Improve documentation of memory_cleanse()

So far, the documentation of memory_cleanse() is a verbatim copy of the commit message in BoringSSL, where this code was originally written. However, our code evolved since then, and the commit message is not particularly helpful in the code but is rather of historical interested in BoringSSL only. This commit improves improves the comments around memory_cleanse() and gives a better rationale for the method that we use. This commit touches only comments.
author: Tim Ruffing <crypto@timruffing.de> 2019-06-05 22:44:04 +0200
committer: Tim Ruffing <crypto@timruffing.de> 2019-07-01 12:59:44 +0200
commit: f53a70ce95231d34bb14cd6c58503927e8d7ff59 (patch)
tree: af5c68ab680b2d94c3468bc49c55b7b99dc2eb86 /src/support/cleanse.h
parent: cac30a436cab3641bba3b774d3d3ddbc426e7908 (diff)
1 files changed, 2 insertions, 1 deletions
diff --git a/src/support/cleanse.h b/src/support/cleanse.h
index 5298214e44..b03520315d 100644
--- a/src/support/cleanse.h
+++ b/src/support/cleanse.h
@@ -8,7 +8,8 @@
 
 #include <stdlib.h>
 
-// Attempt to overwrite data in the specified memory span.
+/** Secure overwrite a buffer (possibly containing secret data) with zero-bytes. The write
+ * operation will not be optimized out by the compiler. */
 void memory_cleanse(void *ptr, size_t len);
 
 #endif // BITCOIN_SUPPORT_CLEANSE_H
author	Tim Ruffing <crypto@timruffing.de>	2019-06-05 22:44:04 +0200
committer	Tim Ruffing <crypto@timruffing.de>	2019-07-01 12:59:44 +0200
commit	f53a70ce95231d34bb14cd6c58503927e8d7ff59 (patch)
tree	af5c68ab680b2d94c3468bc49c55b7b99dc2eb86 /src/support/cleanse.h
parent	cac30a436cab3641bba3b774d3d3ddbc426e7908 (diff)