Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Use volatile stores in bytes destructor #432

Merged
merged 1 commit into from
Sep 10, 2024

Conversation

rcombs
Copy link
Contributor

@rcombs rcombs commented Sep 6, 2024

Ensures that the zeroization can never be optimized out.

Copy link
Contributor

@bifurcation bifurcation left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

This is a little unfortunate in light of #425. But it's a good point that the std::fill call might get optimized away.

The only other real alternative that occurs to me is to make a Secret class within the hpke library, and use it for the appropriate things elsewhere. That would keep the OpenSSL dependency scoped to the hpke library, which would help w.r.t. #425. But it would be a bigger change to make sure the Secret class got used in exactly the right places and didn't introduce a bunch of unnecessary conversions / copying. So I'm OK doing this PR for now.

@rcombs
Copy link
Contributor Author

rcombs commented Sep 9, 2024

There are also non-openssl routines that can be used for this (e.g. memset_explicit, memset_s, explicit_bzero, SecureZeroMemory…), or std::fill could be used with the pointers casted to volatile.

Ensures that the zeroization can never be optimized out.
@rcombs rcombs changed the title Use OPENSSL_cleanse in bytes destructor Use volatile stores in bytes destructor Sep 9, 2024
@rcombs
Copy link
Contributor Author

rcombs commented Sep 9, 2024

Switched this over to std::fill with volatile pointers, which has the same property of being guaranteed not to be optimized out (since volatile stores cannot be eliminated per the as-if rule), without expanding the openssl dependency; this should also fix the build errors created by including the openssl header.

@bifurcation
Copy link
Contributor

Thanks @rcombs that sounds like a nicer solution to me. Happy to merge once CI passes.

@bifurcation bifurcation merged commit 49f1c41 into cisco:main Sep 10, 2024
14 checks passed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
None yet
Projects
None yet
Development

Successfully merging this pull request may close these issues.

2 participants