[openssl-commits] [openssl] OpenSSL_1_0_2-stable update

Andy Polyakov appro at openssl.org
Sun Jun 12 11:48:53 UTC 2016 

The branch OpenSSL_1_0_2-stable has been updated
       via  5bbdc26cadc01cab811040e861f1f98e0f3af348 (commit)
       via  4f0b6e6775e4bd08cb2fc89a2f32c84c441f290d (commit)
      from  e6f65f769d87846bdc5b58ef8d2ef4074044022d (commit)


- Log -----------------------------------------------------------------
commit 5bbdc26cadc01cab811040e861f1f98e0f3af348
Author: Andy Polyakov <appro at openssl.org>
Date:   Thu Jun 9 21:56:09 2016 +0200

    crypto/mem_clr.c: switch to OPENSSL_cleanse implementation from master.
    
    It's probably worth reminding that this is a fall-back implementation
    for platforms that don't have assembly OPENSSL_cleanse.
    
    Reviewed-by: Rich Salz <rsalz at openssl.org>

commit 4f0b6e6775e4bd08cb2fc89a2f32c84c441f290d
Author: Andy Polyakov <appro at openssl.org>
Date:   Thu Jun 9 21:54:19 2016 +0200

    hmac/hmac.c: switch to OPENSSL_cleanse.
    
    Reviewed-by: Rich Salz <rsalz at openssl.org>

-----------------------------------------------------------------------

Summary of changes:
 crypto/hmac/hmac.c |  2 +-
 crypto/mem_clr.c   | 24 +++++++++---------------
 2 files changed, 10 insertions(+), 16 deletions(-)

diff --git a/crypto/hmac/hmac.c b/crypto/hmac/hmac.c
index 51a0a3e..213504e 100644
--- a/crypto/hmac/hmac.c
+++ b/crypto/hmac/hmac.c
@@ -234,7 +234,7 @@ void HMAC_CTX_cleanup(HMAC_CTX *ctx)
     EVP_MD_CTX_cleanup(&ctx->i_ctx);
     EVP_MD_CTX_cleanup(&ctx->o_ctx);
     EVP_MD_CTX_cleanup(&ctx->md_ctx);
-    memset(ctx, 0, sizeof *ctx);
+    OPENSSL_cleanse(ctx, sizeof *ctx);
 }
 
 unsigned char *HMAC(const EVP_MD *evp_md, const void *key, int key_len,
diff --git a/crypto/mem_clr.c b/crypto/mem_clr.c
index ab85344..579e9d1 100644
--- a/crypto/mem_clr.c
+++ b/crypto/mem_clr.c
@@ -60,22 +60,16 @@
 #include <string.h>
 #include <openssl/crypto.h>
 
-unsigned char cleanse_ctr = 0;
+/*
+ * Pointer to memset is volatile so that compiler must de-reference
+ * the pointer and can't assume that it points to any function in
+ * particular (such as memset, which it then might further "optimize")
+ */
+typedef void *(*memset_t)(void *,int,size_t);
+
+static volatile memset_t memset_func = memset;
 
 void OPENSSL_cleanse(void *ptr, size_t len)
 {
-    unsigned char *p = ptr;
-    size_t loop = len, ctr = cleanse_ctr;
-
-    if (ptr == NULL)
-        return;
-
-    while (loop--) {
-        *(p++) = (unsigned char)ctr;
-        ctr += (17 + ((size_t)p & 0xF));
-    }
-    p = memchr(ptr, (unsigned char)ctr, len);
-    if (p)
-        ctr += (63 + (size_t)p);
-    cleanse_ctr = (unsigned char)ctr;
+    memset_func(ptr, 0, len);
 }

More information about the openssl-commits mailing list