Implement the CRYPTO_secure_clear_free function.

Use OPENSSL_secure_clear_free for secure mem BIOs and X25519 private keys. Reviewed-by: Rich Salz <rsalz@openssl.org> (Merged from https://github.com/openssl/openssl/pull/4048)
2025-05-11 17:09:40 +00:00 · 2017-07-29 19:49:26 +02:00 · 2017-07-29 19:49:26 +02:00 · ba8376b59c
commit ba8376b59c
parent a2ce081490
6 changed files with 43 additions and 4 deletions
--- a/crypto/buffer/buffer.c
+++ b/crypto/buffer/buffer.c
@ -47,7 +47,7 @@ void BUF_MEM_free(BUF_MEM *a)

    if (a->data != NULL) {
        if (a->flags & BUF_MEM_FLAG_SECURE)
-            OPENSSL_secure_free(a->data);
+            OPENSSL_secure_clear_free(a->data, a->max);
        else
            OPENSSL_clear_free(a->data, a->max);
    }
@ -64,7 +64,7 @@ static char *sec_alloc_realloc(BUF_MEM *str, size_t len)
    if (str->data != NULL) {
        if (ret != NULL) {
            memcpy(ret, str->data, str->length);
-            OPENSSL_secure_free(str->data);
+            OPENSSL_secure_clear_free(str->data, str->length);
            str->data = NULL;
        }
    }
--- a/crypto/ec/ecx_meth.c
+++ b/crypto/ec/ecx_meth.c
@ -212,7 +212,7 @@ static void ecx_free(EVP_PKEY *pkey)
    X25519_KEY *xkey = pkey->pkey.ptr;

    if (xkey)
-        OPENSSL_secure_free(xkey->privkey);
+        OPENSSL_secure_clear_free(xkey->privkey, X25519_KEYLEN);
    OPENSSL_free(xkey);
 }

--- a/crypto/mem_sec.c
+++ b/crypto/mem_sec.c
@ -156,6 +156,33 @@ void CRYPTO_secure_free(void *ptr, const char *file, int line)
 #endif /* IMPLEMENTED */
 }

+void CRYPTO_secure_clear_free(void *ptr, size_t num,
+                              const char *file, int line)
+{
+#ifdef IMPLEMENTED
+    size_t actual_size;
+
+    if (ptr == NULL)
+        return;
+    if (!CRYPTO_secure_allocated(ptr)) {
+        OPENSSL_cleanse(ptr, num);
+        CRYPTO_free(ptr, file, line);
+        return;
+    }
+    CRYPTO_THREAD_write_lock(sec_malloc_lock);
+    actual_size = sh_actual_size(ptr);
+    CLEAR(ptr, actual_size);
+    secure_mem_used -= actual_size;
+    sh_free(ptr);
+    CRYPTO_THREAD_unlock(sec_malloc_lock);
+#else
+    if (ptr == NULL)
+        return;
+    OPENSSL_cleanse(ptr, num);
+    CRYPTO_free(ptr, file, line);
+#endif /* IMPLEMENTED */
+}
+
 int CRYPTO_secure_allocated(const void *ptr)
 {
 #ifdef IMPLEMENTED
--- a/doc/crypto/OPENSSL_secure_malloc.pod
+++ b/doc/crypto/OPENSSL_secure_malloc.pod
@ -27,6 +27,9 @@ CRYPTO_secure_used - secure heap storage
 void OPENSSL_secure_free(void* ptr);
 void CRYPTO_secure_free(void *ptr, const char *, int);

+ void OPENSSL_secure_clear_free(void* ptr, size_t num);
+ void CRYPTO_secure_clear_free(void *ptr, size_t num, const char *, int);
+
 size_t OPENSSL_secure_actual_size(const void *ptr);
 int OPENSSL_secure_allocated(const void *ptr);

@ -104,13 +107,17 @@ CRYPTO_secure_allocated() returns 1 if the pointer is in the secure heap, or 0 i

 CRYPTO_secure_malloc_done() returns 1 if the secure memory area is released, or 0 if not.

-OPENSSL_secure_free() returns no values.
+OPENSSL_secure_free() and OPENSSL_secure_clear_free() return no values.

 =head1 SEE ALSO

 L<OPENSSL_malloc(3)>,
 L<BN_new(3)>

+=head1 HISTORY
+
+OPENSSL_secure_clear_free() was added in OpenSSL 1.1.0g.
+
 =head1 COPYRIGHT

 Copyright 2015-2016 The OpenSSL Project Authors. All Rights Reserved.
--- a/include/openssl/crypto.h
+++ b/include/openssl/crypto.h
@ -146,6 +146,8 @@ int CRYPTO_mem_ctrl(int mode);
        CRYPTO_secure_zalloc(num, OPENSSL_FILE, OPENSSL_LINE)
 # define OPENSSL_secure_free(addr) \
        CRYPTO_secure_free(addr, OPENSSL_FILE, OPENSSL_LINE)
+# define OPENSSL_secure_clear_free(addr, num) \
+        CRYPTO_secure_clear_free(addr, num, OPENSSL_FILE, OPENSSL_LINE)
 # define OPENSSL_secure_actual_size(ptr) \
        CRYPTO_secure_actual_size(ptr)

@ -285,6 +287,8 @@ int CRYPTO_secure_malloc_done(void);
 void *CRYPTO_secure_malloc(size_t num, const char *file, int line);
 void *CRYPTO_secure_zalloc(size_t num, const char *file, int line);
 void CRYPTO_secure_free(void *ptr, const char *file, int line);
+void CRYPTO_secure_clear_free(void *ptr, size_t num,
+                              const char *file, int line);
 int CRYPTO_secure_allocated(const void *ptr);
 int CRYPTO_secure_malloc_initialized(void);
 size_t CRYPTO_secure_actual_size(void *ptr);
--- a/util/libcrypto.num
+++ b/util/libcrypto.num
@ -4230,3 +4230,4 @@ UINT32_it                               4214	1_1_0f	EXIST:!EXPORT_VAR_AS_FUNCTIO
 UINT32_it                               4214	1_1_0f	EXIST:EXPORT_VAR_AS_FUNCTION:FUNCTION:
 ZINT64_it                               4215	1_1_0f	EXIST:!EXPORT_VAR_AS_FUNCTION:VARIABLE:
 ZINT64_it                               4215	1_1_0f	EXIST:EXPORT_VAR_AS_FUNCTION:FUNCTION:
+CRYPTO_secure_clear_free                4315	1_1_0g	EXIST::FUNCTION: