openssl/crypto
Benjamin Kaduk 44612e0a81 Make PEM_read_{,bio_}PrivateKey use secmem
We now have a version of PEM_read_bytes that can use temporary
buffers allocated from the secure heap; use them to handle this
sensitive information.

Note that for PEM_read_PrivateKey, the i/o still goes through
stdio since the input is a FILE pointer.  Standard I/O performs
additional buffering, which cannot be changed to use the OpenSSL
secure heap for temporary storage.  As such, it is recommended
to use BIO_new_file() and PEM_read_bio_PrivateKey() instead.

Reviewed-by: Rich Salz <rsalz@openssl.org>
Reviewed-by: Richard Levitte <levitte@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/1700)
2017-05-08 21:20:31 +02:00
..
aes More typo fixes 2017-03-29 07:14:29 +02:00
aria Add ARIA 32-bit implementation 2017-04-20 22:55:40 +02:00
asn1 Fix time offset calculation. 2017-05-02 10:38:54 +02:00
async Further improvements to ASYNC_WAIT_CTX_clear_fd 2017-02-13 15:29:43 +00:00
bf Remove a pointless "#ifndef" from bf_enc.c 2017-02-28 15:17:46 +00:00
bio Check fflush on BIO_ctrl call 2017-04-28 14:14:59 -04:00
blake2 Fix some extra or missing whitespaces... 2017-01-25 09:06:34 +00:00
bn Numbers greater than 1 are usually non-negative. 2017-04-21 12:22:37 -04:00
buffer Check for errors allocating the error strings. 2016-07-20 19:20:53 +02:00
camellia camellia/asm/cmll-x86_64.pl: add CFI annotations. 2017-02-26 21:26:09 +01:00
cast Address some -Wold-style-declaration warnings 2017-05-01 14:23:28 -04:00
chacha x86_64 assembly pack: add some Ryzen performance results. 2017-03-22 10:58:01 +01:00
cmac Don't use deprecated EVP_CIPHER_CTX_cleanup() internally 2017-03-01 11:42:50 +01:00
cms ASN.1: adapt our use of INTxx et al by making them explicitely embedded 2017-04-13 10:23:31 +02:00
comp Fix zlib BIO_METHOD for latest BIO_METHOD structure changes 2016-11-08 13:58:10 +00:00
conf Fix out-of-memory condition in conf 2017-03-12 00:19:14 +00:00
ct Fix faulty free 2017-01-29 15:31:01 +01:00
des des/des_locl.h: clean up unused/irrelevant macros. 2017-03-02 16:16:52 +01:00
dh ASN.1: adapt our use of INTxx et al by making them explicitely embedded 2017-04-13 10:23:31 +02:00
dsa ASN.1: adapt our use of INTxx et al by making them explicitely embedded 2017-04-13 10:23:31 +02:00
dso Remove some commented out code in libcrypto 2017-02-28 16:02:11 +00:00
ec Fix URL links in comment 2017-05-02 10:53:10 -04:00
engine Don't try to clean up RAND from ENGINE 2017-04-07 04:55:16 +02:00
err Fix pathname errors in errcode file 2017-05-04 13:22:59 -04:00
evp check length sanity before correcting in EVP_CTRL_AEAD_TLS1_AAD 2017-04-24 11:19:56 -04:00
hmac PBKDF2 computation speedup (15-40%) 2017-04-04 10:44:17 -04:00
idea Remove/rename some old files. 2016-06-01 11:29:57 -04:00
include/internal Address some -Wold-style-declaration warnings 2017-05-01 14:23:28 -04:00
