Replace consttime_bcmp/explicit_bzero by consttime_memequal/explicit_memset.

consttime_memequal is the same as the old consttime_bcmp.
explicit_memset is to memset as explicit_bzero was to bcmp.

Passes amd64 release and i386/ALL, but I'm sure I missed some spots,
so please let me know.

common/lib/libc/string/consttime_memequal.c

@@ -1,14 +1,14 @@
-/* $NetBSD: consttime_bcmp.c,v 1.1 2012/08/30 12:16:49 drochner Exp $ */
+/* $NetBSD: consttime_memequal.c,v 1.1 2013/06/24 04:21:19 riastradh Exp $ */
 
 #if !defined(_KERNEL) && !defined(_STANDALONE)
 #include <string.h>
-#define consttime_bcmp __consttime_bcmp
+#define consttime_memequal __consttime_memequal
 #else
 #include <lib/libkern/libkern.h>
 #endif
 
 int
-consttime_bcmp(const void *b1, const void *b2, size_t len)
+consttime_memequal(const void *b1, const void *b2, size_t len)
 {
 	const char *c1 = b1, *c2 = b2;
 	int res = 0;

common/lib/libc/string/explicit_memset.c

@@ -1,8 +1,8 @@
-/* $NetBSD: explicit_bzero.c,v 1.1 2012/08/30 12:16:49 drochner Exp $ */
+/* $NetBSD: explicit_memset.c,v 1.1 2013/06/24 04:21:19 riastradh Exp $ */
 
 #if !defined(_KERNEL) && !defined(_STANDALONE)
 #include <string.h>
-#define explicit_bzero __explicit_bzero
+#define explicit_memset __explicit_memset
 #define explicit_memset_impl __explicit_memset_impl
 #else
 #include <lib/libkern/libkern.h>
@@ -15,8 +15,8 @@
 void *(* volatile explicit_memset_impl)(void *, int, size_t) = memset;
 
 void
-explicit_bzero(void *b, size_t len)
+explicit_memset(void *b, int c, size_t len)
 {
 
-	(*explicit_memset_impl)(b, 0, len);
+	(*explicit_memset_impl)(b, c, len);
 }

crypto/external/bsd/libsaslc/dist/src/dict.c

@@ -1,4 +1,4 @@
-/* $NetBSD: dict.c,v 1.7 2013/05/10 16:39:25 christos Exp $ */
+/* $NetBSD: dict.c,v 1.8 2013/06/24 04:21:19 riastradh Exp $ */
 
 /* Copyright (c) 2010 The NetBSD Foundation, Inc.
  * All rights reserved.
@@ -35,7 +35,7 @@
  * POSSIBILITY OF SUCH DAMAGE.
  */
 #include <sys/cdefs.h>
-__RCSID("$NetBSD: dict.c,v 1.7 2013/05/10 16:39:25 christos Exp $");
+__RCSID("$NetBSD: dict.c,v 1.8 2013/06/24 04:21:19 riastradh Exp $");
 
 #include <sys/queue.h>
 
@@ -136,7 +136,7 @@ saslc__dict_list_node_destroy(saslc__dict_node_t *node)
 
 	free(node->key);
 	/* zero value, it may contain sensitive data */
-	__explicit_bzero(node->value, node->value_len);
+	__explicit_memset(node->value, 0, node->value_len);
 	free(node->value);
 	LIST_REMOVE(node, nodes);
 	free(node);

crypto/external/bsd/openssh/dist/dns.c

@@ -1,4 +1,4 @@
-/*	$NetBSD: dns.c,v 1.5 2012/12/12 17:42:39 christos Exp $	*/
+/*	$NetBSD: dns.c,v 1.6 2013/06/24 04:21:19 riastradh Exp $	*/
 /* $OpenBSD: dns.c,v 1.28 2012/05/23 03:28:28 djm Exp $ */
 
 /*
@@ -27,7 +27,7 @@
  */
 
 #include "includes.h"
-__RCSID("$NetBSD: dns.c,v 1.5 2012/12/12 17:42:39 christos Exp $");
+__RCSID("$NetBSD: dns.c,v 1.6 2013/06/24 04:21:19 riastradh Exp $");
 #include <sys/types.h>
 #include <sys/socket.h>
 
@@ -278,7 +278,7 @@ verify_host_key_dns(const char *hostname, struct sockaddr *address,
 		if (hostkey_algorithm == dnskey_algorithm &&
 		    hostkey_digest_type == dnskey_digest_type) {
 			if (hostkey_digest_len == dnskey_digest_len &&
-			    __consttime_bcmp(hostkey_digest, dnskey_digest,
+			    __consttime_memequal(hostkey_digest, dnskey_digest,
 			    hostkey_digest_len) == 0)
 				*flags |= DNS_VERIFY_MATCH;
 		}

