On Thu, Nov 16, 2000 at 01:45:44PM -0800, Geoff Thorpe wrote:
[...]
> Exploring that a bit further ... customised memory functions (or even
> defaults) could also support the ability to alter the level of sensitivity
> of data after it has been allocated - hence BIGNUM neededn't be inherently
> sensitive which would hopefully actually gain effecieincy - eg. the RSA
> code could load up the key parameters and go in afterwards marking only
> private key data as "sensitive" which means only *that* data is going to
> be subject to sanitisation when it's realloc'd and free'd.
We already have 'OPENSSL_malloc_locked', which is intended for memory
blocks that should not be swapped out, or something like that.
Actually OPENSSL_malloc_locked() is (usually) the same as
OPENSSL_malloc(), and I have never checked if all code that should be
using OPENSSL_malloc_locked() actually uses it (probably not). More
annoyingly, OPENSSL_realloc() can't tell if a pointer given to it
points to memory obtained by OPENSSL_malloc_locked() or by
OPENSSL_malloc().
--
Bodo M�ller <[EMAIL PROTECTED]>
PGP http://www.informatik.tu-darmstadt.de/TI/Mitarbeiter/moeller/0x36d2c658.html
* TU Darmstadt, Theoretische Informatik, Alexanderstr. 10, D-64283 Darmstadt
* Tel. +49-6151-16-6628, Fax +49-6151-16-6036
______________________________________________________________________
OpenSSL Project http://www.openssl.org
Development Mailing List [EMAIL PROTECTED]
Automated List Manager [EMAIL PROTECTED]
