replace all usage of memset(_, 0, _) with memzero

SConscript.prodtest

@@ -7,6 +7,14 @@ CPPPATH_MOD = []
 CPPDEFINES_MOD = []
 SOURCE_MOD = []
 
+# modtrezorcrypto
+CPPPATH_MOD += [
+    'vendor/trezor-crypto',
+]
+SOURCE_MOD += [
+    'vendor/trezor-crypto/memzero.c',
+]
+
 # modtrezorui
 CPPDEFINES_MOD += [
     'TREZOR_FONT_BOLD_ENABLE',

embed/boardloader/main.c

@@ -29,6 +29,8 @@
 #include "lowlevel.h"
 #include "version.h"
 
+#include "memzero.h"
+
 const uint8_t BOARDLOADER_KEY_M = 2;
 const uint8_t BOARDLOADER_KEY_N = 3;
 static const uint8_t * const BOARDLOADER_KEYS[] = {
@@ -57,7 +59,7 @@ static uint32_t check_sdcard(void)
 
     uint32_t buf[IMAGE_HEADER_SIZE / sizeof(uint32_t)];
 
-    memset(buf, 0, sizeof(buf));
+    memzero(buf, sizeof(buf));
 
     const secbool read_status = sdcard_read_blocks(buf, 0, IMAGE_HEADER_SIZE / SDCARD_BLOCK_SIZE);
 

embed/bootloader/messages.c

@@ -34,6 +34,8 @@
 #include "bootui.h"
 #include "messages.h"
 
+#include "memzero.h"
+
 #define MSG_HEADER1_LEN 9
 #define MSG_HEADER2_LEN 1
 
@@ -96,7 +98,7 @@ static bool _usb_write(pb_ostream_t *stream, const pb_byte_t *buf, size_t count)
             ensure(sectrue * (r == USB_PACKET_SIZE), NULL);
             // prepare new packet
             state->packet_index++;
-            memset(state->buf, 0, USB_PACKET_SIZE);
+            memzero(state->buf, USB_PACKET_SIZE);
             state->buf[0] = '?';
             state->packet_pos = MSG_HEADER2_LEN;
         }
@@ -110,7 +112,7 @@ static void _usb_write_flush(usb_write_state *state)
     // if packet is not filled up completely
     if (state->packet_pos < USB_PACKET_SIZE) {
         // pad it with zeroes
-        memset(state->buf + state->packet_pos, 0, USB_PACKET_SIZE - state->packet_pos);
+        memzero(state->buf + state->packet_pos, USB_PACKET_SIZE - state->packet_pos);
     }
     // send packet
     int r = usb_webusb_write_blocking(state->iface_num, state->buf, USB_PACKET_SIZE, USB_TIMEOUT);
@@ -161,9 +163,9 @@ static secbool _send_msg(uint8_t iface_num, uint16_t msg_id, const pb_field_t fi
 
