[openssl] master update

Dr. Paul Dale pauli at openssl.org
Thu Apr 8 08:31:47 UTC 2021


The branch master has been updated
       via  b7dedba8b1434e6a2f2a3848e3375d07ee8946ab (commit)
       via  b6b55ad91ada4547145da2d0bbc5c562ae6c1e34 (commit)
      from  bf477a40d742c82826dc6979a33306eb0120d6ad (commit)


- Log -----------------------------------------------------------------
commit b7dedba8b1434e6a2f2a3848e3375d07ee8946ab
Author: Pauli <pauli at openssl.org>
Date:   Wed Apr 7 09:05:05 2021 +1000

    test: add extra secure memory test case.
    
    Reviewed-by: Tomas Mraz <tomas at openssl.org>
    Reviewed-by: Matt Caswell <matt at openssl.org>
    (Merged from https://github.com/openssl/openssl/pull/14782)

commit b6b55ad91ada4547145da2d0bbc5c562ae6c1e34
Author: Pauli <pauli at openssl.org>
Date:   Wed Apr 7 08:48:59 2021 +1000

    param_build: check for the usage of secure memory better.
    
    The param build now checks the string types and locates them in secure memory
    if the original string is.
    
    Reviewed-by: Tomas Mraz <tomas at openssl.org>
    Reviewed-by: Matt Caswell <matt at openssl.org>
    (Merged from https://github.com/openssl/openssl/pull/14782)

-----------------------------------------------------------------------

Summary of changes:
 crypto/param_build.c    |  8 ++++++--
 test/param_build_test.c | 46 ++++++++++++++++++++++++++++++++++++----------
 2 files changed, 42 insertions(+), 12 deletions(-)

diff --git a/crypto/param_build.c b/crypto/param_build.c
index facbb281a4..6ce0f01685 100644
--- a/crypto/param_build.c
+++ b/crypto/param_build.c
@@ -240,6 +240,7 @@ int OSSL_PARAM_BLD_push_utf8_string(OSSL_PARAM_BLD *bld, const char *key,
                                     const char *buf, size_t bsize)
 {
     OSSL_PARAM_BLD_DEF *pd;
+    int secure;
 
     if (bsize == 0) {
         bsize = strlen(buf);
@@ -247,7 +248,8 @@ int OSSL_PARAM_BLD_push_utf8_string(OSSL_PARAM_BLD *bld, const char *key,
         ERR_raise(ERR_LIB_CRYPTO, CRYPTO_R_STRING_TOO_LONG);
         return 0;
     }
-    pd = param_push(bld, key, bsize, bsize + 1, OSSL_PARAM_UTF8_STRING, 0);
+    secure = CRYPTO_secure_allocated(buf);
+    pd = param_push(bld, key, bsize, bsize + 1, OSSL_PARAM_UTF8_STRING, secure);
     if (pd == NULL)
         return 0;
     pd->string = buf;
@@ -276,12 +278,14 @@ int OSSL_PARAM_BLD_push_octet_string(OSSL_PARAM_BLD *bld, const char *key,
                                      const void *buf, size_t bsize)
 {
     OSSL_PARAM_BLD_DEF *pd;
+    int secure;
 
     if (bsize > INT_MAX) {
         ERR_raise(ERR_LIB_CRYPTO, CRYPTO_R_STRING_TOO_LONG);
         return 0;
     }
-    pd = param_push(bld, key, bsize, bsize, OSSL_PARAM_OCTET_STRING, 0);
+    secure = CRYPTO_secure_allocated(buf);
+    pd = param_push(bld, key, bsize, bsize, OSSL_PARAM_OCTET_STRING, secure);
     if (pd == NULL)
         return 0;
     pd->string = buf;
diff --git a/test/param_build_test.c b/test/param_build_test.c
index 7a3bfa54b5..31316cbaf1 100644
--- a/test/param_build_test.c
+++ b/test/param_build_test.c
@@ -114,9 +114,12 @@ err:
 
