wbrawner/openssl
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions
openssl/crypto
History
Matt Caswell 16d92fa873 Don't store an HMAC key for longer than we need 
The HMAC_CTX structure stores the original key in case the ctx is reused
without changing the key.

However, HMAC_Init_ex() checks its parameters such that the only code path
where the stored key is ever used is in the case where HMAC_Init_ex is
called with a NULL key and an explicit md is provided which is the same as
the md that was provided previously. But in that case we can actually reuse
the pre-digested key that we calculated last time, so we can refactor the
code not to use the stored key at all.

With that refactor done it is no longer necessary to store the key in the
ctx at all. This means that long running ctx's will not keep the key in
memory for any longer than required. Note though that the digested key
*is* still kept in memory for the duration of the life of the ctx.

Fixes #10743

Reviewed-by: Paul Dale <paul.dale@oracle.com>
Reviewed-by: Tomas Mraz <tmraz@fedoraproject.org>
(Merged from https://github.com/openssl/openssl/pull/10763)
2020-01-07 11:53:29 +00:00
..
aes Fix aesni_cbc_sha256_enc_avx2 backtrace info 2019-12-23 17:00:15 +01:00
aria Reorganize private crypto header files 2019-09-27 23:57:58 +02:00
asn1 Run make update 2020-01-02 14:45:04 +00:00
async Fix header file include guard names 2019-09-27 23:58:12 +02:00
bf Fix header file include guard names 2019-09-27 23:58:12 +02:00
bio BIO_s_connect: add an error state and use it 2019-11-05 22:17:12 +01:00
blake2 Reorganize local header files 2019-09-27 23:58:06 +02:00
bn Run make update 2020-01-02 14:45:04 +00:00
buffer
camellia Add some missing cfi frame info in camellia-x86_64.pl 2019-12-20 22:44:03 +01:00
cast Reorganize local header files 2019-09-27 23:58:06 +02:00
chacha chacha_enc.c: fix for EBCDIC platforms 2019-11-13 18:08:55 +01:00
cmac Reorganize private crypto header files 2019-09-27 23:57:58 +02:00
cms Fix a bundle of mischecks of return values 2019-09-30 17:19:05 +08:00
comp Reorganize local header files 2019-09-27 23:58:06 +02:00
conf Run make update 2020-01-02 14:45:04 +00:00
ct Reorganize local header files 2019-09-27 23:58:06 +02:00
des Fix some typos 2019-12-11 19:17:00 +01:00
dh Fix potential memory leak in dh_ameth.c 2019-11-01 12:47:13 +01:00
dsa Document and add macros for additional DSA options 2019-10-15 16:04:46 +02:00
dso Reorganize local header files 2019-09-27 23:58:06 +02:00
ec Fix incorrect return code on ECDSA key verification 2020-01-05 15:52:00 +02:00
engine Engine: Add NULL check. 2019-11-21 14:32:54 +10:00
err rand_lib.c: fix null pointer dereferences after RAND_get_rand_method() failure 2019-12-15 15:25:18 +01:00
evp Ensure EVP_PKEY_set1_DH detects X9.42 keys 2019-12-16 14:34:26 +00:00
hmac Don't store an HMAC key for longer than we need 2020-01-07 11:53:29 +00:00
idea Reorganize local header files 2019-09-27 23:58:06 +02:00
kdf Reorganize private crypto header files 2019-09-27 23:57:58 +02:00
lhash Reorganize local header files 2019-09-27 23:58:06 +02:00
md2
md4 md4/md5: macros should not include the line following them 2019-11-01 15:59:40 +01:00
md5 md4/md5: macros should not include the line following them 2019-11-01 15:59:40 +01:00
mdc2
modes Add some missing cfi frame info in aesni-gcm-x86_64.pl 2019-12-23 20:24:55 +01:00
objects Run make update 2020-01-02 14:45:04 +00:00
ocsp Reorganize local header files 2019-09-27 23:58:06 +02:00
pem i2b_PVK(): Use Encrypt, not Decrypt 2019-11-27 20:34:13 +01:00
perlasm Update copyright year 2019-02-26 14:05:09 +00:00
pkcs7 Reorganize private crypto header files 2019-09-27 23:57:58 +02:00
pkcs12 Reorganize local header files 2019-09-27 23:58:06 +02:00
poly1305 Add some missing cfi frame info in poly1305-x86_64.pl 2019-12-23 20:27:46 +01:00