 #define MSG_SEND_INIT(TYPE) TYPE msg_send = TYPE##_init_default
 #define MSG_SEND_ASSIGN_VALUE(FIELD, VALUE) { msg_send.has_##FIELD = true; msg_send.FIELD = VALUE; }
-#define MSG_SEND_ASSIGN_STRING(FIELD, VALUE) { msg_send.has_##FIELD = true; memset(msg_send.FIELD, 0, sizeof(msg_send.FIELD)); strncpy(msg_send.FIELD, VALUE, sizeof(msg_send.FIELD) - 1); }
-#define MSG_SEND_ASSIGN_STRING_LEN(FIELD, VALUE, LEN) { msg_send.has_##FIELD = true; memset(msg_send.FIELD, 0, sizeof(msg_send.FIELD)); strncpy(msg_send.FIELD, VALUE, MIN(LEN, sizeof(msg_send.FIELD) - 1)); }
-#define MSG_SEND_ASSIGN_BYTES(FIELD, VALUE, LEN) { msg_send.has_##FIELD = true; memset(msg_send.FIELD.bytes, 0, sizeof(msg_send.FIELD.bytes)); memcpy(msg_send.FIELD.bytes, VALUE, MIN(LEN, sizeof(msg_send.FIELD.bytes))); msg_send.FIELD.size = MIN(LEN, sizeof(msg_send.FIELD.bytes)); }
+#define MSG_SEND_ASSIGN_STRING(FIELD, VALUE) { msg_send.has_##FIELD = true; memzero(msg_send.FIELD, sizeof(msg_send.FIELD)); strncpy(msg_send.FIELD, VALUE, sizeof(msg_send.FIELD) - 1); }
+#define MSG_SEND_ASSIGN_STRING_LEN(FIELD, VALUE, LEN) { msg_send.has_##FIELD = true; memzero(msg_send.FIELD, sizeof(msg_send.FIELD)); strncpy(msg_send.FIELD, VALUE, MIN(LEN, sizeof(msg_send.FIELD) - 1)); }
+#define MSG_SEND_ASSIGN_BYTES(FIELD, VALUE, LEN) { msg_send.has_##FIELD = true; memzero(msg_send.FIELD.bytes, sizeof(msg_send.FIELD.bytes)); memcpy(msg_send.FIELD.bytes, VALUE, MIN(LEN, sizeof(msg_send.FIELD.bytes))); msg_send.FIELD.size = MIN(LEN, sizeof(msg_send.FIELD.bytes)); }
 #define MSG_SEND(TYPE) _send_msg(iface_num, MessageType_MessageType_##TYPE, TYPE##_fields, &msg_send)
 
 typedef struct {

embed/extmod/modtrezorcrypto/modtrezorcrypto-aes.h

@@ -69,7 +69,7 @@ STATIC mp_obj_t mod_trezorcrypto_AES_make_new(const mp_obj_type_t *type, size_t
         }
         memcpy(o->iv, iv.buf, AES_BLOCK_SIZE);
     } else {
-        memset(o->iv, 0, AES_BLOCK_SIZE);
+        memzero(o->iv, AES_BLOCK_SIZE);
     }
     switch (key.len) {
         case 16:

embed/extmod/modtrezorcrypto/modtrezorcrypto-blake256.h

@@ -76,7 +76,7 @@ STATIC mp_obj_t mod_trezorcrypto_Blake256_digest(mp_obj_t self) {
     BLAKE256_CTX ctx;
     memcpy(&ctx, &(o->ctx), sizeof(BLAKE256_CTX));
     blake256_Final(&ctx, hash);
-    memset(&ctx, 0, sizeof(BLAKE256_CTX));
+    memzero(&ctx, sizeof(BLAKE256_CTX));
     return mp_obj_new_bytes(hash, sizeof(hash));
 }
 STATIC MP_DEFINE_CONST_FUN_OBJ_1(mod_trezorcrypto_Blake256_digest_obj, mod_trezorcrypto_Blake256_digest);

embed/extmod/modtrezorcrypto/modtrezorcrypto-blake2b.h

@@ -113,7 +113,7 @@ STATIC mp_obj_t mod_trezorcrypto_Blake2b_digest(mp_obj_t self) {
     BLAKE2B_CTX ctx;
     memcpy(&ctx, &(o->ctx), sizeof(BLAKE2B_CTX));
     blake2b_Final(&ctx, out, ctx.outlen);
-    memset(&ctx, 0, sizeof(BLAKE2B_CTX));
+    memzero(&ctx, sizeof(BLAKE2B_CTX));
     return mp_obj_new_bytes(out, o->ctx.outlen);
 }
 STATIC MP_DEFINE_CONST_FUN_OBJ_1(mod_trezorcrypto_Blake2b_digest_obj, mod_trezorcrypto_Blake2b_digest);

