More secure storage of key material.

Add secure heap for storage of private keys (when possible). Add BIO_s_secmem(), CBIGNUM, etc. Add BIO_CTX_secure_new so all BIGNUM's in the context are secure. Contributed by Akamai Technologies under the Corporate CLA. Reviewed-by: Richard Levitte <levitte@openssl.org>
author: Rich Salz <rsalz@akamai.com> 2015-04-24 16:39:40 -0400
committer: Rich Salz <rsalz@openssl.org> 2015-06-23 17:09:35 -0400
commit: 74924dcb3802640d7e2ae2e80ca6515d0a53de7a (patch)
tree: 6de4138b01d5f649bdaa32d858bd5fa20e9ad4b6 /include
parent: ce7e647bc2c328404b1e3cdac6211773afdefe07 (diff)
download: openssl-74924dcb3802640d7e2ae2e80ca6515d0a53de7a.tar.gz
4 files changed, 29 insertions, 2 deletions
diff --git a/include/openssl/bio.h b/include/openssl/bio.h
index 7fe88ec4ef..2da93bdf0a 100644
--- a/include/openssl/bio.h
+++ b/include/openssl/bio.h
@@ -670,6 +670,7 @@ long BIO_debug_callback(BIO *bio, int cmd, const char *argp, int argi,
                         long argl, long ret);
 
 BIO_METHOD *BIO_s_mem(void);
+BIO_METHOD *BIO_s_secmem(void);
 BIO *BIO_new_mem_buf(void *buf, int len);
 BIO_METHOD *BIO_s_socket(void);
 BIO_METHOD *BIO_s_connect(void);
diff --git a/include/openssl/bn.h b/include/openssl/bn.h
index 44f17374f2..0fcf843314 100644
--- a/include/openssl/bn.h
+++ b/include/openssl/bn.h
@@ -268,6 +268,7 @@ extern "C" {
  * BN_mod_inverse() will call BN_mod_inverse_no_branch.
  */
 # define BN_FLG_CONSTTIME        0x04
+# define BN_FLG_SECURE           0x08
 
 # ifdef OPENSSL_USE_DEPRECATED
 /* deprecated name for the flag */
@@ -349,6 +350,7 @@ void BN_zero_ex(BIGNUM *a);
 const BIGNUM *BN_value_one(void);
 char *BN_options(void);
 BN_CTX *BN_CTX_new(void);
+BN_CTX *BN_CTX_secure_new(void);
 void BN_CTX_free(BN_CTX *c);
 void BN_CTX_start(BN_CTX *ctx);
 BIGNUM *BN_CTX_get(BN_CTX *ctx);
@@ -361,6 +363,7 @@ int BN_num_bits(const BIGNUM *a);
 int BN_num_bits_word(BN_ULONG l);
 int BN_security_bits(int L, int N);
 BIGNUM *BN_new(void);
+BIGNUM *BN_secure_new(void);
 void BN_clear_free(BIGNUM *a);
 BIGNUM *BN_copy(BIGNUM *a, const BIGNUM *b);
 void BN_swap(BIGNUM *a, BIGNUM *b);
diff --git a/include/openssl/buffer.h b/include/openssl/buffer.h
index 672c06b395..af30a90b86 100644
--- a/include/openssl/buffer.h
+++ b/include/openssl/buffer.h
@@ -78,9 +78,13 @@ struct buf_mem_st {
     size_t length;              /* current number of bytes */
     char *data;
     size_t max;                 /* size of buffer */
+    unsigned long flags;
 };
 
+# define BUF_MEM_FLAG_SECURE  0x01
+
 BUF_MEM *BUF_MEM_new(void);
+BUF_MEM *BUF_MEM_new_ex(unsigned long flags);
 void BUF_MEM_free(BUF_MEM *a);
 size_t BUF_MEM_grow(BUF_MEM *str, size_t len);
 size_t BUF_MEM_grow_clean(BUF_MEM *str, size_t len);
diff --git a/include/openssl/crypto.h b/include/openssl/crypto.h
index f05084f8c1..1bda645660 100644
--- a/include/openssl/crypto.h
+++ b/include/openssl/crypto.h
@@ -491,12 +491,12 @@ void (*CRYPTO_get_dynlock_destroy_callback(void)) (struct CRYPTO_dynlock_value
 int CRYPTO_set_mem_functions(void *(*m) (size_t), void *(*r) (void *, size_t),
                              void (*f) (void *));
 int CRYPTO_set_locked_mem_functions(void *(*m) (size_t),
-                                    void (*free_func) (void *));
+                                    void (*f) (void *));
 int CRYPTO_set_mem_ex_functions(void *(*m) (size_t, const char *, int),
                                 void *(*r) (void *, size_t, const char *,
                                             int), void (*f) (void *));
 int CRYPTO_set_locked_mem_ex_functions(void *(*m) (size_t, const char *, int),
-                                       void (*free_func) (void *));
+                                       void (*f) (void *));
 int CRYPTO_set_mem_debug_functions(void (*m)
                                     (void *, int, const char *, int, int),
                                    void (*r) (void *, void *, int,
@@ -532,6 +532,25 @@ void *CRYPTO_realloc_clean(void *addr, int old_num, int num, const char *file,
                            int line);
 void *CRYPTO_remalloc(void *addr, int num, const char *file, int line);
 
+# define OPENSSL_secure_malloc(num) \
+        CRYPTO_secure_malloc((int)num,__FILE__,__LINE__)
+# define OPENSSL_secure_free(addr) \
+        CRYPTO_secure_free(addr)
+
+int CRYPTO_secure_malloc_init(size_t sz, int minsize);
+void CRYPTO_secure_malloc_done(void);
+void *CRYPTO_secure_malloc(int num, const char *file, int line);
+void CRYPTO_secure_free(void *ptr);
+int CRYPTO_secure_allocated(const void *ptr);
+int CRYPTO_secure_malloc_initialized(void);
+
+int CRYPTO_set_secure_mem_functions(void *(*m)(size_t), void (*f)(void *));
+int CRYPTO_set_secure_mem_ex_functions(void *(*m)(size_t,const char *,int),
+                                       void (*f)(void *));
+void CRYPTO_get_secure_mem_functions(void *(**m)(size_t), void (**f)(void *));
+void CRYPTO_get_secure_mem_ex_functions(void *(**m)(size_t,const char *,int),
+                                        void (**f)(void *));
+
 void OPENSSL_cleanse(void *ptr, size_t len);
 
 void CRYPTO_set_mem_debug_options(long bits);
author	Rich Salz <rsalz@akamai.com>	2015-04-24 16:39:40 -0400
committer	Rich Salz <rsalz@openssl.org>	2015-06-23 17:09:35 -0400
commit	74924dcb3802640d7e2ae2e80ca6515d0a53de7a (patch)
tree	6de4138b01d5f649bdaa32d858bd5fa20e9ad4b6 /include
parent	ce7e647bc2c328404b1e3cdac6211773afdefe07 (diff)
download	openssl-74924dcb3802640d7e2ae2e80ca6515d0a53de7a.tar.gz