 static int template_private_test(void)
 {
-    static int data1[] = { 2, 3, 5, 7, 11, 15, 17 };
-    static unsigned char data2[] = { 2, 4, 6, 8, 10 };
-    OSSL_PARAM_BLD *bld = OSSL_PARAM_BLD_new();
+    int *data1 = NULL, *data2 = NULL, j;
+    const int data1_num = 12;
+    const int data1_size = data1_num * sizeof(int);
+    const int data2_num = 5;
+    const int data2_size = data2_num * sizeof(int);
+    OSSL_PARAM_BLD *bld = NULL;
     OSSL_PARAM *params = NULL, *p;
     unsigned int i;
     unsigned long int l;
@@ -126,8 +129,17 @@ static int template_private_test(void)
     BIGNUM *bn = NULL, *bn_res = NULL;
     int res = 0;
 
-    if (!TEST_ptr(bld)
-        || !TEST_true(OSSL_PARAM_BLD_push_uint(bld, "i", 6))
+    if (!TEST_ptr(data1 = OPENSSL_secure_malloc(data1_size))
+            || !TEST_ptr(data2 = OPENSSL_secure_malloc(data2_size))
+            || !TEST_ptr(bld = OSSL_PARAM_BLD_new()))
+        goto err;
+
+    for (j = 0; j < data1_num; j++)
+        data1[j] = -16 * j;
+    for (j = 0; j < data2_num; j++)
+        data2[j] = 2 * j;
+
+    if (!TEST_true(OSSL_PARAM_BLD_push_uint(bld, "i", 6))
         || !TEST_true(OSSL_PARAM_BLD_push_ulong(bld, "l", 42))
         || !TEST_true(OSSL_PARAM_BLD_push_uint32(bld, "i32", 1532))
         || !TEST_true(OSSL_PARAM_BLD_push_uint64(bld, "i64", 9999999))
@@ -136,12 +148,13 @@ static int template_private_test(void)
         || !TEST_true(BN_set_word(bn, 1729))
         || !TEST_true(OSSL_PARAM_BLD_push_BN(bld, "bignumber", bn))
         || !TEST_true(OSSL_PARAM_BLD_push_octet_string(bld, "oct_s", data1,
-                                                       sizeof(data1)))
+                                                       data1_size))
         || !TEST_true(OSSL_PARAM_BLD_push_octet_ptr(bld, "oct_p", data2,
-                                                    sizeof(data2)))
+                                                    data2_size))
         || !TEST_ptr(params = OSSL_PARAM_BLD_to_param(bld))
         /* Check unsigned int */
         || !TEST_ptr(p = OSSL_PARAM_locate(params, "i"))
+        || !TEST_false(CRYPTO_secure_allocated(p->data))
         || !TEST_true(OSSL_PARAM_get_uint(p, &i))
         || !TEST_str_eq(p->key, "i")
         || !TEST_uint_eq(p->data_type, OSSL_PARAM_UNSIGNED_INTEGER)
@@ -149,6 +162,7 @@ static int template_private_test(void)
         || !TEST_uint_eq(i, 6)
         /* Check unsigned int32 */
         || !TEST_ptr(p = OSSL_PARAM_locate(params, "i32"))
+        || !TEST_false(CRYPTO_secure_allocated(p->data))
         || !TEST_true(OSSL_PARAM_get_uint32(p, &i32))
         || !TEST_str_eq(p->key, "i32")
         || !TEST_uint_eq(p->data_type, OSSL_PARAM_UNSIGNED_INTEGER)
@@ -156,6 +170,7 @@ static int template_private_test(void)
         || !TEST_uint_eq((unsigned int)i32, 1532)
         /* Check unsigned int64 */
         || !TEST_ptr(p = OSSL_PARAM_locate(params, "i64"))
+        || !TEST_false(CRYPTO_secure_allocated(p->data))
         || !TEST_str_eq(p->key, "i64")
