diff options
author | Rich Salz <rsalz@akamai.com> | 2015-04-24 16:39:40 -0400 |
---|---|---|
committer | Rich Salz <rsalz@openssl.org> | 2015-06-23 17:09:35 -0400 |
commit | 74924dcb3802640d7e2ae2e80ca6515d0a53de7a (patch) | |
tree | 6de4138b01d5f649bdaa32d858bd5fa20e9ad4b6 /test/secmemtest.c | |
parent | ce7e647bc2c328404b1e3cdac6211773afdefe07 (diff) |
More secure storage of key material.
Add secure heap for storage of private keys (when possible).
Add BIO_s_secmem(), CBIGNUM, etc.
Add BIO_CTX_secure_new so all BIGNUM's in the context are secure.
Contributed by Akamai Technologies under the Corporate CLA.
Reviewed-by: Richard Levitte <levitte@openssl.org>
Diffstat (limited to 'test/secmemtest.c')
-rw-r--r-- | test/secmemtest.c | 34 |
1 files changed, 34 insertions, 0 deletions
diff --git a/test/secmemtest.c b/test/secmemtest.c new file mode 100644 index 0000000000..0ec3b92571 --- /dev/null +++ b/test/secmemtest.c @@ -0,0 +1,34 @@ + +#include <openssl/crypto.h> + +int main(int argc, char **argv) +{ +#if defined(OPENSSL_SYS_LINUX) || defined(OPENSSL_SYS_UNIX) + char *p = NULL, *q = NULL; + + if (!CRYPTO_secure_malloc_init(4096, 32)) { + perror("failed"); + return 1; + } + p = OPENSSL_secure_malloc(20); + if (!CRYPTO_secure_allocated(p)) { + perror("failed 1"); + return 1; + } + q = OPENSSL_malloc(20); + if (CRYPTO_secure_allocated(q)) { + perror("failed 1"); + return 1; + } + CRYPTO_secure_free(p); + CRYPTO_free(q); + CRYPTO_secure_malloc_done(); +#else + /* Should fail. */ + if (CRYPTO_secure_malloc_init(4096, 32)) { + perror("failed"); + return 1; + } +#endif + return 0; +} |