Changes between 0.9.6g and 0.9.6h [xx XXX xxxx]
+ *) New function OPENSSL_cleanse(), which is used to cleanse a section of
+ memory from it's contents. This is done with a counter that will
+ place alternating values in each byte. This can be used to solve
+ two issues: 1) the removal of calls to memset() by highly optimizing
+ compilers, and 2) cleansing with other values than 0, since those can
+ be read through on certain media, for example a swap space on disk.
+ [Geoff Thorpe]
+
+ *) Bugfix: client side session caching did not work with external caching,
+ because the session->cipher setting was not restored when reloading
+ from the external cache. This problem was masked, when
+ SSL_OP_NETSCAPE_REUSE_CIPHER_CHANGE_BUG (part of SSL_OP_ALL) was set.
+ (Found by Steve Haslam <steve@araqnid.ddts.net>.)
+ [Lutz Jaenicke]
+
*) Fix client_certificate (ssl/s2_clnt.c): The permissible total
length of the REQUEST-CERTIFICATE message is 18 .. 34, not 17 .. 33.
[Zeev Lieber <zeev-l@yahoo.com>]
OpenSSL STATUS Last modified at
- ______________ $Date: 2002/08/09 11:49:13 $
+ ______________ $Date: 2002/11/28 12:26:04 $
DEVELOPMENT STATE
RELEASE SHOWSTOPPERS
+ o [2002-11-21]
+ PR 343 mentions that scrubbing memory with 'memset(ptr, 0, n)' may
+ be optimized away in modern compilers. This is definitely not good
+ and needs to be fixed immediately. The formula to use is presented
+ in:
+
+ http://online.securityfocus.com/archive/82/297918/2002-10-27/2002-11-02/0
+
+ The problem report that mentions this is:
+
+ https://www.aet.TU-Cottbus.DE/rt2/Ticket/Display.html?id=343
+
AVAILABLE PATCHES
o
*** Cygwin
$cc = gcc
-$cflags = -DTERMIOS -DL_ENDIAN -fomit-frame-pointer -O2 -march=486 -Wall
+$cflags = -DTERMIOS -DL_ENDIAN -fomit-frame-pointer -O2 -march=i486 -Wall
$unistd =
$thread_cflag =
$lflags =
goto err;
}
pkey=PEM_read_bio_PrivateKey(in,NULL,NULL,key);
- if(key) memset(key,0,strlen(key));
+ if(key) OPENSSL_cleanse(key,strlen(key));
if (pkey == NULL)
{
BIO_printf(bio_err,"unable to load CA private key\n");
end:
if (buf != NULL)
{
- memset(buf,0,BUFSIZE);
+ OPENSSL_cleanse(buf,BUFSIZE);
OPENSSL_free(buf);
}
if (in != NULL) BIO_free(in);
* bug picked up by
* Larry J. Hughes Jr. <hughes@indiana.edu> */
if (str == strbuf)
- memset(str,0,SIZE);
+ OPENSSL_cleanse(str,SIZE);
else
- memset(str,0,strlen(str));
+ OPENSSL_cleanse(str,strlen(str));
}
if ((hiv != NULL) && !set_hex(hiv,iv,8))
{
if (con != NULL) SSL_free(con);
if (con2 != NULL) SSL_free(con2);
if (ctx != NULL) SSL_CTX_free(ctx);
- if (cbuf != NULL) { memset(cbuf,0,BUFSIZZ); OPENSSL_free(cbuf); }
- if (sbuf != NULL) { memset(sbuf,0,BUFSIZZ); OPENSSL_free(sbuf); }
