diff options
author | Rich Salz <rsalz@akamai.com> | 2015-04-24 16:39:40 -0400 |
---|---|---|
committer | Rich Salz <rsalz@openssl.org> | 2015-06-23 17:09:35 -0400 |
commit | 74924dcb3802640d7e2ae2e80ca6515d0a53de7a (patch) | |
tree | 6de4138b01d5f649bdaa32d858bd5fa20e9ad4b6 /crypto/bn/bn_lib.c | |
parent | ce7e647bc2c328404b1e3cdac6211773afdefe07 (diff) |
More secure storage of key material.
Add secure heap for storage of private keys (when possible).
Add BIO_s_secmem(), CBIGNUM, etc.
Add BIO_CTX_secure_new so all BIGNUM's in the context are secure.
Contributed by Akamai Technologies under the Corporate CLA.
Reviewed-by: Richard Levitte <levitte@openssl.org>
Diffstat (limited to 'crypto/bn/bn_lib.c')
-rw-r--r-- | crypto/bn/bn_lib.c | 37 |
1 files changed, 31 insertions, 6 deletions
diff --git a/crypto/bn/bn_lib.c b/crypto/bn/bn_lib.c index 4dabe26b10..b5f827a36c 100644 --- a/crypto/bn/bn_lib.c +++ b/crypto/bn/bn_lib.c @@ -232,8 +232,12 @@ void BN_clear_free(BIGNUM *a) bn_check_top(a); if (a->d != NULL) { OPENSSL_cleanse(a->d, a->dmax * sizeof(a->d[0])); - if (!(BN_get_flags(a, BN_FLG_STATIC_DATA))) - OPENSSL_free(a->d); + if (!(BN_get_flags(a, BN_FLG_STATIC_DATA))) { + if (BN_get_flags(a,BN_FLG_SECURE)) + OPENSSL_secure_free(a->d); + else + OPENSSL_free(a->d); + } } i = BN_get_flags(a, BN_FLG_MALLOCED); OPENSSL_cleanse(a, sizeof(BIGNUM)); @@ -247,7 +251,12 @@ void BN_free(BIGNUM *a) return; bn_check_top(a); if (!BN_get_flags(a, BN_FLG_STATIC_DATA)) - OPENSSL_free(a->d); + if ((a->d != NULL) && !(BN_get_flags(a, BN_FLG_STATIC_DATA))) { + if (BN_get_flags(a, BN_FLG_SECURE)) + OPENSSL_secure_free(a->d); + else + OPENSSL_free(a->d); + } if (a->flags & BN_FLG_MALLOCED) OPENSSL_free(a); else { @@ -281,6 +290,14 @@ BIGNUM *BN_new(void) return (ret); } + BIGNUM *BN_secure_new(void) + { + BIGNUM *ret = BN_new(); + if (ret) + ret->flags |= BN_FLG_SECURE; + return (ret); + } + /* This is used both by bn_expand2() and bn_dup_expand() */ /* The caller MUST check that words > b->dmax before calling this */ static BN_ULONG *bn_expand_internal(const BIGNUM *b, int words) @@ -299,7 +316,10 @@ static BN_ULONG *bn_expand_internal(const BIGNUM *b, int words) BNerr(BN_F_BN_EXPAND_INTERNAL, BN_R_EXPAND_ON_STATIC_BIGNUM_DATA); return (NULL); } - a = A = OPENSSL_malloc(sizeof(*a) * words); + if (BN_get_flags(b,BN_FLG_SECURE)) + a = A = OPENSSL_secure_malloc(words * sizeof(*a)); + else + a = A = OPENSSL_malloc(words * sizeof(*a)); if (A == NULL) { BNerr(BN_F_BN_EXPAND_INTERNAL, ERR_R_MALLOC_FAILURE); return (NULL); @@ -378,7 +398,12 @@ BIGNUM *bn_expand2(BIGNUM *b, int words) BN_ULONG *a = bn_expand_internal(b, words); if (!a) return NULL; - OPENSSL_free(b->d); + if (b->d) { + if (BN_get_flags(b,BN_FLG_SECURE)) + OPENSSL_secure_free(b->d); + else + OPENSSL_free(b->d); + } b->d = a; b->dmax = words; } @@ -395,7 +420,7 @@ BIGNUM *BN_dup(const BIGNUM *a) return NULL; bn_check_top(a); - t = BN_new(); + t = BN_get_flags(a, BN_FLG_SECURE) ? BN_secure_new() : BN_new(); if (t == NULL) return NULL; if (!BN_copy(t, a)) { |