kdf Following the changes to HKDF to accept a mode, add some tests for this 2016-11-09 10:36:54 +00:00
lhash Remove some commented out code in libcrypto 2017-02-28 16:02:11 +00:00
md2 Convert memset calls to OPENSSL_cleanse 2016-06-30 15:51:57 +01:00
md4 Remove/rename some old files. 2016-06-01 11:29:57 -04:00
md5 {md5,rc4}/asm/*-x86_64.pl: add CFI annotations. 2017-02-13 14:16:01 +01:00
mdc2 Convert mdc2 test print to internal test 2016-11-03 13:13:31 +01:00
modes modes/ocb128.c: fix misaligned access in ILP32 builds on 64-bit processors. 2017-03-22 11:09:12 +01:00
objects Added support for ESSCertIDv2 2017-05-03 09:04:23 +02:00
ocsp Add OCSP_RESPID_match() 2016-09-22 09:27:45 +01:00
pem Make PEM_read_{,bio_}PrivateKey use secmem 2017-05-08 21:20:31 +02:00
perlasm perlasm/x86_64-xlate.pl: work around problem with hex constants in masm. 2017-05-05 16:53:33 +02:00
pkcs7 Remove dead code in crypto/pkcs7 2017-02-28 12:58:26 +01:00
pkcs12 Fix memory leak in pkcs12 -export 2017-02-21 14:47:18 -05:00
poly1305 poly1305/asm/poly1305-x86_64.pl: add poly1305_blocks_vpmadd52_8x. 2017-03-22 10:59:59 +01:00
rand rand/rand_lib.c: keep fixing no-engine configuration. 2017-04-10 12:09:23 +02:00
rc2 Clean away remaining 'selftest' code 2016-11-03 13:15:40 +01:00
rc4 {md5,rc4}/asm/*-x86_64.pl: add CFI annotations. 2017-02-13 14:16:01 +01:00
rc5 Remove/rename some old files. 2016-06-01 11:29:57 -04:00
ripemd Remove trailing whitespace from some files. 2016-10-10 23:36:21 +01:00
rsa Remove unnecessary loop in pkey_rsa_decrypt. 2017-04-26 20:47:37 -04:00
seed Use _WIN32 over WIN32 for preprocessor conditional 2017-02-16 08:59:47 -05:00
sha sha/sha512.c: fix formatting. 2017-05-05 17:04:09 +02:00
siphash Add support for parameterized SipHash 2017-02-01 14:14:36 -05:00
srp Correct some badly formated preprocessor lines 2017-04-25 15:44:48 +02:00
stack Don't leak on an OPENSSL_realloc() failure 2016-09-21 20:27:15 +01:00
ts Added support for ESSCertIDv2 2017-05-03 09:04:23 +02:00
txt_db Fix a few memleaks in TXT_DB. 2017-02-21 14:13:58 -05:00
ui Make default_method mostly compile-time 2017-04-07 12:19:46 -04:00
whrlpool whrlpool/asm/wp-x86_64.pl: add CFI annotations. 2017-02-26 21:26:24 +01:00
x509 Use X509_get_signature_info() when checking security levels. 2017-04-25 22:12:34 +01:00
x509v3 Fix some error path logic in i2v_AUTHORITY_INFO_ACCESS and i2v_GENERAL_NAME 2017-05-02 17:12:33 +01:00
alphacpuid.pl Add assembly CRYPTO_memcmp. 2016-05-19 22:33:00 +02:00
arm64cpuid.pl Add assembly CRYPTO_memcmp. 2016-05-19 22:33:00 +02:00
arm_arch.h
armcap.c crypto/armcap.c: short-circuit processor capability probe in iOS builds. 2017-02-15 23:16:23 +01:00
armv4cpuid.pl ARMv4 assembly pack: harmonize Thumb-ification of iOS build. 2017-02-15 23:16:01 +01:00
build.info Move OS-specific fopen quirks to o_fopen.c. 2016-06-22 21:51:53 +02:00
c64xpluscpuid.pl Add assembly CRYPTO_memcmp. 2016-05-19 22:33:00 +02:00