+ if (cbuf != NULL) { OPENSSL_cleanse(cbuf,BUFSIZZ); OPENSSL_free(cbuf); }
+ if (sbuf != NULL) { OPENSSL_cleanse(sbuf,BUFSIZZ); OPENSSL_free(sbuf); }
if (bio_c_out != NULL)
{
BIO_free(bio_c_out);
BIO_printf(bio_s_out,"CONNECTION CLOSED\n");
if (buf != NULL)
{
- memset(buf,0,bufsize);
+ OPENSSL_cleanse(buf,bufsize);
OPENSSL_free(buf);
}
if (ret >= 0)
GENERAL=Makefile README crypto-lib.com install.com
LIB= $(TOP)/libcrypto.a
-LIBSRC= cryptlib.c mem.c mem_dbg.c cversion.c ex_data.c tmdiff.c cpt_err.c ebcdic.c uid.c
-LIBOBJ= cryptlib.o mem.o mem_dbg.o cversion.o ex_data.o tmdiff.o cpt_err.o ebcdic.o uid.o
+LIBSRC= cryptlib.c mem.c mem_clr.c mem_dbg.c cversion.c ex_data.c tmdiff.c cpt_err.c ebcdic.c uid.c
+LIBOBJ= cryptlib.o mem.o mem_clr.o mem_dbg.o cversion.o ex_data.o tmdiff.o cpt_err.o ebcdic.o uid.o
SRC= $(LIBSRC)
mem.o: ../include/openssl/lhash.h ../include/openssl/opensslconf.h
mem.o: ../include/openssl/opensslv.h ../include/openssl/safestack.h
mem.o: ../include/openssl/stack.h ../include/openssl/symhacks.h cryptlib.h
+mem_clr.o: ../include/openssl/crypto.h ../include/openssl/opensslv.h
+mem_clr.o: ../include/openssl/safestack.h ../include/openssl/stack.h
+mem_clr.o: ../include/openssl/symhacks.h
mem_dbg.o: ../include/openssl/bio.h ../include/openssl/buffer.h
mem_dbg.o: ../include/openssl/crypto.h ../include/openssl/e_os.h
mem_dbg.o: ../include/openssl/e_os2.h ../include/openssl/err.h
signature->flags&= ~(ASN1_STRING_FLAG_BITS_LEFT|0x07);
signature->flags|=ASN1_STRING_FLAG_BITS_LEFT;
err:
- memset(&ctx,0,sizeof(ctx));
+ OPENSSL_cleanse(&ctx,sizeof(ctx));
if (buf_in != NULL)
- { memset((char *)buf_in,0,(unsigned int)inl); OPENSSL_free(buf_in); }
+ { OPENSSL_cleanse((char *)buf_in,(unsigned int)inl); OPENSSL_free(buf_in); }
if (buf_out != NULL)
- { memset((char *)buf_out,0,outll); OPENSSL_free(buf_out); }
+ { OPENSSL_cleanse((char *)buf_out,outll); OPENSSL_free(buf_out); }
return(outl);
}
EVP_VerifyInit(&ctx,type);
EVP_VerifyUpdate(&ctx,(unsigned char *)buf_in,inl);
- memset(buf_in,0,(unsigned int)inl);
+ OPENSSL_cleanse(buf_in,(unsigned int)inl);
OPENSSL_free(buf_in);
if (EVP_VerifyFinal(&ctx,(unsigned char *)signature->data,
}
EVP_BytesToKey(EVP_rc4(),EVP_md5(),NULL,buf,i,1,key,NULL);
- memset(buf,0,256);
+ OPENSSL_cleanse(buf,256);
EVP_CIPHER_CTX_init(&ctx);
EVP_EncryptInit(&ctx,EVP_rc4(),key,NULL);
}
EVP_BytesToKey(EVP_rc4(),EVP_md5(),NULL,buf,i,1,key,NULL);
- memset(buf,0,256);
+ OPENSSL_cleanse(buf,256);
EVP_CIPHER_CTX_init(&ctx);
EVP_DecryptInit(&ctx,EVP_rc4(),key,NULL);
X509_ALGOR_free(a->pkeyalg);
/* Clear sensitive data */
if (a->pkey->value.octet_string)