distrib/sets/lists/comp/mi

@@ -1,4 +1,4 @@
-#	$NetBSD: mi,v 1.1826 2013/06/24 01:12:08 riastradh Exp $
+#	$NetBSD: mi,v 1.1827 2013/06/24 04:21:19 riastradh Exp $
 #
 # Note: don't delete entries from here - mark them as "obsolete" instead.
 #
@@ -5159,7 +5159,8 @@
 ./usr/share/man/cat3/conj.0			comp-c-catman		complex,.cat
 ./usr/share/man/cat3/conjf.0			comp-c-catman		complex,.cat
 ./usr/share/man/cat3/conjl.0			comp-c-catman		complex,.cat
-./usr/share/man/cat3/consttime_bcmp.0		comp-c-catman		.cat
+./usr/share/man/cat3/consttime_bcmp.0		comp-obsolete		obsolete
+./usr/share/man/cat3/consttime_memcmp.0		comp-c-catman		.cat
 ./usr/share/man/cat3/copysign.0			comp-c-catman		.cat
 ./usr/share/man/cat3/copysignf.0		comp-c-catman		.cat
 ./usr/share/man/cat3/copysignl.0		comp-c-catman		.cat
@@ -5558,7 +5559,8 @@
 ./usr/share/man/cat3/exp2.0			comp-c-catman		.cat
 ./usr/share/man/cat3/exp2f.0			comp-c-catman		.cat
 ./usr/share/man/cat3/expf.0			comp-c-catman		.cat
-./usr/share/man/cat3/explicit_bzero.0		comp-c-catman		.cat
+./usr/share/man/cat3/explicit_bzero.0		comp-obsolete		obsolete
+./usr/share/man/cat3/explicit_memset.0		comp-c-catman		.cat
 ./usr/share/man/cat3/expm1.0			comp-c-catman		.cat
 ./usr/share/man/cat3/expm1f.0			comp-c-catman		.cat
 ./usr/share/man/cat3/extattr.0			comp-obsolete		obsolete
@@ -11702,7 +11704,8 @@
 ./usr/share/man/html3/conj.html			comp-c-htmlman		complex,html
 ./usr/share/man/html3/conjf.html		comp-c-htmlman		complex,html
 ./usr/share/man/html3/conjl.html		comp-c-htmlman		complex,html
-./usr/share/man/html3/consttime_bcmp.html	comp-c-htmlman		html
+./usr/share/man/html3/consttime_bcmp.html	comp-obsolete		obsolete
+./usr/share/man/html3/consttime_memequal.html	comp-c-htmlman		html
 ./usr/share/man/html3/copysign.html		comp-c-htmlman		html
 ./usr/share/man/html3/copysignf.html		comp-c-htmlman		html
 ./usr/share/man/html3/copysignl.html		comp-c-htmlman		html
@@ -12099,7 +12102,8 @@
 ./usr/share/man/html3/exp2.html			comp-c-htmlman		html
 ./usr/share/man/html3/exp2f.html		comp-c-htmlman		html
 ./usr/share/man/html3/expf.html			comp-c-htmlman		html
-./usr/share/man/html3/explicit_bzero.html	comp-c-htmlman		html
+./usr/share/man/html3/explicit_bzero.html	comp-obsolete		obsolete
+./usr/share/man/html3/explicit_memset.html	comp-c-htmlman		html
 ./usr/share/man/html3/expm1.html		comp-c-htmlman		html
 ./usr/share/man/html3/expm1f.html		comp-c-htmlman		html
 ./usr/share/man/html3/extattr.html		comp-obsolete		obsolete
@@ -18153,7 +18157,8 @@
 ./usr/share/man/man3/conj.3			comp-c-man		complex,.man
 ./usr/share/man/man3/conjf.3			comp-c-man		complex,.man
 ./usr/share/man/man3/conjl.3			comp-c-man		complex,.man
-./usr/share/man/man3/consttime_bcmp.3		comp-c-man		.man
+./usr/share/man/man3/consttime_bcmp.3		comp-obsolete		obsolete
+./usr/share/man/man3/consttime_memequal.3	comp-c-man		.man
 ./usr/share/man/man3/copysign.3			comp-c-man		.man
 ./usr/share/man/man3/copysignf.3		comp-c-man		.man
 ./usr/share/man/man3/copysignl.3		comp-c-man		.man
@@ -18552,7 +18557,8 @@
 ./usr/share/man/man3/exp2.3			comp-c-man		.man
 ./usr/share/man/man3/exp2f.3			comp-c-man		.man
 ./usr/share/man/man3/expf.3			comp-c-man		.man
-./usr/share/man/man3/explicit_bzero.3		comp-c-man		.man
+./usr/share/man/man3/explicit_bzero.3		comp-obsolete		obsolete
+./usr/share/man/man3/explicit_memset.3		comp-c-man		.man
 ./usr/share/man/man3/expm1.3			comp-c-man		.man
 ./usr/share/man/man3/expm1f.3			comp-c-man		.man
 ./usr/share/man/man3/extattr.3			comp-obsolete		obsolete

include/string.h

@@ -1,4 +1,4 @@
-/*	$NetBSD: string.h,v 1.43 2013/04/21 18:41:32 joerg Exp $	*/
+/*	$NetBSD: string.h,v 1.44 2013/06/24 04:21:20 riastradh Exp $	*/
 
 /*-
  * Copyright (c) 1990, 1993
@@ -109,8 +109,8 @@ char	*strsep(char **, const char *);
 char	*stresep(char **, const char *, int);
 char	*strndup(const char *, size_t);
 void	*memrchr(const void *, int, size_t);
-void	__explicit_bzero(void *, size_t);
-int	__consttime_bcmp(const void *, const void *, size_t);
+void	__explicit_memset(void *, int, size_t);
+int	__consttime_memequal(const void *, const void *, size_t);
 __END_DECLS
 #endif
 

lib/libc/string/Makefile.inc

@@ -1,5 +1,5 @@
 #	from: @(#)Makefile.inc	8.1 (Berkeley) 6/4/93
-#	$NetBSD: Makefile.inc,v 1.77 2013/06/24 01:12:08 riastradh Exp $
+#	$NetBSD: Makefile.inc,v 1.78 2013/06/24 04:21:20 riastradh Exp $
 
