[openssl-dev] Proper explicit zeroing in VIA PadLock engine
Richard Levitte
levitte at openssl.org
Mon Apr 4 14:49:42 UTC 2016
In message <20160404144408.GA75125 at thinkpad.swarthmore.edu> on Mon, 4 Apr 2016 10:44:09 -0400, Michael McConville <mmcco at mykolab.com> said:
mmcco> Richard Levitte wrote:
mmcco> > That being said, engines/e_padlock.c has changed quite a bit since, so
mmcco> > if patching is still needed, it needs to be reworked with somewhat
mmcco> > more modern code (that libressl patch applies to OpenSSL 0.9.8, which
mmcco> > is past EOL).
mmcco>
mmcco> True, but it's still the same one line that needs to be changed.
mmcco> engines/e_padlock.c:779:
mmcco>
mmcco> > *(volatile unsigned int *)&buf = 0;
mmcco>
mmcco> I've never worked with OpenSSL before, but the below is what I was
mmcco> imagining.
mmcco>
mmcco>
mmcco> diff --git a/engines/e_padlock.c b/engines/e_padlock.c
mmcco> index 96e7483..709c4de 100644
mmcco> --- a/engines/e_padlock.c
mmcco> +++ b/engines/e_padlock.c
mmcco> @@ -776,7 +776,8 @@ static int padlock_rand_bytes(unsigned char *output, int count)
mmcco> *output++ = (unsigned char)buf;
mmcco> count--;
mmcco> }
mmcco> - *(volatile unsigned int *)&buf = 0;
mmcco> +
mmcco> + OPENSSL_cleanse(&buf, sizeof(buf));
mmcco>
mmcco> return 1;
mmcco> }
That looks good enough, I'll see to it being inserted.
Cheers,
Richard
--
Richard Levitte levitte at openssl.org
OpenSSL Project http://www.openssl.org/~levitte/
More information about the openssl-dev
mailing list