From 42219a327ad7b1cc2ea16b864de17f194bb97e9f Mon Sep 17 00:00:00 2001
From: Jacob Barthelmeh <jacob@wolfssl.com>
Date: Thu, 4 Feb 2016 10:31:05 -0700
Subject: [PATCH] refactor ForceZero of memory to gain performance

---
 wolfcrypt/src/tfm.c     | 9 ++++++++-
 wolfssl/wolfcrypt/tfm.h | 4 +++-
 2 files changed, 11 insertions(+), 2 deletions(-)

diff --git a/wolfcrypt/src/tfm.c b/wolfcrypt/src/tfm.c
index 11666c19a..a0d3ec830 100644
--- a/wolfcrypt/src/tfm.c
+++ b/wolfcrypt/src/tfm.c
@@ -2033,6 +2033,13 @@ void fp_init(fp_int *a)
 }
 
 void fp_zero(fp_int *a)
+{
+    a->used = 0;
+    a->sign = FP_ZPOS;
+    XMEMSET(a->dp, 0, a->size * sizeof(fp_digit));
+}
+
+void fp_clear(fp_int *a)
 {
     a->used = 0;
     a->sign = FP_ZPOS;
@@ -2044,7 +2051,7 @@ void fp_zero(fp_int *a)
 /* clear one (frees)  */
 void mp_clear (mp_int * a)
 {
-  fp_zero(a);
+    fp_clear(a);
 }
 
 /* handle up to 6 inits */
diff --git a/wolfssl/wolfcrypt/tfm.h b/wolfssl/wolfcrypt/tfm.h
index 55bfc1712..f714bcfbe 100644
--- a/wolfssl/wolfcrypt/tfm.h
+++ b/wolfssl/wolfcrypt/tfm.h
@@ -368,9 +368,11 @@ typedef struct {
 #ifdef ALT_ECC_SIZE
     void fp_init(fp_int *a);
     void fp_zero(fp_int *a);
+    void fp_clear(fp_int *a); /* uses ForceZero to clear sensitive memory */
 #else
     #define fp_init(a)  (void)XMEMSET((a), 0, sizeof(fp_int))
-    #define fp_zero(a)  ForceZero((a), sizeof(fp_int))
+    #define fp_zero(a)  fp_init(a)
+    #define fp_clear(a) ForceZero((a), sizeof(fp_int));
 #endif
 
 /* zero/even/odd ? */