 # string sources
 .PATH: ${ARCHDIR}/string ${.CURDIR}/string
@@ -19,7 +19,7 @@ SRCS+=	bcmp.c bcopy.c bzero.c ffs.c memchr.c memcmp.c memset.c
 SRCS+=	strcat.c strcmp.c strcpy.c strcspn.c strlen.c
 SRCS+=	strncat.c strncmp.c strncpy.c strpbrk.c strsep.c
 SRCS+=	strspn.c strstr.c swab.c
-SRCS+=	explicit_bzero.c consttime_bcmp.c
+SRCS+=	explicit_memset.c consttime_memequal.c
 
 SRCS+=	memccpy.c memcpy.c memmem.c memmove.c
 SRCS+=	strchr.c strrchr.c
@@ -39,8 +39,8 @@ SRCS+=	_strlcat.c _strlcpy.c _strerror_r.c
 
 .include "${ARCHDIR}/string/Makefile.inc"
 
-MAN+=	bm.3 bcmp.3 bcopy.3 bstring.3 bzero.3 consttime_bcmp.3 \
-	explicit_bzero.3 ffs.3 index.3 \
+MAN+=	bm.3 bcmp.3 bcopy.3 bstring.3 bzero.3 consttime_memequal.3 \
+	explicit_memset.3 ffs.3 index.3 \
 	memccpy.3 memchr.3 memcmp.3 memcpy.3 memmem.3 memmove.3	memset.3 \
 	popcount.3 \
 	rindex.3 strcasecmp.3 strcat.3 strchr.3 strcmp.3 strcoll.3 \

lib/libc/string/consttime_memequal.3

@@ -1,4 +1,4 @@
-.\"	$NetBSD: consttime_bcmp.3,v 1.1 2013/06/23 16:44:06 riastradh Exp $
+.\"	$NetBSD: consttime_memequal.3,v 1.1 2013/06/24 04:21:20 riastradh Exp $
 .\"
 .\" Copyright (c) 2013 The NetBSD Foundation, Inc.
 .\" All rights reserved.
@@ -28,20 +28,20 @@
 .\" POSSIBILITY OF SUCH DAMAGE.
 .\"
 .Dd June 23, 2013
-.Dt CONSTTIME_BCMP 3
+.Dt CONSTTIME_MEMEQUAL 3
 .Os
 .Sh NAME
-.Nm consttime_bcmp
+.Nm consttime_memequal
 .Nd compare byte strings for equality without timing leaks
 .Sh LIBRARY
 .Lb libc
 .Sh SYNOPSIS
 .In string.h
 .Ft int
-.Fn consttime_bcmp "void *b1" "void *b2" "size_t len"
+.Fn consttime_memequal "void *b1" "void *b2" "size_t len"
 .Sh DESCRIPTION
 The
-.Fn consttime_bcmp
+.Fn consttime_memequal
 function compares
 .Fa len
 bytes of memory at
@@ -52,7 +52,7 @@ for equality, returning zero if they are identical and nonzero
 otherwise.
 .Pp
 The time taken by
-.Fn consttime_bcmp
+.Fn consttime_memequal
 depends on
 .Fa len ,
 but not on the data at
@@ -60,29 +60,29 @@ but not on the data at
 or
 .Fa b2 .
 Thus,
-.Fn consttime_bcmp
+.Fn consttime_memequal
 is appropriate for comparing cryptographic secrets, hashes, message
 authentication codes, etc., without leaking information about them
 through a timing side channel.
 In crypto literature,
-.Fn consttime_bcmp
+.Fn consttime_memequal
 is said to take
 .Sq constant time ,
 meaning time that does not vary depending on the data it processes.
 .Pp
 Note that unlike
 .Xr memcmp 3 ,
-.Fn consttime_bcmp
+.Fn consttime_memequal
 does not return a lexicographic ordering on the data at
 .Fa b1
 and
 .Fa b2 ;
 it tells only whether they are equal.
 .Sh SEE ALSO
-.Xr explicit_bzero 3 ,
+.Xr explicit_memset 3 ,
 .Xr memcmp 3
 .Sh HISTORY
 The
-.Fn consttime_bcmp
+.Fn consttime_memequal
 function appeared in
 .Nx 7.0 .