rand rand_lib.c: fix null pointer dereferences after RAND_get_rand_method() failure 2019-12-15 15:25:18 +01:00
rc2 Reorganize local header files 2019-09-27 23:58:06 +02:00
rc4 Add some missing cfi frame info in rc4-md5-x86_64.pl 2019-12-23 20:30:23 +01:00
rc5 Reorganize local header files 2019-09-27 23:58:06 +02:00
ripemd Reorganize local header files 2019-09-27 23:58:06 +02:00
rsa Backport the RSA_get0_pss_params() function from master 2019-12-16 14:50:07 +00:00
seed Fix header file include guard names 2019-09-27 23:58:12 +02:00
sha Add some missing cfi frame info in aesni-sha and sha-x86_64.pl 2019-12-20 23:15:49 +01:00
siphash Reorganize private crypto header files 2019-09-27 23:57:58 +02:00
sm2 Suppress an error when doing SM2 sign/verify ops 2019-10-29 20:36:05 +08:00
sm3 Reorganize local header files 2019-09-27 23:58:06 +02:00
sm4 Reorganize private crypto header files 2019-09-27 23:57:58 +02:00
srp Reorganize private crypto header files 2019-09-27 23:57:58 +02:00
stack
store Reorganize local header files 2019-09-27 23:58:06 +02:00
ts Reorganize local header files 2019-09-27 23:58:06 +02:00
txt_db
ui UI_UTIL_wrap_read_pem_callback(): when |cb| is NULL, use PEM_def_callback 2019-11-22 15:22:37 +01:00
whrlpool Reorganize local header files 2019-09-27 23:58:06 +02:00
x509 Reorganize local header files 2019-09-27 23:58:06 +02:00
x509v3 Don't leak memory in the event of a failure in i2v_GENERAL_NAMES 2019-11-04 12:54:36 +00:00
alphacpuid.pl
arm64cpuid.pl
arm_arch.h Fix header file include guard names 2019-09-27 23:58:12 +02:00
armcap.c Update copyright year 2019-02-26 14:05:09 +00:00
armv4cpuid.pl
build.info Use secure_getenv(3) when available. 2018-09-24 11:22:22 +10:00
c64xpluscpuid.pl
cpt_err.c
cryptlib.c Reorganize private crypto header files 2019-09-27 23:57:58 +02:00
ctype.c Reorganize private crypto header files 2019-09-27 23:57:58 +02:00
cversion.c
dllmain.c Reorganize private crypto header files 2019-09-27 23:57:58 +02:00
ebcdic.c
ex_data.c Reorganize private crypto header files 2019-09-27 23:57:58 +02:00
getenv.c Use secure_getenv(3) when available. 2018-09-24 11:22:22 +10:00
ia64cpuid.S
init.c Reorganize private crypto header files 2019-09-27 23:57:58 +02:00
LPdir_nyi.c
LPdir_unix.c Fix a -Warray-bounds gcc warning in OPENSSL_DIR_read 2019-11-09 10:51:43 +01:00
LPdir_vms.c
LPdir_win.c
LPdir_win32.c
LPdir_wince.c
mem.c Reorganize private crypto header files 2019-09-27 23:57:58 +02:00
mem_clr.c
mem_dbg.c
mem_sec.c test/secmemtest: test secure memory only if it is implemented 2018-10-05 12:23:34 +02:00
mips_arch.h Fix header file include guard names 2019-09-27 23:58:12 +02:00
o_dir.c
o_fips.c
o_fopen.c Add missing include file. 2018-09-17 12:54:20 +10:00
o_init.c
o_str.c Fix error handling at openssl_strerror_r 2019-06-18 13:58:52 +02:00
o_time.c
pariscid.pl
ppc_arch.h Fix header file include guard names 2019-09-27 23:58:12 +02:00
ppccap.c Reorganize local header files 2019-09-27 23:58:06 +02:00
ppccpuid.pl Update copyright year 2019-02-26 14:05:09 +00:00
s390x_arch.h Fix header file include guard names 2019-09-27 23:58:12 +02:00
s390xcap.c Update copyright year 2019-09-10 13:56:40 +01:00
s390xcpuid.pl
sparc_arch.h Fix header file include guard names 2019-09-27 23:58:12 +02:00
sparccpuid.S
sparcv9cap.c
threads_none.c crypto/threads_none.c: fix syntax error in openssl_get_fork_id() 2019-09-11 10:32:03 +02:00
threads_pthread.c Update copyright year 2019-09-10 13:56:40 +01:00
threads_win.c crypto/threads_win.c: fix preprocessor indentation 2019-09-11 10:40:18 +02:00
uid.c Swap #if blocks in uid.c so target platform gets checked before host 2019-06-18 12:53:27 +10:00
vms_rms.h
x86_64cpuid.pl Fix unwind info for some trivial functions 2019-12-18 14:28:49 +01:00
x86cpuid.pl