Custom secure heap implementation

classic Classic list List threaded Threaded
4 messages Options
Reply | Threaded
Open this post in threaded view
|

Custom secure heap implementation

Tobias Nießen
Hello,

I have been experimenting with a custom secure heap implementation recently. Would OpenSSL be open to a patch that allows users to replace the OpenSSL implementation with their own, similarly to how CRYPTO_set_mem_functions works? Based on mem_sec.c, at least sh_malloc, sh_free, sh_actual_size and sh_allocated need to be pluggable, probably also a new function for CRYPTO_secure_used.

Also, should thread safety be part of OpenSSL as it is right now (via sec_malloc_lock), or should it be up to the implementation?

Regards,
Tobias

Reply | Threaded
Open this post in threaded view
|

Re: Custom secure heap implementation

Dr Paul Dale

We would consider a patch of this nature.  There are plenty of platforms where we don’t know and don’t support secure memory.  Having customisable hooks would allow them secure memory too.


Yes, is *must* be thread safe — just like the existing implementation.


The malloc and free are the important calls.  I’m not sure the size and allocated calls are used widely (but it’s worth a check).
Secure memory *always* cleanses currently and I don’t see that changing — if something is important enough to put in secure memory, it’s important enough to zero on free.


Pauli

-- 
Dr Paul Dale | Cryptographer | Network Security & Encryption 
Phone +61 7 3031 7217
Oracle Australia



On 5 May 2019, at 11:15 pm, Tobias Nießen <[hidden email]> wrote:

Hello,

I have been experimenting with a custom secure heap implementation recently. Would OpenSSL be open to a patch that allows users to replace the OpenSSL implementation with their own, similarly to how CRYPTO_set_mem_functions works? Based on mem_sec.c, at least sh_malloc, sh_free, sh_actual_size and sh_allocated need to be pluggable, probably also a new function for CRYPTO_secure_used.

Also, should thread safety be part of OpenSSL as it is right now (via sec_malloc_lock), or should it be up to the implementation?

Regards,
Tobias


Reply | Threaded
Open this post in threaded view
|

Re: Custom secure heap implementation

OpenSSL - User mailing list
In reply to this post by Tobias Nießen
The intent is that you replace the upper layer, CRYPTO_secure_xxxxx

What does your implementation do differently, and which platforms does it work on?


Reply | Threaded
Open this post in threaded view
|

Re: Custom secure heap implementation

Tobias Nießen

> What does your implementation do differently, and which platforms does it work on?

It is still an early prototype, but it already allows dynamic expansion of the secure heap (as well as shrinking) and I hope to add support for Microsoft Windows after the POSIX / Linux implementation.