lib/libc/string/explicit_memset.3

@@ -1,4 +1,4 @@
-.\"	$NetBSD: explicit_bzero.3,v 1.1 2013/06/23 16:44:06 riastradh Exp $
+.\"	$NetBSD: explicit_memset.3,v 1.1 2013/06/24 04:21:20 riastradh Exp $
 .\"
 .\" Copyright (c) 2013 The NetBSD Foundation, Inc.
 .\" All rights reserved.
@@ -28,26 +28,28 @@
 .\" POSSIBILITY OF SUCH DAMAGE.
 .\"
 .Dd June 23, 2013
-.Dt EXPLICIT_BZERO 3
+.Dt EXPLICIT_MEMSET 3
 .Os
 .Sh NAME
-.Nm explicit_bzero
-.Nd guarantee zeroing a buffer in memory
+.Nm explicit_memset
+.Nd guarantee writing a byte to a byte string
 .Sh LIBRARY
 .Lb libc
 .Sh SYNOPSIS
 .In string.h
 .Ft void
-.Fn explicit_bzero "void *ptr" "size_t len"
+.Fn explicit_memset "void *b" "int c" "size_t len"
 .Sh DESCRIPTION
 The
-.Fn explicit_bzero
+.Fn explicit_memset
 function writes
 .Fa len
-zero bytes to the memory pointed to by
-.Fa ptr .
+bytes of value
+.Fa c
+(converted to an unsigned char) to the string
+.Fa b .
 It is guaranteed not to be optimized away by the compiler even if
-.Fa ptr
+.Fa b
 is no longer used and is about to be freed or go out of scope.
 .Sh EXAMPLES
 Create a buffer on the stack for a secret key, use it, and then zero it
@@ -62,14 +64,14 @@ f(void)
 	do_crypto_stuff(key, sizeof(key));
 	\&...
 
-	explicit_bzero(key, sizeof(key));
+	explicit_memset(key, 0, sizeof(key));
 }
 .Ed
 .Sh SEE ALSO
-.Xr consttime_bcmp 3 ,
+.Xr consttime_memequal 3 ,
 .Xr memset 3
 .Sh HISTORY
 The
-.Fn explicit_bzero
+.Fn explicit_memset
 function appeared in
 .Nx 7.0 .

lib/libc/string/memcmp.3

@@ -30,7 +30,7 @@
 .\" SUCH DAMAGE.
 .\"
 .\"     from: @(#)memcmp.3	8.1 (Berkeley) 6/4/93
-.\"	$NetBSD: memcmp.3,v 1.10 2013/06/23 16:44:06 riastradh Exp $
+.\"	$NetBSD: memcmp.3,v 1.11 2013/06/24 04:21:20 riastradh Exp $
 .\"
 .Dd June 23, 2013
 .Dt MEMCMP 3
@@ -74,11 +74,11 @@ to compare cryptographic secrets, because the time it takes varies
 depending on how many bytes are the same, and thus leaks information
 about the two strings by a timing side channel.
 To compare secrets, hashes, message authentication codes, etc., use
-.Xr consttime_bcmp 3
+.Xr consttime_memequal 3
 instead.
 .Sh SEE ALSO
 .Xr bcmp 3 ,
-.Xr consttime_bcmp 3 ,
+.Xr consttime_memequal 3 ,
 .Xr strcasecmp 3 ,
 .Xr strcmp 3 ,
 .Xr strcoll 3 ,

lib/libc/string/memset.3

@@ -30,7 +30,7 @@
 .\" SUCH DAMAGE.
 .\"
 .\"     from: @(#)memset.3	8.1 (Berkeley) 6/4/93
-.\"	$NetBSD: memset.3,v 1.10 2013/06/23 16:44:06 riastradh Exp $
+.\"	$NetBSD: memset.3,v 1.11 2013/06/24 04:21:20 riastradh Exp $
 .\"
 .Dd June 23, 2013
 .Dt MEMSET 3
@@ -67,10 +67,10 @@ if it can prove that the string will not be used by the program again,
 for example if it is allocated on the stack and about to out of scope.
 If you want to guarantee that zeros are written to memory, for example
 to sanitize a buffer holding a cryptographic secret, use
-.Xr explicit_bzero .
+.Xr explicit_memset .
 .Sh SEE ALSO
 .Xr bzero 3 ,
-.Xr explicit_bzero 3 ,
+.Xr explicit_memset 3 ,
 .Xr swab 3
 .Sh STANDARDS
 The

lib/libcrypt/bcrypt.c

@@ -1,4 +1,4 @@
-/*	$NetBSD: bcrypt.c,v 1.17 2012/08/30 12:16:49 drochner Exp $	*/
+/*	$NetBSD: bcrypt.c,v 1.18 2013/06/24 04:21:20 riastradh Exp $	*/
 /*	$OpenBSD: bcrypt.c,v 1.16 2002/02/19 19:39:36 millert Exp $	*/
 
 /*
@@ -46,7 +46,7 @@
  *
  */
 #include <sys/cdefs.h>
-__RCSID("$NetBSD: bcrypt.c,v 1.17 2012/08/30 12:16:49 drochner Exp $");
+__RCSID("$NetBSD: bcrypt.c,v 1.18 2013/06/24 04:21:20 riastradh Exp $");
 
 #include <stdio.h>
 #include <stdlib.h>
@@ -314,7 +314,7 @@ __bcrypt(const char *key, const char *salt)
 	encode_base64((u_int8_t *) encrypted + i + 3, csalt, BCRYPT_MAXSALT);
 	encode_base64((u_int8_t *) encrypted + strlen(encrypted), ciphertext,
 	    4 * BCRYPT_BLOCKS - 1);
-	__explicit_bzero(&state, sizeof(state));
+	__explicit_memset(&state, 0, sizeof(state));
 	return encrypted;
 }
 

lib/libcrypt/crypt-sha1.c

@@ -1,4 +1,4 @@
-/* $NetBSD: crypt-sha1.c,v 1.5 2012/08/30 12:16:49 drochner Exp $ */
+/* $NetBSD: crypt-sha1.c,v 1.6 2013/06/24 04:21:20 riastradh Exp $ */
 
