>> If you can present >> coherent argument and consensus is reached, then it would have to be >> implemented universally, not only in aesni-x86_64 module. > > So, hopefully my cross-posted message convinced you.
No, not really. What I meant was that as long as you can't ask even compiler to wipe used registers and stack frame, it doesn't really make sense to strive for this in assembly. Or in other words if we set up for such quest, then we should make corresponding cases with all compiler developers/manufacturers. > To summarize the > argument briefly: > > - Library users may be performing a mix of private cryptographic > operations and operations controlled by untrusted code. Even case for compiler-generated code. > - A large "API" may be exposed to the untrusted code. Even case for compiler-generated code. > - It's easier to sanitize secrets from memory and registers when we > know they contain secrets than it is to ensure that *no* other > functions may leak register contents to untrusted code. Even case for compiler-generated code. > - The cost is negligible. (And it's lower for us than library clients: > They have no way of knowing what registers have been used, so they > would need to do the equivalent of OPENSSL_wipe_cpu.) Even would be case for compiler-generated code. ______________________________________________________________________ OpenSSL Project http://www.openssl.org Development Mailing List openssl-dev@openssl.org Automated List Manager majord...@openssl.org
