Alessandro Ghedini via RT <r...@openssl.org> wrote: > I was also wondering whether it would make sense to just drop the asm > implementations. Does the speed-up justify the added complexity? >
IMO, it should work like this: * memset_s when memset_s is available. * Otherwise, SecureZeroMemory, when SecureZeroMemory is available. * Otherwise, if a flag OPENSSL_REQUIRE_SECURE_ZERO is set, fail. * Otherwise, use an assembly language implementation, if available. * Otherwise, emit a warning and use the C implementation. Note in particular that the C compiler is allowed to completely defeat the purpose of the function unless SecureZeroMemory or memset_s is used, even if you use "volatile" or other tricks. The primary purpose of the assembly language implementations is to reduce the possibility that the C compiler will do the weird things that C compilers love to do. Cheers, Brian -- https://briansmith.org/
_______________________________________________ openssl-dev mailing list To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-dev