 /*
  * Copyright (c) 2004, Juniper Networks, Inc.
@@ -31,7 +31,7 @@
 
 #include <sys/cdefs.h>
 #if !defined(lint)
-__RCSID("$NetBSD: crypt-sha1.c,v 1.5 2012/08/30 12:16:49 drochner Exp $");
+__RCSID("$NetBSD: crypt-sha1.c,v 1.6 2013/06/24 04:21:20 riastradh Exp $");
 #endif /* not lint */
 
 #include <stdlib.h>
@@ -190,7 +190,7 @@ __crypt_sha1 (const char *pw, const char *salt)
     *ep = '\0';
 
     /* Don't leave anything around in vm they could use. */
-    __explicit_bzero(hmac_buf, sizeof hmac_buf);
+    __explicit_memset(hmac_buf, 0, sizeof hmac_buf);
 
     return passwd;
 }	

lib/libcrypt/md5crypt.c

@@ -1,4 +1,4 @@
-/*	$NetBSD: md5crypt.c,v 1.12 2012/08/30 12:16:49 drochner Exp $	*/
+/*	$NetBSD: md5crypt.c,v 1.13 2013/06/24 04:21:20 riastradh Exp $	*/
 
 /*
  * ----------------------------------------------------------------------------
@@ -15,7 +15,7 @@
 
 #include <sys/cdefs.h>
 #if !defined(lint)
-__RCSID("$NetBSD: md5crypt.c,v 1.12 2012/08/30 12:16:49 drochner Exp $");
+__RCSID("$NetBSD: md5crypt.c,v 1.13 2013/06/24 04:21:20 riastradh Exp $");
 #endif /* not lint */
 
 #include <unistd.h>
@@ -143,6 +143,6 @@ __md5crypt(const char *pw, const char *salt)
 	*p = '\0';
 
 	/* Don't leave anything around in vm they could use. */
-	__explicit_bzero(final, sizeof(final));
+	__explicit_memset(final, 0, sizeof(final));
 	return (passwd);
 }

share/man/man9/rndsink.9

@@ -1,4 +1,4 @@
-.\"	$NetBSD: rndsink.9,v 1.1 2013/06/23 02:35:23 riastradh Exp $
+.\"	$NetBSD: rndsink.9,v 1.2 2013/06/24 04:21:20 riastradh Exp $
 .\"
 .\" Copyright (c) 2013 The NetBSD Foundation, Inc.
 .\" All rights reserved.
@@ -122,7 +122,7 @@ May be called at
 .Dv IPL_VM
 or lower.
 The caller should use
-.Xr explicit_bzero 3
+.Xr explicit_memset 3
 to clear
 .Fa buffer
 once it has used the data stored there.
@@ -139,7 +139,7 @@ The rndsink API is implemented in
 and
 .Pa sys/sys/rndsink.h .
 .Sh SEE ALSO
-.Xr explicit_bzero 3 ,
+.Xr explicit_memset 3 ,
 .Xr cprng 9 ,
 .Xr rnd 9
 .Sh HISTORY

sys/dev/cgd_crypto.c

@@ -1,4 +1,4 @@
-/* $NetBSD: cgd_crypto.c,v 1.11 2012/12/05 02:23:20 christos Exp $ */
+/* $NetBSD: cgd_crypto.c,v 1.12 2013/06/24 04:21:20 riastradh Exp $ */
 
 /*-
  * Copyright (c) 2002 The NetBSD Foundation, Inc.
@@ -37,7 +37,7 @@
  */
 
 #include <sys/cdefs.h>
-__KERNEL_RCSID(0, "$NetBSD: cgd_crypto.c,v 1.11 2012/12/05 02:23:20 christos Exp $");
+__KERNEL_RCSID(0, "$NetBSD: cgd_crypto.c,v 1.12 2013/06/24 04:21:20 riastradh Exp $");
 
 #include <sys/param.h>
 #include <sys/systm.h>
@@ -210,7 +210,7 @@ cgd_cipher_aes_destroy(void *data)
 {
 	struct aes_privdata *apd = data;
 
-	explicit_bzero(apd, sizeof(*apd));
+	explicit_memset(apd, 0, sizeof(*apd));
 	free(apd, M_DEVBUF);
 }
 
@@ -296,7 +296,7 @@ cgd_cipher_3des_init(size_t keylen, const void *key, size_t *blocksize)
 	error |= des_key_sched(block + 1, cp->cp_key2);
 	error |= des_key_sched(block + 2, cp->cp_key3);
 	if (error) {
-		explicit_bzero(cp, sizeof(*cp));
+		explicit_memset(cp, 0, sizeof(*cp));
 		free(cp, M_DEVBUF);
 		return NULL;
 	}
@@ -308,7 +308,7 @@ cgd_cipher_3des_destroy(void *data)
 {
 	struct c3des_privdata *cp = data;
 
-	explicit_bzero(cp, sizeof(*cp));
+	explicit_memset(cp, 0, sizeof(*cp));
 	free(cp, M_DEVBUF);
 }
 