embed/extmod/modtrezorcrypto/modtrezorcrypto-blake2s.h

@@ -113,7 +113,7 @@ STATIC mp_obj_t mod_trezorcrypto_Blake2s_digest(mp_obj_t self) {
     BLAKE2S_CTX ctx;
     memcpy(&ctx, &(o->ctx), sizeof(BLAKE2S_CTX));
     blake2s_Final(&ctx, out, ctx.outlen);
-    memset(&ctx, 0, sizeof(BLAKE2S_CTX));
+    memzero(&ctx, sizeof(BLAKE2S_CTX));
     return mp_obj_new_bytes(out, o->ctx.outlen);
 }
 STATIC MP_DEFINE_CONST_FUN_OBJ_1(mod_trezorcrypto_Blake2s_digest_obj, mod_trezorcrypto_Blake2s_digest);

embed/extmod/modtrezorcrypto/modtrezorcrypto-groestl.h

@@ -78,7 +78,7 @@ STATIC mp_obj_t mod_trezorcrypto_Groestl512_digest(mp_obj_t self) {
     GROESTL512_CTX ctx;
     memcpy(&ctx, &(o->ctx), sizeof(GROESTL512_CTX));
     groestl512_Final(&ctx, out);
-    memset(&ctx, 0, sizeof(GROESTL512_CTX));
+    memzero(&ctx, sizeof(GROESTL512_CTX));
     return mp_obj_new_bytes(out, sizeof(out));
 }
 STATIC MP_DEFINE_CONST_FUN_OBJ_1(mod_trezorcrypto_Groestl512_digest_obj, mod_trezorcrypto_Groestl512_digest);

embed/extmod/modtrezorcrypto/modtrezorcrypto-monero.h

@@ -23,6 +23,7 @@
 
 #include "monero/monero.h"
 #include "bignum.h"
+#include "memzero.h"
 
 /// package: trezorcrypto.monero
 
@@ -1089,7 +1090,7 @@ STATIC mp_obj_t mod_trezorcrypto_monero_hasher_digest(size_t n_args, const mp_ob
 
     uint8_t out[SHA3_256_DIGEST_LENGTH];
     xmr_hasher_final(&ctx, out);
-    memset(&ctx, 0, sizeof(SHA3_CTX));
+    memzero(&ctx, sizeof(SHA3_CTX));
 
     if (n_args == 1 || args[1] == mp_const_none){
       return mp_obj_new_bytes(out, sizeof(out));

embed/extmod/modtrezorcrypto/modtrezorcrypto-pbkdf2.h

@@ -112,7 +112,7 @@ STATIC mp_obj_t mod_trezorcrypto_Pbkdf2_key(mp_obj_t self) {
         memcpy(&ctx, &(o->ctx256), sizeof(PBKDF2_HMAC_SHA256_CTX));
         uint8_t out[SHA256_DIGEST_LENGTH];
         pbkdf2_hmac_sha256_Final(&ctx, out);
-        memset(&ctx, 0, sizeof(PBKDF2_HMAC_SHA256_CTX));
+        memzero(&ctx, sizeof(PBKDF2_HMAC_SHA256_CTX));
         return mp_obj_new_bytes(out, sizeof(out));
     }
     if (o->prf == PRF_HMAC_SHA512) {
@@ -120,7 +120,7 @@ STATIC mp_obj_t mod_trezorcrypto_Pbkdf2_key(mp_obj_t self) {
         memcpy(&ctx, &(o->ctx512), sizeof(PBKDF2_HMAC_SHA512_CTX));
         uint8_t out[SHA512_DIGEST_LENGTH];
         pbkdf2_hmac_sha512_Final(&ctx, out);
-        memset(&ctx, 0, sizeof(PBKDF2_HMAC_SHA512_CTX));
+        memzero(&ctx, sizeof(PBKDF2_HMAC_SHA512_CTX));
         return mp_obj_new_bytes(out, sizeof(out));
     }
     return mp_const_none;

