NAME

       cl_clear_secret - Overwrite secret data in memory with libcanlock

SYNOPSIS

       #include <libcanlock-3/canlock.h>

       int cl_clear_secret(void *sec, size_t sec_size,
                           size_t buf_size);

DESCRIPTION

       The cl_clear_secret() function tries to overwrite sec_size bytes of memory starting at the
       address specified by the sec parameter.

       The size buf_size must be set to the size of the whole buffer.

       If the operating system provides  memset_s(),  it  is  called  with  both  length  values.
       Otherwise nonportable functions like explicit_memset() are used if available.
       If  neither  memset_s()  nor a nonportable replacement is available, a call to memset() is
       used instead, but the compiler maybe optimize this attempt to NOP.  A  positive  value  is
       returned as warning.

RETURN VALUE

       Upon successful completion zero is returned.
       Negative values indicate an error.
       Positive values indicate a warning.

       The  value  -1  is  returned  if  the parameter sec is NULL or if sec_size is greater than
       buf_size.

       The value 1 indicates missing support  for  explicit  memory  access  from  the  operating
       system.

AUTHORS

       Michael Baeuerle

REPORTING BUGS

       Report bugs to <mailto:michael.baeuerle@gmx.net>.

STANDARDS

       libcanlock tries to comply with the following standards:

       RFC 5537, RFC 6234, RFC 8315

SEE ALSO

       cl_get_key(3),  cl_get_lock(3), cl_split(3), cl_verify(3), cl_verify_multi(3), canlock(1),
       memset(3), memset_s(3)