@@ -393,7 +393,7 @@ cgd_cipher_bf_destroy(void *data)
 {
 	struct	bf_privdata *bp = data;
 
-	explicit_bzero(bp, sizeof(*bp));
+	explicit_memset(bp, 0, sizeof(*bp));
 	free(bp, M_DEVBUF);
 }
 

sys/kern/kern_rndsink.c

@@ -1,4 +1,4 @@
-/*	$NetBSD: kern_rndsink.c,v 1.1 2013/06/23 02:35:24 riastradh Exp $	*/
+/*	$NetBSD: kern_rndsink.c,v 1.2 2013/06/24 04:21:20 riastradh Exp $	*/
 
 /*-
  * Copyright (c) 2013 The NetBSD Foundation, Inc.
@@ -30,7 +30,7 @@
  */
 
 #include <sys/cdefs.h>
-__KERNEL_RCSID(0, "$NetBSD: kern_rndsink.c,v 1.1 2013/06/23 02:35:24 riastradh Exp $");
+__KERNEL_RCSID(0, "$NetBSD: kern_rndsink.c,v 1.2 2013/06/24 04:21:20 riastradh Exp $");
 
 #include <sys/param.h>
 #include <sys/types.h>
@@ -156,7 +156,7 @@ rndsinks_distribute(void)
 	uint8_t buffer[RNDSINK_MAX_BYTES];
 	struct rndsink *rndsink;
 
-	explicit_bzero(buffer, sizeof(buffer)); /* paranoia */
+	explicit_memset(buffer, 0, sizeof(buffer)); /* paranoia */
 
 	mutex_spin_enter(&rndsinks_lock);
 	while ((rndsink = TAILQ_FIRST(&rndsinks)) != NULL) {
@@ -178,7 +178,7 @@ rndsinks_distribute(void)
 
 		(*rndsink->rsink_callback)(rndsink->rsink_arg, buffer,
 		    rndsink->rsink_bytes);
-		explicit_bzero(buffer, rndsink->rsink_bytes);
+		explicit_memset(buffer, 0, rndsink->rsink_bytes);
 
 		mutex_spin_enter(&rndsinks_lock);
 
@@ -199,7 +199,7 @@ rndsinks_distribute(void)
 	}
 	mutex_spin_exit(&rndsinks_lock);
 
-	explicit_bzero(buffer, sizeof(buffer));	/* paranoia */
+	explicit_memset(buffer, 0, sizeof(buffer));	/* paranoia */
 }
 
 static void

sys/kern/subr_cprng.c

@@ -1,4 +1,4 @@
-/*	$NetBSD: subr_cprng.c,v 1.19 2013/06/24 00:56:21 riastradh Exp $ */
+/*	$NetBSD: subr_cprng.c,v 1.20 2013/06/24 04:21:20 riastradh Exp $ */
 
 /*-
  * Copyright (c) 2011-2013 The NetBSD Foundation, Inc.
@@ -30,7 +30,7 @@
  */
 
 #include <sys/cdefs.h>
-__KERNEL_RCSID(0, "$NetBSD: subr_cprng.c,v 1.19 2013/06/24 00:56:21 riastradh Exp $");
+__KERNEL_RCSID(0, "$NetBSD: subr_cprng.c,v 1.20 2013/06/24 04:21:20 riastradh Exp $");
 
 #include <sys/param.h>
 #include <sys/types.h>
@@ -132,7 +132,7 @@ cprng_strong_create(const char *name, int ipl, int flags)
 		/* XXX Fix nist_ctr_drbg API so this can't happen.  */
 		panic("cprng %s: NIST CTR_DRBG instantiation failed",
 		    cprng->cs_name);
-	explicit_bzero(seed, sizeof(seed));
+	explicit_memset(seed, 0, sizeof(seed));
 
 	if (!cprng->cs_ready && !ISSET(flags, CPRNG_INIT_ANY))
 		printf("cprng %s: creating with partial entropy\n",
@@ -160,7 +160,7 @@ cprng_strong_destroy(struct cprng_strong *cprng)
 	cv_destroy(&cprng->cs_cv);
 	mutex_destroy(&cprng->cs_lock);
 
-	explicit_bzero(cprng, sizeof(*cprng)); /* paranoia */
+	explicit_memset(cprng, 0, sizeof(*cprng)); /* paranoia */
 	kmem_free(cprng, sizeof(*cprng));
 }
 
@@ -366,7 +366,7 @@ cprng_strong_reseed(struct cprng_strong *cprng)
 	const bool full_entropy = rndsink_request(cprng->cs_rndsink, seed,
 	    sizeof(seed));
 	cprng_strong_reseed_from(cprng, seed, sizeof(seed), full_entropy);
-	explicit_bzero(seed, sizeof(seed));
+	explicit_memset(seed, 0, sizeof(seed));
 }
 
 /*
@@ -446,7 +446,7 @@ cprng_strong_rngtest(struct cprng_strong *cprng)
 		rndsink_schedule(cprng->cs_rndsink);
 	}
 
-	explicit_bzero(rt, sizeof(*rt)); /* paranoia */
+	explicit_memset(rt, 0, sizeof(*rt)); /* paranoia */
 	kmem_intr_free(rt, sizeof(*rt));
 }
 #endif

sys/lib/libkern/Makefile.libkern

@@ -1,4 +1,4 @@
-#	$NetBSD: Makefile.libkern,v 1.23 2013/03/17 00:47:13 christos Exp $
+#	$NetBSD: Makefile.libkern,v 1.24 2013/06/24 04:21:20 riastradh Exp $
 