cpt_err.c Check for errors allocating the error strings. 2016-07-20 19:20:53 +02:00
cryptlib.c Use memcmp() instead of CRYPTO_memcmp() when fuzzing 2017-03-19 14:34:07 +01:00
cversion.c
dllmain.c
ebcdic.c Copyright consolidation 05/10 2016-05-17 15:38:09 -04:00
ex_data.c Fix the error handling in CRYPTO_dup_ex_data. 2017-03-20 13:11:31 +01:00
ia64cpuid.S Add final(?) set of copyrights. 2016-06-01 11:27:25 -04:00
init.c Don't leave stale errors on queue if DSO_dsobyaddr() fails 2017-05-04 15:51:26 +01:00
LPdir_nyi.c Remove the silly CVS markers from LPdir_*.c 2016-07-16 07:58:23 +02:00
LPdir_unix.c Remove the silly CVS markers from LPdir_*.c 2016-07-16 07:58:23 +02:00
LPdir_vms.c Copyright consolidation 05/10 2016-05-17 15:38:09 -04:00
LPdir_win.c Fix mingw build 2016-07-18 10:47:07 +01:00
LPdir_win32.c Remove the silly CVS markers from LPdir_*.c 2016-07-16 07:58:23 +02:00
LPdir_wince.c Remove the silly CVS markers from LPdir_*.c 2016-07-16 07:58:23 +02:00
mem.c Removed ugly size_t less than zero check. 2017-02-21 12:30:23 -05:00
mem_clr.c Fix some style issues... 2016-08-02 09:59:23 +02:00
mem_dbg.c Add CRYPTO_mem_leaks_cb 2017-04-24 18:09:01 +02:00
mem_sec.c Add support for MLOCK_ONFAULT to secure arena 2017-04-06 12:53:23 +02:00
mips_arch.h Remove trailing whitespace from some files. 2016-10-10 23:36:21 +01:00
o_dir.c Fix typo, missing || 2017-02-22 19:51:04 +01:00
o_fips.c Clean up references to FIPS 2017-02-28 15:26:25 +01:00
o_fopen.c Fix a few if(, for(, while( inside code. 2016-07-20 07:21:53 -04:00
o_init.c Clean up references to FIPS 2017-02-28 15:26:25 +01:00
o_str.c Address some -Wold-style-declaration warnings 2017-05-01 14:23:28 -04:00
o_time.c Reset executable bits on files where not needed. 2017-03-03 09:13:40 +01:00
pariscid.pl Add assembly CRYPTO_memcmp. 2016-05-19 22:33:00 +02:00
ppc_arch.h GH919: Fix wrappers for two headers 2016-05-24 11:04:38 -04:00
ppccap.c crypto/ppccap.c: SIGILL-free processor capabilities detection on MacOS X. 2017-04-02 20:45:59 +02:00
ppccpuid.pl Add assembly CRYPTO_memcmp. 2016-05-19 22:33:00 +02:00
s390xcap.c Fix strict-warnings build 2016-10-18 17:09:47 +01:00
s390xcpuid.S s390x assembly pack: improve portability. 2016-06-06 11:08:04 +02:00
sparc_arch.h
sparccpuid.S Clean up references to FIPS 2017-02-28 15:26:25 +01:00
sparcv9cap.c crypto/sparcv9cap.c: add missing declaration. 2016-08-12 10:26:20 +02:00
threads_none.c
threads_pthread.c Grouped data declarations [skip ci] 2017-02-03 13:48:44 +01:00
threads_win.c Revert "Fixed deadlock in CRYPTO_THREAD_run_once for Windows" 2016-11-14 11:55:13 +00:00
uid.c Cleaning UEFI Build with additional OPENSSL_SYS_UEFI flags 2017-03-29 07:35:59 +02:00
vms_rms.h
x86_64cpuid.pl crypto/x86*cpuid.pl: move extended feature detection. 2017-03-13 18:42:10 +01:00
x86cpuid.pl More typo fixes 2017-03-29 07:14:29 +02:00