- memset (a->pkey->value.octet_string->data,
- 0, a->pkey->value.octet_string->length);
+ OPENSSL_cleanse(a->pkey->value.octet_string->data,
+ a->pkey->value.octet_string->length);
ASN1_TYPE_free (a->pkey);
sk_X509_ATTRIBUTE_pop_free (a->attributes, X509_ATTRIBUTE_free);
OPENSSL_free (a);
$ APPS_DES = "DES/DES,CBC3_ENC"
$ APPS_PKCS7 = "ENC/ENC;DEC/DEC;SIGN/SIGN;VERIFY/VERIFY,EXAMPLE"
$
-$ LIB_ = "cryptlib,mem,mem_dbg,cversion,ex_data,tmdiff,cpt_err,ebcdic,uid"
+$ LIB_ = "cryptlib,mem,mem_clr,mem_dbg,cversion,ex_data,tmdiff,cpt_err,ebcdic,uid"
$ LIB_MD2 = "md2_dgst,md2_one"
$ LIB_MD4 = "md4_dgst,md4_one"
$ LIB_MD5 = "md5_dgst,md5_one"
void *CRYPTO_realloc(void *addr,int num, const char *file, int line);
void *CRYPTO_remalloc(void *addr,int num, const char *file, int line);
+void OPENSSL_cleanse(void *ptr, size_t len);
+
void CRYPTO_set_mem_debug_options(long bits);
long CRYPTO_get_mem_debug_options(void);
k2[i-8]=k;
}
des_set_key_unchecked(&k2,ks2);
- memset(k2,0,sizeof(k2));
+ OPENSSL_cleanse(k2,sizeof(k2));
}
else if (longk || flag3)
{
{
des_string_to_2keys(key,&kk,&k2);
des_set_key_unchecked(&k2,ks2);
- memset(k2,0,sizeof(k2));
+ OPENSSL_cleanse(k2,sizeof(k2));
}
else
des_string_to_key(key,&kk);
}
des_set_key_unchecked(&kk,ks);
- memset(key,0,sizeof(key));
- memset(kk,0,sizeof(kk));
+ OPENSSL_cleanse(key,sizeof(key));
+ OPENSSL_cleanse(kk,sizeof(kk));
/* woops - A bug that does not showup under unix :-( */
memset(iv,0,sizeof(iv));
memset(iv2,0,sizeof(iv2));
if (l) fclose(CKSUM_OUT);
}
problems:
- memset(buf,0,sizeof(buf));
- memset(obuf,0,sizeof(obuf));
- memset(ks,0,sizeof(ks));
- memset(ks2,0,sizeof(ks2));
- memset(iv,0,sizeof(iv));
- memset(iv2,0,sizeof(iv2));
- memset(kk,0,sizeof(kk));
- memset(k2,0,sizeof(k2));
- memset(uubuf,0,sizeof(uubuf));
- memset(b,0,sizeof(b));
- memset(bb,0,sizeof(bb));
- memset(cksum,0,sizeof(cksum));
+ OPENSSL_cleanse(buf,sizeof(buf));
+ OPENSSL_cleanse(obuf,sizeof(obuf));
+ OPENSSL_cleanse(ks,sizeof(ks));
+ OPENSSL_cleanse(ks2,sizeof(ks2));
+ OPENSSL_cleanse(iv,sizeof(iv));
+ OPENSSL_cleanse(iv2,sizeof(iv2));
+ OPENSSL_cleanse(kk,sizeof(kk));
+ OPENSSL_cleanse(k2,sizeof(k2));
+ OPENSSL_cleanse(uubuf,sizeof(uubuf));
+ OPENSSL_cleanse(b,sizeof(b));
+ OPENSSL_cleanse(bb,sizeof(bb));
+ OPENSSL_cleanse(cksum,sizeof(cksum));
if (Exit) EXIT(Exit);
}
if ((ok=des_read_pw(buf,buff,BUFSIZ,prompt,verify)) == 0)
des_string_to_key(buf,key);
- memset(buf,0,BUFSIZ);
- memset(buff,0,BUFSIZ);
+ OPENSSL_cleanse(buf,BUFSIZ);
+ OPENSSL_cleanse(buff,BUFSIZ);
return(ok);
}
if ((ok=des_read_pw(buf,buff,BUFSIZ,prompt,verify)) == 0)
des_string_to_2keys(buf,key1,key2);