 # 
 # Variable definitions for libkern.  
@@ -96,7 +96,7 @@ SRCS+=	xlat_mbr_fstype.c
 SRCS+=	heapsort.c ptree.c rb.c
 
 # for crypto
-SRCS+=	explicit_bzero.c consttime_bcmp.c
+SRCS+=	explicit_memset.c consttime_memequal.c
 
 # Files to clean up
 CLEANFILES+= lib${LIB}.o lib${LIB}.po

sys/lib/libkern/arc4random.c

@@ -1,4 +1,4 @@
-/*	$NetBSD: arc4random.c,v 1.34 2013/06/23 02:38:22 riastradh Exp $	*/
+/*	$NetBSD: arc4random.c,v 1.35 2013/06/24 04:21:20 riastradh Exp $	*/
 
 /*-
  * Copyright (c) 2002, 2011 The NetBSD Foundation, Inc.
@@ -145,7 +145,7 @@ arc4_randrekey(void)
 	const bool full_entropy = rndsink_request(arc4_rndsink, seed,
 	    sizeof(seed));
 	arc4_randrekey_from(seed, full_entropy);
-	explicit_bzero(seed, sizeof(seed));
+	explicit_memset(seed, 0, sizeof(seed));
 }
 
 /*
@@ -171,7 +171,7 @@ arc4_randrekey_from(const uint8_t seed[ARC4_KEYBYTES], bool full_entropy)
 	}
 	arc4_i = arc4_j;
 
-	explicit_bzero(key, sizeof(key));
+	explicit_memset(key, 0, sizeof(key));
 
 	/*
 	 * Throw away the first N words of output, as suggested in the

sys/lib/libkern/libkern.h

@@ -1,4 +1,4 @@
-/*	$NetBSD: libkern.h,v 1.106 2012/08/30 12:16:49 drochner Exp $	*/
+/*	$NetBSD: libkern.h,v 1.107 2013/06/24 04:21:20 riastradh Exp $	*/
 
 /*-
  * Copyright (c) 1992, 1993
@@ -346,6 +346,6 @@ unsigned int	popcountll(unsigned long long) __constfunc;
 unsigned int	popcount32(uint32_t) __constfunc;
 unsigned int	popcount64(uint64_t) __constfunc;
 
-void	explicit_bzero(void *, size_t);
-int	consttime_bcmp(const void *, const void *, size_t);
+void	explicit_memset(void *, int, size_t);
+int	consttime_memequal(const void *, const void *, size_t);
 #endif /* !_LIB_LIBKERN_LIBKERN_H_ */

sys/netipsec/key.c

@@ -1,4 +1,4 @@
-/*	$NetBSD: key.c,v 1.81 2013/06/05 19:01:26 christos Exp $	*/
+/*	$NetBSD: key.c,v 1.82 2013/06/24 04:21:20 riastradh Exp $	*/
 /*	$FreeBSD: src/sys/netipsec/key.c,v 1.3.2.3 2004/02/14 22:23:23 bms Exp $	*/
 /*	$KAME: key.c,v 1.191 2001/06/27 10:46:49 sakane Exp $	*/
 
@@ -32,7 +32,7 @@
  */
 
 #include <sys/cdefs.h>
-__KERNEL_RCSID(0, "$NetBSD: key.c,v 1.81 2013/06/05 19:01:26 christos Exp $");
+__KERNEL_RCSID(0, "$NetBSD: key.c,v 1.82 2013/06/24 04:21:20 riastradh Exp $");
 
 /*
  * This code is referd to RFC 2367
@@ -3030,9 +3030,11 @@ key_delsav(struct secasvar *sav)
 		sav->tdb_xform = NULL;
 	} else {
 		if (sav->key_auth != NULL)
-			explicit_bzero(_KEYBUF(sav->key_auth), _KEYLEN(sav->key_auth));
+			explicit_memset(_KEYBUF(sav->key_auth), 0,
+			    _KEYLEN(sav->key_auth));
 		if (sav->key_enc != NULL)
-			explicit_bzero(_KEYBUF(sav->key_enc), _KEYLEN(sav->key_enc));
+			explicit_memset(_KEYBUF(sav->key_enc), 0,
+			    _KEYLEN(sav->key_enc));
 	}
 	if (sav->key_auth != NULL) {
 		KFREE(sav->key_auth);

sys/netipsec/xform_ah.c

@@ -1,4 +1,4 @@
-/*	$NetBSD: xform_ah.c,v 1.39 2013/06/04 22:47:37 christos Exp $	*/
+/*	$NetBSD: xform_ah.c,v 1.40 2013/06/24 04:21:20 riastradh Exp $	*/
 /*	$FreeBSD: src/sys/netipsec/xform_ah.c,v 1.1.4.1 2003/01/24 05:11:36 sam Exp $	*/
 /*	$OpenBSD: ip_ah.c,v 1.63 2001/06/26 06:18:58 angelos Exp $ */
 /*
@@ -39,7 +39,7 @@
  */
 
