

Class Tree

Override Tree

Implementations

Instances

Lifecycle