- memset(buf,0,BUFSIZ);
- memset(buff,0,BUFSIZ);
+ OPENSSL_cleanse(buf,BUFSIZ);
+ OPENSSL_cleanse(buff,BUFSIZ);
return(ok);
}
int ret;
ret=des_read_pw(buf,buff,(length>BUFSIZ)?BUFSIZ:length,prompt,verify);
- memset(buff,0,BUFSIZ);
+ OPENSSL_cleanse(buff,BUFSIZ);
return(ret);
}
des_set_odd_parity(key);
des_set_key_unchecked(key,ks);
des_cbc_cksum((const unsigned char*)str,key,length,ks,key);
- memset(ks,0,sizeof(ks));
+ OPENSSL_cleanse(ks,sizeof(ks));
des_set_odd_parity(key);
}
des_cbc_cksum((const unsigned char*)str,key1,length,ks,key1);
des_set_key_unchecked(key2,ks);
des_cbc_cksum((const unsigned char*)str,key2,length,ks,key2);
- memset(ks,0,sizeof(ks));
+ OPENSSL_cleanse(ks,sizeof(ks));
des_set_odd_parity(key1);
des_set_odd_parity(key2);
}
err:
if (buf)
{
- memset(buf,0,tlen);
+ OPENSSL_cleanse(buf,tlen);
OPENSSL_free(buf);
}
return ret;
if (a == NULL) return(0);
b=(BIO_ENC_CTX *)a->ptr;
EVP_CIPHER_CTX_cleanup(&(b->cipher));
- memset(a->ptr,0,sizeof(BIO_ENC_CTX));
+ OPENSSL_cleanse(a->ptr,sizeof(BIO_ENC_CTX));
OPENSSL_free(a->ptr);
a->ptr=NULL;
a->init=0;
static int ok_free(BIO *a)
{
if (a == NULL) return(0);
- memset(a->ptr,0,sizeof(BIO_OK_CTX));
+ OPENSSL_cleanse(a->ptr,sizeof(BIO_OK_CTX));
OPENSSL_free(a->ptr);
a->ptr=NULL;
a->init=0;
idea_set_encrypt_key(key,&tmp);
idea_set_decrypt_key(&tmp,&(ctx->c.idea_ks));
- memset((unsigned char *)&tmp,0,
+ OPENSSL_cleanse((unsigned char *)&tmp,
sizeof(IDEA_KEY_SCHEDULE));
}
return 1;
}
if ((nkey == 0) && (niv == 0)) break;
}
- memset(&c,0,sizeof(c));
- memset(&(md_buf[0]),0,EVP_MAX_MD_SIZE);
+ OPENSSL_cleanse(&c,sizeof(c));
+ OPENSSL_cleanse(&(md_buf[0]),EVP_MAX_MD_SIZE);
return(type->key_len);
}
memcpy (iv, md_tmp + (16 - EVP_CIPHER_iv_length(cipher)),
EVP_CIPHER_iv_length(cipher));
EVP_CipherInit(cctx, cipher, key, iv, en_de);
- memset(md_tmp, 0, EVP_MAX_MD_SIZE);
- memset(key, 0, EVP_MAX_KEY_LENGTH);
- memset(iv, 0, EVP_MAX_IV_LENGTH);
+ OPENSSL_cleanse(md_tmp, EVP_MAX_MD_SIZE);
+ OPENSSL_cleanse(key, EVP_MAX_KEY_LENGTH);
+ OPENSSL_cleanse(iv, EVP_MAX_IV_LENGTH);
return 1;
}
iter = ASN1_INTEGER_get(kdf->iter);
PKCS5_PBKDF2_HMAC_SHA1(pass, passlen, salt, saltlen, iter, keylen, key);
EVP_CipherInit(ctx, NULL, key, NULL, en_de);
- memset(key, 0, keylen);
+ OPENSSL_cleanse(key, keylen);
PBKDF2PARAM_free(kdf);
return 1;
ret=1;
err:
- if (key != NULL) memset(key,0,size);
+ if (key != NULL) OPENSSL_cleanse(key,size);
OPENSSL_free(key);
return(ret);
}
c->num=0;
/* clear stuff, HASH_BLOCK may be leaving some stuff on the stack
* but I'm not worried :-)
- memset((void *)c,0,sizeof(HASH_CTX));
+ OPENSSL_cleanse((void *)c,sizeof(HASH_CTX));
*/
}