embed/extmod/modtrezorcrypto/modtrezorcrypto-ripemd160.h

@@ -76,7 +76,7 @@ STATIC mp_obj_t mod_trezorcrypto_Ripemd160_digest(mp_obj_t self) {
     RIPEMD160_CTX ctx;
     memcpy(&ctx, &(o->ctx), sizeof(RIPEMD160_CTX));
     ripemd160_Final(&ctx, out);
-    memset(&ctx, 0, sizeof(RIPEMD160_CTX));
+    memzero(&ctx, sizeof(RIPEMD160_CTX));
     return mp_obj_new_bytes(out, sizeof(out));
 }
 STATIC MP_DEFINE_CONST_FUN_OBJ_1(mod_trezorcrypto_Ripemd160_digest_obj, mod_trezorcrypto_Ripemd160_digest);

embed/extmod/modtrezorcrypto/modtrezorcrypto-sha1.h

@@ -76,7 +76,7 @@ STATIC mp_obj_t mod_trezorcrypto_Sha1_digest(mp_obj_t self) {
     SHA1_CTX ctx;
     memcpy(&ctx, &(o->ctx), sizeof(SHA1_CTX));
     sha1_Final(&ctx, out);
-    memset(&ctx, 0, sizeof(SHA1_CTX));
+    memzero(&ctx, sizeof(SHA1_CTX));
     return mp_obj_new_bytes(out, sizeof(out));
 }
 STATIC MP_DEFINE_CONST_FUN_OBJ_1(mod_trezorcrypto_Sha1_digest_obj, mod_trezorcrypto_Sha1_digest);

embed/extmod/modtrezorcrypto/modtrezorcrypto-sha256.h

@@ -76,7 +76,7 @@ STATIC mp_obj_t mod_trezorcrypto_Sha256_digest(mp_obj_t self) {
     SHA256_CTX ctx;
     memcpy(&ctx, &(o->ctx), sizeof(SHA256_CTX));
     sha256_Final(&ctx, out);
-    memset(&ctx, 0, sizeof(SHA256_CTX));
+    memzero(&ctx, sizeof(SHA256_CTX));
     return mp_obj_new_bytes(out, sizeof(out));
 }
 STATIC MP_DEFINE_CONST_FUN_OBJ_1(mod_trezorcrypto_Sha256_digest_obj, mod_trezorcrypto_Sha256_digest);

embed/extmod/modtrezorcrypto/modtrezorcrypto-sha3-256.h

@@ -92,7 +92,7 @@ STATIC mp_obj_t mod_trezorcrypto_Sha3_256_digest(mp_obj_t self) {
     } else {
         sha3_Final(&ctx, out);
     }
-    memset(&ctx, 0, sizeof(SHA3_CTX));
+    memzero(&ctx, sizeof(SHA3_CTX));
     return mp_obj_new_bytes(out, sizeof(out));
 }
 STATIC MP_DEFINE_CONST_FUN_OBJ_1(mod_trezorcrypto_Sha3_256_digest_obj, mod_trezorcrypto_Sha3_256_digest);

embed/extmod/modtrezorcrypto/modtrezorcrypto-sha3-512.h

@@ -92,7 +92,7 @@ STATIC mp_obj_t mod_trezorcrypto_Sha3_512_digest(mp_obj_t self) {
     } else {
         sha3_Final(&ctx, out);
     }
-    memset(&ctx, 0, sizeof(SHA3_CTX));
+    memzero(&ctx, sizeof(SHA3_CTX));
     return mp_obj_new_bytes(out, sizeof(out));
 }
 STATIC MP_DEFINE_CONST_FUN_OBJ_1(mod_trezorcrypto_Sha3_512_digest_obj, mod_trezorcrypto_Sha3_512_digest);

