From 0a3af9a4038045ba59bcf10a4f9e0b6bb5107cd8 Mon Sep 17 00:00:00 2001 From: Richard Levitte Date: Wed, 27 Nov 2002 12:25:52 +0000 Subject: [PATCH] Add OPENSSL_cleanse() to help cleanse memory and avoid certain compiler and linker optimizations. PR: 343 --- CHANGES | 8 ++++++++ crypto/Makefile.ssl | 8 ++++++-- crypto/crypto-lib.com | 2 +- crypto/crypto.h | 2 ++ crypto/mem.c | 14 ++++++++++++++ util/libeay.num | 1 + 6 files changed, 32 insertions(+), 3 deletions(-) diff --git a/CHANGES b/CHANGES index ac3a1344a9..6e31374fd3 100644 --- a/CHANGES +++ b/CHANGES @@ -1785,6 +1785,14 @@ des-cbc 3624.96k 5258.21k 5530.91k 5624.30k 5628.26k Changes between 0.9.6g and 0.9.6h [xx XXX xxxx] + *) New function OPENSSL_cleanse(), which is used to cleanse a section of + memory from it's contents. This is done with a counter that will + place alternating values in each byte. This can be used to solve + two issues: 1) the removal of calls to memset() by highly optimizing + compilers, and 2) cleansing with other values than 0, since those can + be read through on certain media, for example a swap space on disk. + [Geoff Thorpe] + *) Bugfix: client side session caching did not work with external caching, because the session->cipher setting was not restored when reloading from the external cache. This problem was masked, when diff --git a/crypto/Makefile.ssl b/crypto/Makefile.ssl index f50aa7f08c..3766e7c4da 100644 --- a/crypto/Makefile.ssl +++ b/crypto/Makefile.ssl @@ -36,8 +36,8 @@ GENERAL=Makefile README crypto-lib.com install.com LIB= $(TOP)/libcrypto.a SHARED_LIB= libcrypto$(SHLIB_EXT) -LIBSRC= cryptlib.c mem.c mem_dbg.c cversion.c ex_data.c tmdiff.c cpt_err.c ebcdic.c uid.c o_time.c -LIBOBJ= cryptlib.o mem.o mem_dbg.o cversion.o ex_data.o tmdiff.o cpt_err.o ebcdic.o uid.o o_time.o +LIBSRC= cryptlib.c mem.c mem_clr.c mem_dbg.c cversion.c ex_data.c tmdiff.c cpt_err.c ebcdic.c uid.c o_time.c +LIBOBJ= cryptlib.o mem.o mem_clr.o mem_dbg.o cversion.o ex_data.o tmdiff.o cpt_err.o ebcdic.o uid.o o_time.o SRC= $(LIBSRC) @@ -193,6 +193,10 @@ mem.o: ../include/openssl/err.h ../include/openssl/lhash.h mem.o: ../include/openssl/opensslconf.h ../include/openssl/opensslv.h mem.o: ../include/openssl/safestack.h ../include/openssl/stack.h mem.o: ../include/openssl/symhacks.h cryptlib.h mem.c +mem_clr.o: ../include/openssl/crypto.h ../include/openssl/e_os2.h +mem_clr.o: ../include/openssl/opensslconf.h ../include/openssl/opensslv.h +mem_clr.o: ../include/openssl/safestack.h ../include/openssl/stack.h +mem_clr.o: ../include/openssl/symhacks.h mem_clr.c mem_dbg.o: ../e_os.h ../include/openssl/bio.h ../include/openssl/buffer.h mem_dbg.o: ../include/openssl/crypto.h ../include/openssl/e_os2.h mem_dbg.o: ../include/openssl/err.h ../include/openssl/lhash.h diff --git a/crypto/crypto-lib.com b/crypto/crypto-lib.com index 2addf4e793..39e78c69e5 100644 --- a/crypto/crypto-lib.com +++ b/crypto/crypto-lib.com @@ -158,7 +158,7 @@ $! $ APPS_DES = "DES/DES,CBC3_ENC" $ APPS_PKCS7 = "ENC/ENC;DEC/DEC;SIGN/SIGN;VERIFY/VERIFY,EXAMPLE" $ -$ LIB_ = "cryptlib,mem,mem_dbg,cversion,ex_data,tmdiff,cpt_err,ebcdic,uid,o_time" +$ LIB_ = "cryptlib,mem,mem_clr,mem_dbg,cversion,ex_data,tmdiff,cpt_err,ebcdic,uid,o_time" $ LIB_MD2 = "md2_dgst,md2_one" $ LIB_MD4 = "md4_dgst,md4_one" $ LIB_MD5 = "md5_dgst,md5_one" diff --git a/crypto/crypto.h b/crypto/crypto.h index 4b9ece9762..69441cfd7f 100644 --- a/crypto/crypto.h +++ b/crypto/crypto.h @@ -390,6 +390,8 @@ void *CRYPTO_realloc_clean(void *addr,int old_num,int num,const char *file, int line); void *CRYPTO_remalloc(void *addr,int num, const char *file, int line); +void OPENSSL_cleanse(void *ptr, size_t len); + void CRYPTO_set_mem_debug_options(long bits); long CRYPTO_get_mem_debug_options(void); diff --git a/crypto/mem.c b/crypto/mem.c index 03d2569bce..46a00697ce 100644 --- a/crypto/mem.c +++ b/crypto/mem.c @@ -250,6 +250,7 @@ void CRYPTO_get_mem_debug_functions(void (**m)(void *,int,const char *,int,int), void *CRYPTO_malloc_locked(int num, const char *file, int line) { void *ret = NULL; + extern unsigned char cleanse_ctr; allow_customize = 0; if (malloc_debug_func != NULL) @@ -264,6 +265,12 @@ void *CRYPTO_malloc_locked(int num, const char *file, int line) if (malloc_debug_func != NULL) malloc_debug_func(ret, num, file, line, 1); + /* Create a dependency on the value of 'cleanse_ctr' so our memory + * sanitisation function can't be optimised out. NB: We only do + * this for >2Kb so the overhead doesn't bother us. */ + if(ret && (num > 2048)) + ((unsigned char *)ret)[0] = cleanse_ctr; + return ret; } @@ -282,6 +289,7 @@ void CRYPTO_free_locked(void *str) void *CRYPTO_malloc(int num, const char *file, int line) { void *ret = NULL; + extern unsigned char cleanse_ctr; allow_customize = 0; if (malloc_debug_func != NULL) @@ -296,6 +304,12 @@ void *CRYPTO_malloc(int num, const char *file, int line) if (malloc_debug_func != NULL) malloc_debug_func(ret, num, file, line, 1); + /* Create a dependency on the value of 'cleanse_ctr' so our memory + * sanitisation function can't be optimised out. NB: We only do + * this for >2Kb so the overhead doesn't bother us. */ + if(ret && (num > 2048)) + ((unsigned char *)ret)[0] = cleanse_ctr; + return ret; } diff --git a/util/libeay.num b/util/libeay.num index 778b1618f8..81f5d31df9 100755 --- a/util/libeay.num +++ b/util/libeay.num @@ -2800,3 +2800,4 @@ BUF_strlcat 3241 EXIST::FUNCTION: BIO_indent 3242 EXIST::FUNCTION: BUF_strlcpy 3243 EXIST::FUNCTION: OpenSSLDie 3244 EXIST::FUNCTION: +OPENSSL_cleanse 3245 EXIST::FUNCTION: -- 2.40.0