Re: Hmm... (discoveries about BIGNUM code)

[Richard Levitte - VMS Whacker]

From: Richard Levitte - VMS Whacker <[EMAIL PROTECTED]>

levitte> From: Geoff Thorpe <[EMAIL PROTECTED]>
levitte> 
levitte> geoff> Might I propose another thought? We implement a sanitising heap
levitte> geoff> around malloc/realloc/free and allow it to be substituted in
levitte> geoff> (or even substituted *out* if we want it by default?) by
levitte> geoff> calling a new CRYPTO_set_safe_mem_functions(void) type of
levitte> geoff> function?
levitte> 
levitte> That sounds reasonable.  However, I'd like it to be enabled by
levitte> default, and give people the option to remove or replace at their
levitte> leasure.

Uhmm, when I come to think of it, that's a bad solution from a
performance point of view.  There's no point zeroing things you know
are non-secret, like public keys or certificates...

-- 
Richard Levitte   \ Spannv�gen 38, II \ [EMAIL PROTECTED]
Chairman@Stacken   \ S-168 35  BROMMA  \ T: +46-8-26 52 47
Redakteur@Stacken   \      SWEDEN       \ or +46-709-50 36 10
Procurator Odiosus Ex Infernis                -- [EMAIL PROTECTED]
Member of the OpenSSL development team: http://www.openssl.org/
Software Engineer, Celo Communications: http://www.celocom.com/

Unsolicited commercial email is subject to an archival fee of $400.
See <http://www.stacken.kth.se/~levitte/mail/> for more info.
______________________________________________________________________
OpenSSL Project                                 http://www.openssl.org
Development Mailing List                       [EMAIL PROTECTED]
Automated List Manager                           [EMAIL PROTECTED]