Add OPENSSL_cleanse() to help cleanse memory and avoid certain compiler and linker optimizations. PR: 343
diff --git a/crypto/Makefile.ssl b/crypto/Makefile.ssl index 574fd72..061211d 100644 --- a/crypto/Makefile.ssl +++ b/crypto/Makefile.ssl
@@ -36,8 +36,8 @@ LIB= $(TOP)/libcrypto.a SHARED_LIB= libcrypto$(SHLIB_EXT) -LIBSRC= cryptlib.c mem.c mem_dbg.c cversion.c ex_data.c tmdiff.c cpt_err.c ebcdic.c uid.c o_time.c -LIBOBJ= cryptlib.o mem.o mem_dbg.o cversion.o ex_data.o tmdiff.o cpt_err.o ebcdic.o uid.o o_time.o +LIBSRC= cryptlib.c mem.c mem_clr.c mem_dbg.c cversion.c ex_data.c tmdiff.c cpt_err.c ebcdic.c uid.c o_time.c +LIBOBJ= cryptlib.o mem.o mem_clr.o mem_dbg.o cversion.o ex_data.o tmdiff.o cpt_err.o ebcdic.o uid.o o_time.o SRC= $(LIBSRC) @@ -193,6 +193,10 @@ mem.o: ../include/openssl/opensslconf.h ../include/openssl/opensslv.h mem.o: ../include/openssl/safestack.h ../include/openssl/stack.h mem.o: ../include/openssl/symhacks.h cryptlib.h mem.c +mem_clr.o: ../include/openssl/crypto.h ../include/openssl/e_os2.h +mem_clr.o: ../include/openssl/opensslconf.h ../include/openssl/opensslv.h +mem_clr.o: ../include/openssl/safestack.h ../include/openssl/stack.h +mem_clr.o: ../include/openssl/symhacks.h mem_clr.c mem_dbg.o: ../e_os.h ../include/openssl/bio.h ../include/openssl/buffer.h mem_dbg.o: ../include/openssl/crypto.h ../include/openssl/e_os2.h mem_dbg.o: ../include/openssl/err.h ../include/openssl/lhash.h
diff --git a/crypto/crypto-lib.com b/crypto/crypto-lib.com index 5d42b2b..ced978c 100644 --- a/crypto/crypto-lib.com +++ b/crypto/crypto-lib.com
@@ -158,7 +158,7 @@ $ APPS_DES = "DES/DES,CBC3_ENC" $ APPS_PKCS7 = "ENC/ENC;DEC/DEC;SIGN/SIGN;VERIFY/VERIFY,EXAMPLE" $ -$ LIB_ = "cryptlib,mem,mem_dbg,cversion,ex_data,tmdiff,cpt_err,ebcdic,uid,o_time" +$ LIB_ = "cryptlib,mem,mem_clr,mem_dbg,cversion,ex_data,tmdiff,cpt_err,ebcdic,uid,o_time" $ LIB_MD2 = "md2_dgst,md2_one" $ LIB_MD4 = "md4_dgst,md4_one" $ LIB_MD5 = "md5_dgst,md5_one"
diff --git a/crypto/crypto.h b/crypto/crypto.h index d1d2400..4027b43 100644 --- a/crypto/crypto.h +++ b/crypto/crypto.h
@@ -454,6 +454,8 @@ int line); void *CRYPTO_remalloc(void *addr,int num, const char *file, int line); +void OPENSSL_cleanse(void *ptr, size_t len); + void CRYPTO_set_mem_debug_options(long bits); long CRYPTO_get_mem_debug_options(void);
diff --git a/crypto/mem.c b/crypto/mem.c index 03d2569..46a0069 100644 --- a/crypto/mem.c +++ b/crypto/mem.c
@@ -250,6 +250,7 @@ void *CRYPTO_malloc_locked(int num, const char *file, int line) { void *ret = NULL; + extern unsigned char cleanse_ctr; allow_customize = 0; if (malloc_debug_func != NULL) @@ -264,6 +265,12 @@ if (malloc_debug_func != NULL) malloc_debug_func(ret, num, file, line, 1); + /* Create a dependency on the value of 'cleanse_ctr' so our memory + * sanitisation function can't be optimised out. NB: We only do + * this for >2Kb so the overhead doesn't bother us. */ + if(ret && (num > 2048)) + ((unsigned char *)ret)[0] = cleanse_ctr; + return ret; } @@ -282,6 +289,7 @@ void *CRYPTO_malloc(int num, const char *file, int line) { void *ret = NULL; + extern unsigned char cleanse_ctr; allow_customize = 0; if (malloc_debug_func != NULL) @@ -296,6 +304,12 @@ if (malloc_debug_func != NULL) malloc_debug_func(ret, num, file, line, 1); + /* Create a dependency on the value of 'cleanse_ctr' so our memory + * sanitisation function can't be optimised out. NB: We only do + * this for >2Kb so the overhead doesn't bother us. */ + if(ret && (num > 2048)) + ((unsigned char *)ret)[0] = cleanse_ctr; + return ret; }
diff --git a/crypto/mem_clr.c b/crypto/mem_clr.c new file mode 100644 index 0000000..0b72966 --- /dev/null +++ b/crypto/mem_clr.c
@@ -0,0 +1,75 @@ +/* crypto/mem_clr.c -*- mode:C; c-file-style: "eay" -*- */ +/* Written by Geoff Thorpe (geoff@geoffthorpe.net) for the OpenSSL + * project 2002. + */ +/* ==================================================================== + * Copyright (c) 2001 The OpenSSL Project. All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in + * the documentation and/or other materials provided with the + * distribution. + * + * 3. All advertising materials mentioning features or use of this + * software must display the following acknowledgment: + * "This product includes software developed by the OpenSSL Project + * for use in the OpenSSL Toolkit. (http://www.openssl.org/)" + * + * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to + * endorse or promote products derived from this software without + * prior written permission. For written permission, please contact + * openssl-core@openssl.org. + * + * 5. Products derived from this software may not be called "OpenSSL" + * nor may "OpenSSL" appear in their names without prior written + * permission of the OpenSSL Project. + * + * 6. Redistributions of any form whatsoever must retain the following + * acknowledgment: + * "This product includes software developed by the OpenSSL Project + * for use in the OpenSSL Toolkit (http://www.openssl.org/)" + * + * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY + * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR + * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR + * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, + * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT + * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; + * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, + * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) + * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED + * OF THE POSSIBILITY OF SUCH DAMAGE. + * ==================================================================== + * + * This product includes cryptographic software written by Eric Young + * (eay@cryptsoft.com). This product includes software written by Tim + * Hudson (tjh@cryptsoft.com). + * + */ + +#include <string.h> +#include <openssl/crypto.h> + +unsigned char cleanse_ctr = 0; + +void OPENSSL_cleanse(void *ptr, size_t len) + { + unsigned char *p = ptr; + size_t loop = len; + while(loop--) + { + *(p++) = cleanse_ctr; + cleanse_ctr += (17 + (((unsigned char *)&p)[sizeof(unsigned char *)-1] & 0xF)); + } + if(memchr(ptr, cleanse_ctr, len)) + cleanse_ctr += 63; + }