void *CRYPTO_malloc_locked(int num, const char *file, int line)
{
void *ret = NULL;
+ extern unsigned char cleanse_ctr;
allow_customize = 0;
if (malloc_debug_func != NULL)
if (malloc_debug_func != NULL)
malloc_debug_func(ret, num, file, line, 1);
+ /* Create a dependency on the value of 'cleanse_ctr' so our memory
+ * sanitisation function can't be optimised out. NB: We only do
+ * this for >2Kb so the overhead doesn't bother us. */
+ if(ret && (num > 2048))
+ ((unsigned char *)ret)[0] = cleanse_ctr;
+
return ret;
}
void *CRYPTO_malloc(int num, const char *file, int line)
{
void *ret = NULL;
+ extern unsigned char cleanse_ctr;
allow_customize = 0;
if (malloc_debug_func != NULL)
if (malloc_debug_func != NULL)
malloc_debug_func(ret, num, file, line, 1);
+ /* Create a dependency on the value of 'cleanse_ctr' so our memory
+ * sanitisation function can't be optimised out. NB: We only do
+ * this for >2Kb so the overhead doesn't bother us. */
+ if(ret && (num > 2048))
+ ((unsigned char *)ret)[0] = cleanse_ctr;
+
return ret;
}
ret=1;
err:
- memset((char *)&ctx,0,sizeof(ctx));
- memset(buf,0,PEM_BUFSIZE);
+ OPENSSL_cleanse((char *)&ctx,sizeof(ctx));
+ OPENSSL_cleanse(buf,PEM_BUFSIZE);
return(ret);
}
i=PEM_write_bio(bp,name,buf,data,i);
if (i <= 0) ret=0;
err:
- memset(key,0,sizeof(key));
- memset(iv,0,sizeof(iv));
- memset((char *)&ctx,0,sizeof(ctx));
- memset(buf,0,PEM_BUFSIZE);
+ OPENSSL_cleanse(key,sizeof(key));
+ OPENSSL_cleanse(iv,sizeof(iv));
+ OPENSSL_cleanse((char *)&ctx,sizeof(ctx));
+ OPENSSL_cleanse(buf,PEM_BUFSIZE);
if (data != NULL)
{
- memset(data,0,(unsigned int)dsize);
+ OPENSSL_cleanse(data,(unsigned int)dsize);
OPENSSL_free(data);
}
return(ret);
EVP_DecryptUpdate(&ctx,data,&i,data,j);
o=EVP_DecryptFinal(&ctx,&(data[i]),&j);
EVP_CIPHER_CTX_cleanup(&ctx);
- memset((char *)buf,0,sizeof(buf));
- memset((char *)key,0,sizeof(key));
+ OPENSSL_cleanse((char *)buf,sizeof(buf));
+ OPENSSL_cleanse((char *)key,sizeof(key));
j+=i;
if (!o)
{
ret=npubk;
err:
if (s != NULL) OPENSSL_free(s);
- memset(key,0,EVP_MAX_KEY_LENGTH);
+ OPENSSL_cleanse(key,EVP_MAX_KEY_LENGTH);
return(ret);
}
}
PBEPARAM_free(pbe);
EVP_CipherInit(ctx, cipher, key, iv, en_de);
- memset(key, 0, EVP_MAX_KEY_LENGTH);
- memset(iv, 0, EVP_MAX_IV_LENGTH);
+ OPENSSL_cleanse(key, EVP_MAX_KEY_LENGTH);
+ OPENSSL_cleanse(iv, EVP_MAX_IV_LENGTH);
return 1;
}
if (seq & 1) ret = (char *) d2i_ASN1_SET(NULL, &p, outlen, d2i,
free_func, V_ASN1_SEQUENCE, V_ASN1_UNIVERSAL);
else ret = d2i(NULL, &p, outlen);
- if (seq & 2) memset(out, 0, outlen);
+ if (seq & 2) OPENSSL_cleanse(out, outlen);
if(!ret) PKCS12err(PKCS12_F_PKCS12_DECRYPT_D2I,PKCS12_R_DECODE_ERROR);
