[openssl-commits] [openssl] master update
Rich Salz
rsalz at openssl.org
Sun Feb 28 14:41:32 UTC 2016
The branch master has been updated
via 412bafdcf5621603e91c862025be4c0f1d38bd81 (commit)
via 91a61513a80a7710db5f61a61a815c945443b65a (commit)
from 687237e93dd21e4656f1e166c098da1c67d99485 (commit)
- Log -----------------------------------------------------------------
commit 412bafdcf5621603e91c862025be4c0f1d38bd81
Author: Rich Salz <rsalz at akamai.com>
Date: Thu Feb 25 16:34:27 2016 -0500
GH715: Missed some null-check-removals.
Reviewed-by: Richard Levitte <levitte at openssl.org>
commit 91a61513a80a7710db5f61a61a815c945443b65a
Author: Jeffrey Walton <noloader at gmail.com>
Date: Fri Feb 26 20:44:35 2016 -0500
RT4351: Update doc for OPENSSL_cleanse
Reviewed-by: Richard Levitte <levitte at openssl.org>
-----------------------------------------------------------------------
Summary of changes:
crypto/rsa/rsa_lib.c | 9 +++------
doc/crypto/OPENSSL_malloc.pod | 12 ++++++++++--
2 files changed, 13 insertions(+), 8 deletions(-)
diff --git a/crypto/rsa/rsa_lib.c b/crypto/rsa/rsa_lib.c
index b049d0b..8b50157 100644
--- a/crypto/rsa/rsa_lib.c
+++ b/crypto/rsa/rsa_lib.c
@@ -154,8 +154,7 @@ RSA *RSA_new_method(ENGINE *engine)
ret->flags = ret->meth->flags & ~RSA_FLAG_NON_FIPS_ALLOW;
if (!CRYPTO_new_ex_data(CRYPTO_EX_INDEX_RSA, ret, &ret->ex_data)) {
#ifndef OPENSSL_NO_ENGINE
- if (ret->engine)
- ENGINE_finish(ret->engine);
+ ENGINE_finish(ret->engine);
#endif
OPENSSL_free(ret);
return (NULL);
@@ -163,8 +162,7 @@ RSA *RSA_new_method(ENGINE *engine)
if ((ret->meth->init != NULL) && !ret->meth->init(ret)) {
#ifndef OPENSSL_NO_ENGINE
- if (ret->engine)
- ENGINE_finish(ret->engine);
+ ENGINE_finish(ret->engine);
#endif
CRYPTO_free_ex_data(CRYPTO_EX_INDEX_RSA, ret, &ret->ex_data);
OPENSSL_free(ret);
@@ -189,8 +187,7 @@ void RSA_free(RSA *r)
if (r->meth->finish)
r->meth->finish(r);
#ifndef OPENSSL_NO_ENGINE
- if (r->engine)
- ENGINE_finish(r->engine);
+ ENGINE_finish(r->engine);
#endif
CRYPTO_free_ex_data(CRYPTO_EX_INDEX_RSA, r, &r->ex_data);
diff --git a/doc/crypto/OPENSSL_malloc.pod b/doc/crypto/OPENSSL_malloc.pod
index 04fa0b7..e0271ca 100644
--- a/doc/crypto/OPENSSL_malloc.pod
+++ b/doc/crypto/OPENSSL_malloc.pod
@@ -4,7 +4,7 @@
OPENSSL_malloc_init,
OPENSSL_malloc, OPENSSL_zalloc, OPENSSL_realloc, OPENSSL_free,
-OPENSSL_clear_realloc, OPENSSL_clear_free,
+OPENSSL_clear_realloc, OPENSSL_clear_free, OPENSSL_cleanse
CRYPTO_malloc, CRYPTO_zalloc, CRYPTO_realloc, CRYPTO_free,
OPENSSL_strdup, OPENSSL_strndup,
OPENSSL_memdup, OPENSSL_strlcpy, OPENSSL_strlcat,
@@ -84,9 +84,17 @@ OPENSSL_zalloc() calls memset() to zero the memory before returning.
OPENSSL_clear_realloc() and OPENSSL_clear_free() should be used
when the buffer at B<addr> holds sensitive information.
-The old buffer is filled with arbitrary data by calling OPENSSL_cleanse()
+The old buffer is filled with zero's by calling OPENSSL_cleanse()
before ultimately calling OPENSSL_free().
+OPENSSL_cleanse() fills B<ptr> of size B<len> with a string of 0's.
+Use OPENSSL_cleanse() with care if the memory is a mapping of a file.
+If the storage controller uses write compression, then its possible
+that sensitive tail bytes will survive zeroization because the block of
+zeros will be compressed. If the storage controller uses wear leveling,
+then the old sensitive data will not be overwritten; rather, a block of
+0's will be written at a new physical location.
+
OPENSSL_strdup(), OPENSSL_strndup() and OPENSSL_memdup() are like the
equivalent C functions, except that memory is allocated by calling the
OPENSSL_malloc() and should be releaed by calling OPENSSL_free().
More information about the openssl-commits
mailing list