diff options
| author | Rich Salz <rsalz@akamai.com> | 2015-04-24 16:39:40 -0400 |
|---|---|---|
| committer | Rich Salz <rsalz@openssl.org> | 2015-06-23 17:09:35 -0400 |
| commit | 74924dcb3802640d7e2ae2e80ca6515d0a53de7a (patch) | |
| tree | 6de4138b01d5f649bdaa32d858bd5fa20e9ad4b6 /crypto/bn/bn_ctx.c | |
| parent | ce7e647bc2c328404b1e3cdac6211773afdefe07 (diff) | |
| download | openssl-74924dcb3802640d7e2ae2e80ca6515d0a53de7a.zip openssl-74924dcb3802640d7e2ae2e80ca6515d0a53de7a.tar.gz openssl-74924dcb3802640d7e2ae2e80ca6515d0a53de7a.tar.bz2 | |
More secure storage of key material.
Add secure heap for storage of private keys (when possible).
Add BIO_s_secmem(), CBIGNUM, etc.
Add BIO_CTX_secure_new so all BIGNUM's in the context are secure.
Contributed by Akamai Technologies under the Corporate CLA.
Reviewed-by: Richard Levitte <levitte@openssl.org>
Diffstat (limited to 'crypto/bn/bn_ctx.c')
| -rw-r--r-- | crypto/bn/bn_ctx.c | 79 |
1 files changed, 47 insertions, 32 deletions
diff --git a/crypto/bn/bn_ctx.c b/crypto/bn/bn_ctx.c index c023303..660e626 100644 --- a/crypto/bn/bn_ctx.c +++ b/crypto/bn/bn_ctx.c @@ -103,7 +103,7 @@ typedef struct bignum_pool { } BN_POOL; static void BN_POOL_init(BN_POOL *); static void BN_POOL_finish(BN_POOL *); -static BIGNUM *BN_POOL_get(BN_POOL *); +static BIGNUM *BN_POOL_get(BN_POOL *, int); static void BN_POOL_release(BN_POOL *, unsigned int); /************/ @@ -138,6 +138,8 @@ struct bignum_ctx { int err_stack; /* Block "gets" until an "end" (compatibility behaviour) */ int too_many; + /* Flags. */ + int flags; }; /* Enable this to find BN_CTX bugs */ @@ -186,8 +188,9 @@ static void ctxdbg(BN_CTX *ctx) BN_CTX *BN_CTX_new(void) { - BN_CTX *ret = OPENSSL_malloc(sizeof(*ret)); - if (!ret) { + BN_CTX *ret; + + if ((ret = OPENSSL_malloc(sizeof(*ret))) == NULL) { BNerr(BN_F_BN_CTX_NEW, ERR_R_MALLOC_FAILURE); return NULL; } @@ -197,6 +200,16 @@ BN_CTX *BN_CTX_new(void) ret->used = 0; ret->err_stack = 0; ret->too_many = 0; + ret->flags = 0; + return ret; +} + +BN_CTX *BN_CTX_secure_new(void) +{ + BN_CTX *ret = BN_CTX_new(); + + if (ret) + ret->flags = BN_FLG_SECURE; return ret; } @@ -258,10 +271,11 @@ void BN_CTX_end(BN_CTX *ctx) BIGNUM *BN_CTX_get(BN_CTX *ctx) { BIGNUM *ret; + CTXDBG_ENTRY("BN_CTX_get", ctx); if (ctx->err_stack || ctx->too_many) return NULL; - if ((ret = BN_POOL_get(&ctx->pool)) == NULL) { + if ((ret = BN_POOL_get(&ctx->pool, ctx->flags)) == NULL) { /* * Setting too_many prevents repeated "get" attempts from cluttering * the error stack. @@ -289,26 +303,23 @@ static void BN_STACK_init(BN_STACK *st) static void BN_STACK_finish(BN_STACK *st) { - if (st->size) - OPENSSL_free(st->indexes); + OPENSSL_free(st->indexes); + st->indexes = NULL; } static int BN_STACK_push(BN_STACK *st, unsigned int idx) { - if (st->depth == st->size) + if (st->depth == st->size) { /* Need to expand */ - { - unsigned int newsize = (st->size ? - (st->size * 3 / 2) : BN_CTX_START_FRAMES); - unsigned int *newitems = OPENSSL_malloc(newsize * - sizeof(unsigned int)); - if (!newitems) + unsigned int newsize = + st->size ? (st->size * 3 / 2) : BN_CTX_START_FRAMES; + unsigned int *newitems = OPENSSL_malloc(sizeof(*newitems) * newsize); + if (newitems == NULL) return 0; if (st->depth) - memcpy(newitems, st->indexes, st->depth * sizeof(unsigned int)); - if (st->size) - OPENSSL_free(st->indexes); + memcpy(newitems, st->indexes, sizeof(*newitems) * st->depth); + OPENSSL_free(st->indexes); st->indexes = newitems; st->size = newsize; } @@ -333,14 +344,13 @@ static void BN_POOL_init(BN_POOL *p) static void BN_POOL_finish(BN_POOL *p) { + unsigned int loop; + BIGNUM *bn; + while (p->head) { - unsigned int loop = 0; - BIGNUM *bn = p->head->vals; - while (loop++ < BN_CTX_POOL_SIZE) { + for (loop = 0, bn = p->head->vals; loop++ < BN_CTX_POOL_SIZE; bn++) if (bn->d) BN_clear_free(bn); - bn++; - } p->current = p->head->next; OPENSSL_free(p->head); p->head = p->current; @@ -348,22 +358,25 @@ static void BN_POOL_finish(BN_POOL *p) } -static BIGNUM *BN_POOL_get(BN_POOL *p) +static BIGNUM *BN_POOL_get(BN_POOL *p, int flag) { + BIGNUM *bn; + unsigned int loop; + + /* Full; allocate a new pool item and link it in. */ if (p->used == p->size) { - BIGNUM *bn; - unsigned int loop = 0; BN_POOL_ITEM *item = OPENSSL_malloc(sizeof(*item)); - if (!item) + if (item == NULL) return NULL; - /* Initialise the structure */ - bn = item->vals; - while (loop++ < BN_CTX_POOL_SIZE) - BN_init(bn++); + for (loop = 0, bn = item->vals; loop++ < BN_CTX_POOL_SIZE; bn++) { + BN_init(bn); + if ((flag & BN_FLG_SECURE) != 0) + BN_set_flags(bn, BN_FLG_SECURE); + } item->prev = p->tail; item->next = NULL; - /* Link it in */ - if (!p->head) + + if (p->head == NULL) p->head = p->current = p->tail = item; else { p->tail->next = item; @@ -375,6 +388,7 @@ static BIGNUM *BN_POOL_get(BN_POOL *p) /* Return the first bignum from the new pool */ return item->vals; } + if (!p->used) p->current = p->head; else if ((p->used % BN_CTX_POOL_SIZE) == 0) @@ -385,10 +399,11 @@ static BIGNUM *BN_POOL_get(BN_POOL *p) static void BN_POOL_release(BN_POOL *p, unsigned int num) { unsigned int offset = (p->used - 1) % BN_CTX_POOL_SIZE; + p->used -= num; while (num--) { bn_check_top(p->current->vals + offset); - if (!offset) { + if (offset == 0) { offset = BN_CTX_POOL_SIZE - 1; p->current = p->current->prev; } else |