diff options
| author | Benjamin Kaduk <bkaduk@akamai.com> | 2016-02-20 00:36:52 +0100 |
|---|---|---|
| committer | Richard Levitte <levitte@openssl.org> | 2017-05-08 21:20:31 +0200 |
| commit | 44612e0a817d1cf25df776b00993820f612f3cd3 (patch) | |
| tree | 3147cd6eca8983e6d926b3351d833d5260d15d9c /crypto/pem | |
| parent | Add PEM_bytes_read_bio_secmem() (diff) | |
| download | openssl-44612e0a817d1cf25df776b00993820f612f3cd3.tar.xz openssl-44612e0a817d1cf25df776b00993820f612f3cd3.zip | |
Make PEM_read_{,bio_}PrivateKey use secmem
We now have a version of PEM_read_bytes that can use temporary
buffers allocated from the secure heap; use them to handle this
sensitive information.
Note that for PEM_read_PrivateKey, the i/o still goes through
stdio since the input is a FILE pointer. Standard I/O performs
additional buffering, which cannot be changed to use the OpenSSL
secure heap for temporary storage. As such, it is recommended
to use BIO_new_file() and PEM_read_bio_PrivateKey() instead.
Reviewed-by: Rich Salz <rsalz@openssl.org>
Reviewed-by: Richard Levitte <levitte@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/1700)
Diffstat (limited to 'crypto/pem')
| -rw-r--r-- | crypto/pem/pem_pkey.c | 7 |
1 files changed, 4 insertions, 3 deletions
diff --git a/crypto/pem/pem_pkey.c b/crypto/pem/pem_pkey.c index 6308622707..93565011c0 100644 --- a/crypto/pem/pem_pkey.c +++ b/crypto/pem/pem_pkey.c @@ -32,7 +32,8 @@ EVP_PKEY *PEM_read_bio_PrivateKey(BIO *bp, EVP_PKEY **x, pem_password_cb *cb, int slen; EVP_PKEY *ret = NULL; - if (!PEM_bytes_read_bio(&data, &len, &nm, PEM_STRING_EVP_PKEY, bp, cb, u)) + if (!PEM_bytes_read_bio_secmem(&data, &len, &nm, PEM_STRING_EVP_PKEY, bp, + cb, u)) return NULL; p = data; @@ -85,8 +86,8 @@ EVP_PKEY *PEM_read_bio_PrivateKey(BIO *bp, EVP_PKEY **x, pem_password_cb *cb, if (ret == NULL) PEMerr(PEM_F_PEM_READ_BIO_PRIVATEKEY, ERR_R_ASN1_LIB); err: - OPENSSL_free(nm); - OPENSSL_clear_free(data, len); + OPENSSL_secure_free(nm); + OPENSSL_secure_free(data); return (ret); } |