[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[openssl-gost] [gost-engine/engine] f3e7c2: ec: Use BN_{CTX_,}secure_new memory API for priv keys

To: openssl-gost@lists.wagner.pp.ru
Subject: [openssl-gost] [gost-engine/engine] f3e7c2: ec: Use BN_{CTX_,}secure_new memory API for priv keys
From: Vitalio <noreply@github.com>
Date: Tue, 25 Feb 2020 13:14:27 -0800
Approved: HtxuToaNt
Dkim-signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=github.com; s=pf2014; t=1582665267; bh=9ElL+Y3qM8Ddjr8+v1S6O40EnIGgJ1xpPymAWaEr+XA=; h=Date:From:To:Subject:From; b=CRobgTxmiq/kjB97Cmhci7Y0lpQmZ9+8A5MfHC8YlcacfZNH/N89QApBMt75kjPQ9 pTP922YEAhKBdrIDklMNVn8SjHgqCoEHvr6zCplOM5XLFuwoAorTHAPqG1ACaf6JZa 6E2vVi3lcfeuDo22JXe4/yc5BbXKWTug5ssqdjEg=
List-help: <mailto:openssl-gost+help@lists.wagner.pp.ru>
List-id: <openssl-gost.lists.wagner.pp.ru>
List-post: <mailto:openssl-gost@lists.wagner.pp.ru>
List-subscribe: <mailto:openssl-gost+subscribe@lists.wagner.pp.ru>
List-unsubscribe: <mailto:openssl-gost+unsubscribe@lists.wagner.pp.ru>
List-url: <https://www.wagner.pp.ru/list-archives/openssl-gost>

  Branch: refs/heads/master
  Home:   https://github.com/gost-engine/engine
  Commit: f3e7c24d4733bb1c096e43345602d3258e994e3c
      https://github.com/gost-engine/engine/commit/f3e7c24d4733bb1c096e43345602d3258e994e3c
  Author: Vitaly Chikunov <vt@altlinux.org>
  Date:   2020-02-26 (Wed, 26 Feb 2020)

  Changed paths:
    M gost_ameth.c
    M gost_ec_keyx.c
    M gost_ec_sign.c
    M gost_lcl.h

  Log Message:
  -----------
  ec: Use BN_{CTX_,}secure_new memory API for priv keys

OpenSSL suggests to use (and internally itself uses)
`BN_{CTX_,}secure_new' primitives to work with private keys.

These are using `OPENSSL_secure_malloc' et al. calls, which use
special 'secure heap' memory.

Along, optimize out `hashsum2bn' with `BN_lebin2bn'.


  Commit: dd6e77bbda3347148139111b9433ab4f6bd1f46c
      https://github.com/gost-engine/engine/commit/dd6e77bbda3347148139111b9433ab4f6bd1f46c
  Author: Vitaly Chikunov <vt@altlinux.org>
  Date:   2020-02-26 (Wed, 26 Feb 2020)

  Changed paths:
    M gost89.c
    M gost_crypt.c
    M gost_grasshopper_cipher.c

  Log Message:
  -----------
  Replace RAND_bytes with RAND_priv_bytes

`RAND_priv_bytes' is supposed to be used for private data.


  Commit: 2883c9c20b26688f648fc14db1637890f96cab35
      https://github.com/gost-engine/engine/commit/2883c9c20b26688f648fc14db1637890f96cab35
  Author: Vitaly Chikunov <vt@altlinux.org>
  Date:   2020-02-26 (Wed, 26 Feb 2020)

  Changed paths:
    M gost_ec_keyx.c

  Log Message:
  -----------
  keyx: Add OPENSSL_cleanse for internal buffers

Only stack buffers are considered.


Compare: https://github.com/gost-engine/engine/compare/77551c5d97fe...2883c9c20b26

Prev by Date: [openssl-gost] [gost-engine/engine] 77551c: No need for special OFB context
Next by Date: [openssl-gost] [gost-engine/engine] 090643: cppcheck: The scope of the variable can be reduced.
Previous by thread: [openssl-gost] [gost-engine/engine] 77551c: No need for special OFB context
Next by thread: [openssl-gost] [gost-engine/engine] 090643: cppcheck: The scope of the variable can be reduced.
Index(es):
- Date
- Thread