Re: [PATCH ima-evm-utils v2] Use secure heap for private keys and passwords
From: Mimi Zohar <zohar@linux.ibm.com>
Date: 2021-08-19 18:06:16
On Thu, 2021-08-19 at 05:11 +0300, Vitaly Chikunov wrote:
After CRYPTO_secure_malloc_init OpenSSL will store private keys in secure heap. This facility is only available since OpenSSL_1_1_0-pre1. Signed-off-by: Vitaly Chikunov <redacted> --- Change from v1: - Do not use setfbuf to disable buffering as this is not proven to be meaningful. - Use secure heap for passwords too as suggested by Mimi Zohar. - Fallback to OPENSSL_malloc for old OpenSSL as suggested by Mimi Zohar. - Simplify logic of calling CRYPTO_secure_malloc_init (call it always on OpenSSL init.) - Should be applied after Bruno Meneguele's "evmctl: fix memory leak in get_password" patch v2.
Not sure why it isn't applying with/without Bruno's v2 patch.
quoted hunk ↗ jump to hunk
src/evmctl.c | 143 ++++++++++++++++++++++++++++++++++++++++++--------- 1 file changed, 118 insertions(+), 25 deletions(-)diff --git a/src/evmctl.c b/src/evmctl.c
quoted hunk ↗ jump to hunk
@@ -188,7 +207,9 @@ static int bin2file(const char *file, const char *ext, const unsigned char *data return err; } -static unsigned char *file2bin(const char *file, const char *ext, int *size) +/* Return data in OpenSSL secure heap if 'secure' is true. */ +static unsigned char *file2bin(const char *file, const char *ext, int *size, + int secure) { FILE *fp; size_t len;@@ -215,7 +236,10 @@ static unsigned char *file2bin(const char *file, const char *ext, int *size) } len = stats.st_size; - data = malloc(len); + if (secure) + data = OPENSSL_secure_malloc(len); + else + data = malloc(len);
Without being able to apply the patch, it's hard to tell if there should be a preparatory patch that first replaces malloc() with OPENSSL_malloc(), and other similar changes. thanks, Mimi
if (!data) {
log_err("Failed to malloc %zu bytes: %s\n", len, name);
fclose(fp);