OPENSSL_free (out);
return ret;
ret = PKCS12_key_gen_uni(unipass, uniplen, salt, saltlen,
id, iter, n, out, md_type);
if(unipass) {
- memset(unipass, 0, uniplen); /* Clear password from memory */
+ OPENSSL_cleanse(unipass, uniplen); /* Clear password from memory */
OPENSSL_free(unipass);
}
return ret;
if (a == NULL) return(0);
b=(BIO_BER_CTX *)a->ptr;
- memset(a->ptr,0,sizeof(BIO_BER_CTX));
+ OPENSSL_cleanse(a->ptr,sizeof(BIO_BER_CTX));
OPENSSL_free(a->ptr);
a->ptr=NULL;
a->init=0;
M_ASN1_OCTET_STRING_set(ri->enc_key,tmp,jj);
}
OPENSSL_free(tmp);
- memset(key, 0, keylen);
+ OPENSSL_cleanse(key, keylen);
if (out == NULL)
out=btmp;
}
EVP_CipherInit(evp_ctx,NULL,tmp,NULL,0);
- memset(tmp,0,jj);
+ OPENSSL_cleanse(tmp,jj);
if (out == NULL)
out=etmp;
static void ssleay_rand_cleanup(void)
{
- memset(state,0,sizeof(state));
+ OPENSSL_cleanse(state,sizeof(state));
state_num=0;
state_index=0;
- memset(md,0,MD_DIGEST_LENGTH);
+ OPENSSL_cleanse(md,MD_DIGEST_LENGTH);
md_count[0]=0;
md_count[1]=0;
entropy=0;
}
}
fclose(in);
- memset(buf,0,BUFSIZE);
+ OPENSSL_cleanse(buf,BUFSIZE);
err:
return(ret);
}
#endif /* VMS */
fclose(out);
- memset(buf,0,BUFSIZE);
+ OPENSSL_cleanse(buf,BUFSIZE);
err:
return (rand_err ? -1 : ret);
}
i=EVP_read_pw_string(buf,BUFSIZ,"Enter RC4 password:",0);
if (i != 0)
{
- memset(buf,0,BUFSIZ);
+ OPENSSL_cleanse(buf,BUFSIZ);
fprintf(stderr,"bad password read\n");
exit(1);
}
}
MD5((unsigned char *)keystr,(unsigned long)strlen(keystr),md);
- memset(keystr,0,strlen(keystr));
+ OPENSSL_cleanse(keystr,strlen(keystr));
RC4_set_key(&key,MD5_DIGEST_LENGTH,md);
for(;;)
RIPEMD160_Init(&c);
RIPEMD160_Update(&c,d,n);
RIPEMD160_Final(md,&c);
- memset(&c,0,sizeof(c)); /* security consideration */
+ OPENSSL_cleanse(&c,sizeof(c)); /* security consideration */
return(md);
}
#define RSA_NO_PADDING 3
#define RSA_PKCS1_OAEP_PADDING 4
+#define RSA_PKCS1_PADDING_SIZE 11
+
#define RSA_set_app_data(s,arg) RSA_set_ex_data(s,0,arg)
#define RSA_get_app_data(s) RSA_get_ex_data(s,0)
BN_clear_free(&ret);
if (buf != NULL)
{
- memset(buf,0,num);
+ OPENSSL_cleanse(buf,num);
OPENSSL_free(buf);
}
return(r);
BN_clear_free(&f);
if (buf != NULL)
{
- memset(buf,0,num);
+ OPENSSL_cleanse(buf,num);
OPENSSL_free(buf);
}
return(r);
BN_clear_free(&ret);
if (buf != NULL)
{
- memset(buf,0,num);
+ OPENSSL_cleanse(buf,num);
OPENSSL_free(buf);
}
return(r);
BN_clear_free(&ret);
if (buf != NULL)
{
- memset(buf,0,num);
+ OPENSSL_cleanse(buf,num);
OPENSSL_free(buf);
}
return(r);
int j;
unsigned char *p;
- if (flen > (tlen-11))
+ if (flen > (tlen-RSA_PKCS1_PADDING_SIZE))
{
RSAerr(RSA_F_RSA_PADDING_ADD_PKCS1_TYPE_1,RSA_R_DATA_TOO_LARGE_FOR_KEY_SIZE);