embed/extmod/modtrezorcrypto/modtrezorcrypto-sha512.h

@@ -75,7 +75,7 @@ STATIC mp_obj_t mod_trezorcrypto_Sha512_digest(mp_obj_t self) {
     SHA512_CTX ctx;
     memcpy(&ctx, &(o->ctx), sizeof(SHA512_CTX));
     sha512_Final(&ctx, out);
-    memset(&ctx, 0, sizeof(SHA512_CTX));
+    memzero(&ctx, sizeof(SHA512_CTX));
     return mp_obj_new_bytes(out, sizeof(out));
 }
 STATIC MP_DEFINE_CONST_FUN_OBJ_1(mod_trezorcrypto_Sha512_digest_obj, mod_trezorcrypto_Sha512_digest);

embed/extmod/modtrezorui/display.c

@@ -40,6 +40,8 @@
 #include <string.h>
 #include <stdarg.h>
 
+#include "memzero.h"
+
 static int DISPLAY_BACKLIGHT = -1;
 static int DISPLAY_ORIENTATION = -1;
 
@@ -422,7 +424,7 @@ void display_print(const char *text, int textlen)
             for (int j = 0; j < DISPLAY_PRINT_ROWS - 1; j++) {
                 memcpy(display_print_buf[j], display_print_buf[j + 1], DISPLAY_PRINT_COLS);
             }
-            memset(display_print_buf[DISPLAY_PRINT_ROWS - 1], 0x00, DISPLAY_PRINT_COLS);
+            memzero(display_print_buf[DISPLAY_PRINT_ROWS - 1], DISPLAY_PRINT_COLS);
             row = DISPLAY_PRINT_ROWS - 1;
         }
 

embed/prodtest/main.c

@@ -34,6 +34,8 @@
 #include "touch.h"
 #include "usb.h"
 
+#include "memzero.h"
+
 enum { VCP_IFACE = 0x00 };
 
 static void vcp_intr(void)
@@ -298,7 +300,7 @@ static void test_sbu(const char *args)
 static void test_otp_read(void)
 {
     uint8_t data[32];
-    memset(data, 0, sizeof(data));
+    memzero(data, sizeof(data));
     ensure(flash_otp_read(0, 0, data, sizeof(data)), NULL);
 
     // strip trailing 0xFF
@@ -320,7 +322,7 @@ static void test_otp_read(void)
 static void test_otp_write(const char *args)
 {
     char data[32];
-    memset(data, 0, sizeof(data));
+    memzero(data, sizeof(data));
     strncpy(data, args, sizeof(data) - 1);
     ensure(flash_otp_write(0, 0, (const uint8_t *) data, sizeof(data)), NULL);
     ensure(flash_otp_lock(0), NULL);

embed/unix/usb.c

@@ -28,6 +28,8 @@
 #include "usb.h"
 #include "touch.h"
 
+#include "memzero.h"
+
 void __attribute__((noreturn)) __fatal_error(const char *expr, const char *msg, const char *file, int line, const char *func);
 
 #define ensure(expr, msg) (((expr) == sectrue) ? (void)0 : __fatal_error(#expr, msg, __FILE__, __LINE__, __func__))
@@ -51,8 +53,8 @@ void usb_init(const usb_dev_info_t *dev_info) {
     for (int i = 0; i < USBD_MAX_NUM_INTERFACES; i++) {
         usb_ifaces[i].type = USB_IFACE_TYPE_DISABLED;
         usb_ifaces[i].sock = -1;
-        memset(&usb_ifaces[i].si_me, 0, sizeof(struct sockaddr_in));
-        memset(&usb_ifaces[i].si_other, 0, sizeof(struct sockaddr_in));
+        memzero(&usb_ifaces[i].si_me, sizeof(struct sockaddr_in));
+        memzero(&usb_ifaces[i].si_other, sizeof(struct sockaddr_in));
         usb_ifaces[i].slen = 0;
     }
 }

vendor/trezor-crypto

@@ -1 +1 @@
-Subproject commit b9e8adc16091f8ec162f40111d8fb6339381f0d9
+Subproject commit c316e775a2152db255ace96b6b65ac0f20525ec0