         || !TEST_uint_eq(p->data_type, OSSL_PARAM_UNSIGNED_INTEGER)
         || !TEST_size_t_eq(p->data_size, sizeof(int64_t))
@@ -163,6 +178,7 @@ static int template_private_test(void)
         || !TEST_ulong_eq((unsigned long)i64, 9999999)
         /* Check unsigned long int */
         || !TEST_ptr(p = OSSL_PARAM_locate(params, "l"))
+        || !TEST_false(CRYPTO_secure_allocated(p->data))
         || !TEST_str_eq(p->key, "l")
         || !TEST_uint_eq(p->data_type, OSSL_PARAM_UNSIGNED_INTEGER)
         || !TEST_size_t_eq(p->data_size, sizeof(unsigned long int))
@@ -170,6 +186,7 @@ static int template_private_test(void)
         || !TEST_ulong_eq(l, 42)
         /* Check size_t */
         || !TEST_ptr(p = OSSL_PARAM_locate(params, "st"))
+        || !TEST_false(CRYPTO_secure_allocated(p->data))
         || !TEST_str_eq(p->key, "st")
         || !TEST_uint_eq(p->data_type, OSSL_PARAM_UNSIGNED_INTEGER)
         || !TEST_size_t_eq(p->data_size, sizeof(size_t))
@@ -177,25 +194,32 @@ static int template_private_test(void)
         || !TEST_size_t_eq(st, 65537)
         /* Check octet string */
         || !TEST_ptr(p = OSSL_PARAM_locate(params, "oct_s"))
+        || !TEST_true(CRYPTO_secure_allocated(p->data))
         || !TEST_str_eq(p->key, "oct_s")
         || !TEST_uint_eq(p->data_type, OSSL_PARAM_OCTET_STRING)
-        || !TEST_mem_eq(p->data, p->data_size, data1, sizeof(data1))
+        || !TEST_mem_eq(p->data, p->data_size, data1, data1_size)
         /* Check octet pointer */
         || !TEST_ptr(p = OSSL_PARAM_locate(params, "oct_p"))
+        || !TEST_false(CRYPTO_secure_allocated(p->data))
+        || !TEST_true(CRYPTO_secure_allocated(*(void **)p->data))
         || !TEST_str_eq(p->key, "oct_p")
         || !TEST_uint_eq(p->data_type, OSSL_PARAM_OCTET_PTR)
-        || !TEST_mem_eq(*(void **)p->data, p->data_size, data2, sizeof(data2))
+        || !TEST_mem_eq(*(void **)p->data, p->data_size, data2, data2_size)
         /* Check BN */
         || !TEST_ptr(p = OSSL_PARAM_locate(params, "bignumber"))
+        || !TEST_true(CRYPTO_secure_allocated(p->data))
         || !TEST_str_eq(p->key, "bignumber")
         || !TEST_uint_eq(p->data_type, OSSL_PARAM_UNSIGNED_INTEGER)
         || !TEST_true(OSSL_PARAM_get_BN(p, &bn_res))
+        || !TEST_int_eq(BN_get_flags(bn, BN_FLG_SECURE), BN_FLG_SECURE)
         || !TEST_int_eq(BN_cmp(bn_res, bn), 0))
         goto err;
     res = 1;
 err:
     OSSL_PARAM_BLD_free_params(params);
     OSSL_PARAM_BLD_free(bld);
+    OPENSSL_secure_free(data1);
+    OPENSSL_secure_free(data2);
     BN_free(bn);
     BN_free(bn_res);
     return res;
@@ -247,7 +271,9 @@ err:
 int setup_tests(void)
 {
     ADD_TEST(template_public_test);
-    ADD_TEST(template_private_test);
+    /* Only run the secure memory testing if we have secure memory available */
+    if (CRYPTO_secure_malloc_init(1<<16, 16))
+        ADD_TEST(template_private_test);
     ADD_TEST(builder_limit_test);
     return 1;
 }


More information about the openssl-commits mailing list