return(0);
i=i2d_ASN1_OCTET_STRING(&sig,NULL);
j=RSA_size(rsa);
- if ((i-RSA_PKCS1_PADDING) > j)
+ if (i > (j-RSA_PKCS1_PADDING_SIZE))
{
RSAerr(RSA_F_RSA_SIGN_ASN1_OCTET_STRING,RSA_R_DIGEST_TOO_BIG_FOR_RSA_KEY);
return(0);
else
*siglen=i;
- memset(s,0,(unsigned int)j+1);
+ OPENSSL_cleanse(s,(unsigned int)j+1);
OPENSSL_free(s);
return(ret);
}
ret=1;
err:
if (sig != NULL) M_ASN1_OCTET_STRING_free(sig);
- memset(s,0,(unsigned int)siglen);
+ OPENSSL_cleanse(s,(unsigned int)siglen);
OPENSSL_free(s);
return(ret);
}
i=i2d_X509_SIG(&sig,NULL);
}
j=RSA_size(rsa);
- if ((i-RSA_PKCS1_PADDING) > j)
+ if (i > (j-RSA_PKCS1_PADDING_SIZE))
{
RSAerr(RSA_F_RSA_SIGN,RSA_R_DIGEST_TOO_BIG_FOR_RSA_KEY);
return(0);
*siglen=i;
if(type != NID_md5_sha1) {
- memset(s,0,(unsigned int)j+1);
+ OPENSSL_cleanse(s,(unsigned int)j+1);
OPENSSL_free(s);
}
return(ret);
}
err:
if (sig != NULL) X509_SIG_free(sig);
- memset(s,0,(unsigned int)siglen);
+ OPENSSL_cleanse(s,(unsigned int)siglen);
OPENSSL_free(s);
return(ret);
}
SHA1_Init(&c);
SHA1_Update(&c,d,n);
SHA1_Final(md,&c);
- memset(&c,0,sizeof(c));
+ OPENSSL_cleanse(&c,sizeof(c));
return(md);
}
#endif
SHA_Init(&c);
SHA_Update(&c,d,n);
SHA_Final(md,&c);
- memset(&c,0,sizeof(c));
+ OPENSSL_cleanse(&c,sizeof(c));
return(md);
}
#endif
ctx->chain=NULL;
}
CRYPTO_free_ex_data(x509_store_ctx_method,ctx,&(ctx->ex_data));
- memset(&ctx->ex_data,0,sizeof(CRYPTO_EX_DATA));
+ OPENSSL_cleanse(&ctx->ex_data,sizeof(CRYPTO_EX_DATA));
}
void X509_STORE_CTX_set_flags(X509_STORE_CTX *ctx, long flags)
s2=s->s2;
if (s2->rbuf != NULL) OPENSSL_free(s2->rbuf);
if (s2->wbuf != NULL) OPENSSL_free(s2->wbuf);
- memset(s2,0,sizeof *s2);
+ OPENSSL_cleanse(s2,sizeof *s2);
OPENSSL_free(s2);
s->s2=NULL;
}
goto f_err;
}
+ /* Depending on the session caching (internal/external), the cipher
+ and/or cipher_id values may not be set. Make sure that
+ cipher_id is set and use it for comparison. */
+ if (s->session->cipher)
+ s->session->cipher_id = s->session->cipher->id;
if (s->hit && (s->session->cipher_id != c->id))
{
if (!(s->options &
s->method->ssl3_enc->generate_master_secret(s,
s->session->master_key,
tmp_buf,SSL_MAX_MASTER_KEY_LENGTH);
- memset(tmp_buf,0,SSL_MAX_MASTER_KEY_LENGTH);
+ OPENSSL_cleanse(tmp_buf,SSL_MAX_MASTER_KEY_LENGTH);
}
else
#endif
km+=MD5_DIGEST_LENGTH;
}
- memset(smd,0,SHA_DIGEST_LENGTH);
+ OPENSSL_cleanse(smd,SHA_DIGEST_LENGTH);
}
int ssl3_change_cipher_state(SSL *s, int which)
EVP_CipherInit(dd,c,key,iv,(which & SSL3_CC_WRITE));
- memset(&(exp_key[0]),0,sizeof(exp_key));
- memset(&(exp_iv[0]),0,sizeof(exp_iv));
+ OPENSSL_cleanse(&(exp_key[0]),sizeof(exp_key));
