cl_clear_secret - Man Page

Overwrite secret data in memory with libcanlock

Synopsis

#include <libcanlock-3/canlock.h>

int cl_clear_secret(void *sec, size_t sec_size,
                    size_t buf_size);

Description

The cl_clear_secret() function tries to overwrite sec_size bytes of memory starting at the address specified by the sec parameter.

The size buf_size must be set to the size of the whole buffer.

If the operating system provides memset_s(), it is called with both length values. Otherwise nonportable functions like explicit_memset() are used if available.
If neither memset_s() nor a nonportable replacement is available, a call to memset() is used instead, but the compiler maybe optimize this attempt to NOP. A positive value is returned as warning.

Return Value

Upon successful completion zero is returned.
Negative values indicate an error.
Positive values indicate a warning.

The value -1 is returned if the parameter sec is NULL or if sec_size is greater than buf_size.

The value 1 indicates missing support for explicit memory access from the operating system.

Authors

Michael Baeuerle

Reporting Bugs

Report bugs to <mailto:michael.baeuerle@gmx.net>.

Standards

libcanlock tries to comply with the following standards:

RFC 5537, RFC 6234, RFC 8315

See Also

cl_get_key(3), cl_get_lock(3), cl_split(3), cl_verify(3), cl_verify_multi(3), canlock(1), memset(3), memset_s(3)

Referenced By

canlock(1), cl_get_key(3), cl_get_lock(3), cl_split(3), cl_verify(3), cl_verify_multi(3).

2024-05-11 Unix libcanlock 3.3.1 manual