test/secmemtest.c - third_party/openssl - Git at Google


 #include <openssl/crypto.h>

 #define perror_line()    perror_line1(__LINE__)
 #define perror_line1(l)  perror_line2(l)
 #define perror_line2(l)  perror("failed " #l)

 int main(int argc, char **argv)
 {
 #if defined(OPENSSL_SYS_LINUX) || defined(OPENSSL_SYS_UNIX)
     char *p = NULL, *q = NULL, *r = NULL, *s = NULL;

     r = OPENSSL_secure_malloc(20);
     /* r = non-secure 20 */
     if (r == NULL) {
         perror_line();
         return 1;
     }
     if (!CRYPTO_secure_malloc_init(4096, 32)) {
         perror_line();
         return 1;
     }
     if (CRYPTO_secure_allocated(r)) {
         perror_line();
         return 1;
     }
     p = OPENSSL_secure_malloc(20);
     /* r = non-secure 20, p = secure 20 */
     if (!CRYPTO_secure_allocated(p)) {
         perror_line();
         return 1;
     }
     /* 20 secure -> 32-byte minimum allocaton unit */
     if (CRYPTO_secure_used() != 32) {
         perror_line();
         return 1;
     }
     q = OPENSSL_malloc(20);
     /* r = non-secure 20, p = secure 20, q = non-secure 20 */
     if (CRYPTO_secure_allocated(q)) {
         perror_line();
         return 1;
     }
     s = OPENSSL_secure_malloc(20);
     /* r = non-secure 20, p = secure 20, q = non-secure 20, s = secure 20 */
     if (!CRYPTO_secure_allocated(s)) {
         perror_line();
         return 1;
     }
     /* 2 * 20 secure -> 64 bytes allocated */
     if (CRYPTO_secure_used() != 64) {
         perror_line();
         return 1;
     }
     OPENSSL_secure_free(p);
     /* 20 secure -> 32 bytes allocated */
     if (CRYPTO_secure_used() != 32) {
         perror_line();
         return 1;
     }
     OPENSSL_free(q);
     /* should not complete, as secure memory is still allocated */
     if (CRYPTO_secure_malloc_done()) {
         perror_line();
         return 1;
     }
     if (!CRYPTO_secure_malloc_initialized()) {
         perror_line();
         return 1;
     }
     OPENSSL_secure_free(s);
     /* secure memory should now be 0, so done should complete */
     if (CRYPTO_secure_used() != 0) {
         perror_line();
         return 1;
     }
     if (!CRYPTO_secure_malloc_done()) {
         perror_line();
         return 1;
     }
     if (CRYPTO_secure_malloc_initialized()) {
         perror_line();
         return 1;
     }
     /* this can complete - it was not really secure */
     OPENSSL_secure_free(r);
 #else
     /* Should fail. */
     if (CRYPTO_secure_malloc_init(4096, 32)) {
         perror_line();
         return 1;
     }
 #endif
     return 0;
 }

	#include <openssl/crypto.h>

	#define perror_line() perror_line1(__LINE__)
	#define perror_line1(l) perror_line2(l)
	#define perror_line2(l) perror("failed " #l)

	int main(int argc, char **argv)
	{
	#if defined(OPENSSL_SYS_LINUX) \|\| defined(OPENSSL_SYS_UNIX)
	char p = NULL, q = NULL, r = NULL, s = NULL;

	r = OPENSSL_secure_malloc(20);
	/* r = non-secure 20 */
	if (r == NULL) {
	perror_line();
	return 1;
	}
	if (!CRYPTO_secure_malloc_init(4096, 32)) {
	perror_line();
	return 1;
	}
	if (CRYPTO_secure_allocated(r)) {
	perror_line();
	return 1;
	}
	p = OPENSSL_secure_malloc(20);
	/* r = non-secure 20, p = secure 20 */
	if (!CRYPTO_secure_allocated(p)) {
	perror_line();
	return 1;
	}
	/* 20 secure -> 32-byte minimum allocaton unit */
	if (CRYPTO_secure_used() != 32) {
	perror_line();
	return 1;
	}
	q = OPENSSL_malloc(20);
	/* r = non-secure 20, p = secure 20, q = non-secure 20 */
	if (CRYPTO_secure_allocated(q)) {
	perror_line();
	return 1;
	}
	s = OPENSSL_secure_malloc(20);
	/* r = non-secure 20, p = secure 20, q = non-secure 20, s = secure 20 */
	if (!CRYPTO_secure_allocated(s)) {
	perror_line();
	return 1;
	}
	/* 2 * 20 secure -> 64 bytes allocated */
	if (CRYPTO_secure_used() != 64) {
	perror_line();
	return 1;
	}
	OPENSSL_secure_free(p);
	/* 20 secure -> 32 bytes allocated */
	if (CRYPTO_secure_used() != 32) {
	perror_line();
	return 1;
	}
	OPENSSL_free(q);
	/* should not complete, as secure memory is still allocated */
	if (CRYPTO_secure_malloc_done()) {
	perror_line();
	return 1;
	}
	if (!CRYPTO_secure_malloc_initialized()) {
	perror_line();
	return 1;
	}
	OPENSSL_secure_free(s);
	/* secure memory should now be 0, so done should complete */
	if (CRYPTO_secure_used() != 0) {
	perror_line();
	return 1;
	}
	if (!CRYPTO_secure_malloc_done()) {
	perror_line();
	return 1;
	}
	if (CRYPTO_secure_malloc_initialized()) {
	perror_line();
	return 1;
	}
	/* this can complete - it was not really secure */
	OPENSSL_secure_free(r);
	#else
	/* Should fail. */
	if (CRYPTO_secure_malloc_init(4096, 32)) {
	perror_line();
	return 1;
	}
	#endif
	return 0;
	}