 #include <sys/cdefs.h>
-__KERNEL_RCSID(0, "$NetBSD: xform_ah.c,v 1.39 2013/06/04 22:47:37 christos Exp $");
+__KERNEL_RCSID(0, "$NetBSD: xform_ah.c,v 1.40 2013/06/24 04:21:20 riastradh Exp $");
 
 #include "opt_inet.h"
 #ifdef __FreeBSD__
@@ -910,7 +910,7 @@ ah_input_cb(struct cryptop *crp)
 		ptr = (char *) (tc + 1);
 
 		/* Verify authenticator. */
-		if (consttime_bcmp(ptr + skip + rplen, calc, authsize)) {
+		if (consttime_memequal(ptr + skip + rplen, calc, authsize)) {
 			u_int8_t *pppp = ptr + skip+rplen;
 			DPRINTF(("ah_input: authentication hash mismatch " \
 			    "over %d bytes " \

sys/netipsec/xform_esp.c

@@ -1,4 +1,4 @@
-/*	$NetBSD: xform_esp.c,v 1.42 2013/06/04 22:47:37 christos Exp $	*/
+/*	$NetBSD: xform_esp.c,v 1.43 2013/06/24 04:21:20 riastradh Exp $	*/
 /*	$FreeBSD: src/sys/netipsec/xform_esp.c,v 1.2.2.1 2003/01/24 05:11:36 sam Exp $	*/
 /*	$OpenBSD: ip_esp.c,v 1.69 2001/06/26 06:18:59 angelos Exp $ */
 
@@ -39,7 +39,7 @@
  */
 
 #include <sys/cdefs.h>
-__KERNEL_RCSID(0, "$NetBSD: xform_esp.c,v 1.42 2013/06/04 22:47:37 christos Exp $");
+__KERNEL_RCSID(0, "$NetBSD: xform_esp.c,v 1.43 2013/06/24 04:21:20 riastradh Exp $");
 
 #include "opt_inet.h"
 #ifdef __FreeBSD__
@@ -593,7 +593,8 @@ esp_input_cb(struct cryptop *crp)
 			ptr = (tc + 1);
 
 			/* Verify authenticator */
-			if (consttime_bcmp(ptr, aalg, esph->authsize) != 0) {
+			if (consttime_memequal(ptr, aalg, esph->authsize)
+			    != 0) {
 				DPRINTF(("esp_input_cb: "
 		    "authentication hash mismatch for packet in SA %s/%08lx\n",
 				    ipsec_address(&saidx->dst),

sys/opencrypto/cryptosoft.c

@@ -1,4 +1,4 @@
-/*	$NetBSD: cryptosoft.c,v 1.41 2013/02/02 21:38:24 christos Exp $ */
+/*	$NetBSD: cryptosoft.c,v 1.42 2013/06/24 04:21:20 riastradh Exp $ */
 /*	$FreeBSD: src/sys/opencrypto/cryptosoft.c,v 1.2.2.1 2002/11/21 23:34:23 sam Exp $	*/
 /*	$OpenBSD: cryptosoft.c,v 1.35 2002/04/26 08:43:50 deraadt Exp $	*/
 
@@ -24,7 +24,7 @@
  */
 
 #include <sys/cdefs.h>
-__KERNEL_RCSID(0, "$NetBSD: cryptosoft.c,v 1.41 2013/02/02 21:38:24 christos Exp $");
+__KERNEL_RCSID(0, "$NetBSD: cryptosoft.c,v 1.42 2013/06/24 04:21:20 riastradh Exp $");
 
 #include <sys/param.h>
 #include <sys/systm.h>
@@ -1090,11 +1090,11 @@ swcr_freesession(void *arg, u_int64_t tid)
 			axf = swd->sw_axf;
 
 			if (swd->sw_ictx) {
-				explicit_bzero(swd->sw_ictx, axf->ctxsize);
+				explicit_memset(swd->sw_ictx, 0, axf->ctxsize);
 				free(swd->sw_ictx, M_CRYPTO_DATA);
 			}
 			if (swd->sw_octx) {
-				explicit_bzero(swd->sw_octx, axf->ctxsize);
+				explicit_memset(swd->sw_octx, 0, axf->ctxsize);
 				free(swd->sw_octx, M_CRYPTO_DATA);
 			}
 			break;
@@ -1104,11 +1104,11 @@ swcr_freesession(void *arg, u_int64_t tid)
 			axf = swd->sw_axf;
 
 			if (swd->sw_ictx) {
-				explicit_bzero(swd->sw_ictx, axf->ctxsize);
+				explicit_memset(swd->sw_ictx, 0, axf->ctxsize);
 				free(swd->sw_ictx, M_CRYPTO_DATA);
 			}
 			if (swd->sw_octx) {
-				explicit_bzero(swd->sw_octx, swd->sw_klen);
+				explicit_memset(swd->sw_octx, 0, swd->sw_klen);
 				free(swd->sw_octx, M_CRYPTO_DATA);
 			}
 			break;
@@ -1122,7 +1122,7 @@ swcr_freesession(void *arg, u_int64_t tid)
 			axf = swd->sw_axf;
 
 			if (swd->sw_ictx) {
-				explicit_bzero(swd->sw_ictx, axf->ctxsize);
+				explicit_memset(swd->sw_ictx, 0, axf->ctxsize);
 				free(swd->sw_ictx, M_CRYPTO_DATA);
 			}
 			break;