From 0e4aa233ba1d1eaad863960153c48280f44c64ed Mon Sep 17 00:00:00 2001
From: Sean Parkinson <sparkinson@secure-crypto.org>
Date: Thu, 10 Nov 2016 15:18:05 +1000
Subject: [PATCH] Use ForceZero in all implementations of Transform

---
 wolfcrypt/src/sha512.c | 17 ++++++-----------
 1 file changed, 6 insertions(+), 11 deletions(-)

diff --git a/wolfcrypt/src/sha512.c b/wolfcrypt/src/sha512.c
index 558b42609..4cf2ad3d9 100644
--- a/wolfcrypt/src/sha512.c
+++ b/wolfcrypt/src/sha512.c
@@ -481,13 +481,8 @@ static int _Transform(Sha512* sha512)
     sha512->digest[7] += h(0);
 
     /* Wipe variables */
-#ifdef SHA512_FORCE_ZERO
     ForceZero(W, sizeof(word64) * 16);
     ForceZero(T, sizeof(T));
-#else
-    XMEMSET(W, 0, sizeof(word64) * 16);
-    XMEMSET(T, 0, sizeof(T));
-#endif
 
 #ifdef WOLFSSL_SMALL_STACK
     XFREE(W, NULL, DYNAMIC_TYPE_TMP_BUFFER);
@@ -1043,9 +1038,9 @@ static int Transform_AVX1(Sha512* sha512)
 
     /* Wipe variables */
     #if !defined(HAVE_INTEL_AVX1)&&!defined(HAVE_INTEL_AVX2)
-    XMEMSET(W_X, 0, sizeof(word64) * 16);
+    ForceZero(W_X, 0, sizeof(word64) * 16);
     #endif
-    XMEMSET(T, 0, sizeof(T));
+    ForceZero(T, 0, sizeof(T));
 
     return 0;
 }
@@ -1114,9 +1109,9 @@ static int Transform_AVX1_RORX(Sha512* sha512)
 
     /* Wipe variables */
     #if !defined(HAVE_INTEL_AVX1)&&!defined(HAVE_INTEL_AVX2)
-    XMEMSET(W_X, 0, sizeof(word64) * 16);
+    ForceZero(W_X, 0, sizeof(word64) * 16);
     #endif
-    XMEMSET(T, 0, sizeof(T));
+    ForceZero(T, 0, sizeof(T));
 
     return 0;
 }
@@ -1294,9 +1289,9 @@ static int Transform_AVX2(Sha512* sha512)
 
     /* Wipe variables */
     #if !defined(HAVE_INTEL_AVX1)&&!defined(HAVE_INTEL_AVX2)
-    XMEMSET(W, 0, sizeof(word64) * 16);
+    ForceZero(W, 0, sizeof(word64) * 16);
     #endif
-    XMEMSET(T, 0, sizeof(T));
+    ForceZero(T, 0, sizeof(T));
 
     return 0;
 }