+ OPENSSL_cleanse(&(exp_iv[0]),sizeof(exp_iv));
return(1);
err:
SSLerr(SSL_F_SSL3_CHANGE_CIPHER_STATE,ERR_R_MALLOC_FAILURE);
{
if (s->s3->tmp.key_block != NULL)
{
- memset(s->s3->tmp.key_block,0,
+ OPENSSL_cleanse(s->s3->tmp.key_block,
s->s3->tmp.key_block_length);
OPENSSL_free(s->s3->tmp.key_block);
s->s3->tmp.key_block=NULL;
#endif
if (s->s3->tmp.ca_names != NULL)
sk_X509_NAME_pop_free(s->s3->tmp.ca_names,X509_NAME_free);
- memset(s->s3,0,sizeof *s->s3);
+ OPENSSL_cleanse(s->s3,sizeof *s->s3);
OPENSSL_free(s->s3);
s->s3=NULL;
}
s->session->master_key_length=
s->method->ssl3_enc->generate_master_secret(s,
s->session->master_key,p,i);
- memset(p,0,i);
+ OPENSSL_cleanse(p,i);
}
else
#endif
CRYPTO_free_ex_data(ssl_session_meth,ss,&ss->ex_data);
- memset(ss->key_arg,0,SSL_MAX_KEY_ARG_LENGTH);
- memset(ss->master_key,0,SSL_MAX_MASTER_KEY_LENGTH);
- memset(ss->session_id,0,SSL_MAX_SSL_SESSION_ID_LENGTH);
+ OPENSSL_cleanse(ss->key_arg,SSL_MAX_KEY_ARG_LENGTH);
+ OPENSSL_cleanse(ss->master_key,SSL_MAX_MASTER_KEY_LENGTH);
+ OPENSSL_cleanse(ss->session_id,SSL_MAX_SSL_SESSION_ID_LENGTH);
if (ss->sess_cert != NULL) ssl_sess_cert_free(ss->sess_cert);
if (ss->peer != NULL) X509_free(ss->peer);
if (ss->ciphers != NULL) sk_SSL_CIPHER_free(ss->ciphers);
- memset(ss,0,sizeof(*ss));
+ OPENSSL_cleanse(ss,sizeof(*ss));
OPENSSL_free(ss);
}
verbose = 0;
debug = 0;
cipher = 0;
-
+
+ bio_err=BIO_new_fp(stderr,BIO_NOCLOSE);
+
CRYPTO_mem_ctrl(CRYPTO_MEM_CHECK_ON);
RAND_seed(rnd_seed, sizeof rnd_seed);
- bio_err=BIO_new_fp(stderr,BIO_NOCLOSE);
bio_stdout=BIO_new_fp(stdout,BIO_NOCLOSE);
argc--;
}
HMAC_cleanup(&ctx);
HMAC_cleanup(&ctx_tmp);
- memset(A1,0,sizeof(A1));
+ OPENSSL_cleanse(A1,sizeof(A1));
}
static void tls1_PRF(const EVP_MD *md5, const EVP_MD *sha1,
printf("\n");
#endif
- memset(tmp1,0,sizeof(tmp1));
- memset(tmp2,0,sizeof(tmp1));
- memset(iv1,0,sizeof(iv1));
- memset(iv2,0,sizeof(iv2));
+ OPENSSL_cleanse(tmp1,sizeof(tmp1));
+ OPENSSL_cleanse(tmp2,sizeof(tmp1));
+ OPENSSL_cleanse(iv1,sizeof(iv1));
+ OPENSSL_cleanse(iv2,sizeof(iv2));
return(1);
err:
SSLerr(SSL_F_TLS1_CHANGE_CIPHER_STATE,ERR_R_MALLOC_FAILURE);
{ int z; for (z=0; z<s->session->master_key_length; z++) printf("%02X%c",s->session->master_key[z],((z+1)%16)?' ':'\n'); }
#endif
tls1_generate_key_block(s,p1,p2,num);
- memset(p2,0,num);
+ OPENSSL_cleanse(p2,num);
OPENSSL_free(p2);
#ifdef TLS_DEBUG
printf("\nkey block\n");
BN_pseudo_rand_range 2523 EXIST::FUNCTION:
X509_STORE_CTX_set_verify_cb 2524 EXIST::FUNCTION:
ERR_load_COMP_strings 2525 EXIST::FUNCTION:
+OPENSSL_cleanse 3245 EXIST::FUNCTION:
projects / oweals / openssl.git / commitdiff