Skip to content

Comments

Issue 28885#29297

Closed
coolshrid wants to merge 1 commit intoopenssl:masterfrom
coolshrid:issue-28885
Closed

Issue 28885#29297
coolshrid wants to merge 1 commit intoopenssl:masterfrom
coolshrid:issue-28885

Conversation

@coolshrid
Copy link
Contributor

@coolshrid coolshrid commented Dec 2, 2025

Fixes #28885

@coolshrid coolshrid marked this pull request as ready for review December 3, 2025 00:18
@paulidale
Copy link
Contributor

paulidale commented Dec 3, 2025

#28885 reports other problems which aren't being fixed by this PR.

@loci-dev loci-dev mentioned this pull request Dec 3, 2025
Open
@coolshrid
Copy link
Contributor Author

coolshrid commented Dec 6, 2025

All allocations are happening taking place in file bn_lib.c in a function called bin2bn. The current call sequence to allocate (for example s->srp_ctx.a) are as follows

# File function (line#) Call
1 openssl/ssl/tls_srp.c ssl_srp_calc_a_param_intern (458) s->srp_ctx.a = BN_bin2bn(rnd, sizeof(rnd), s->srp_ctx.a);
2 openssl/crypto/bn/bn_lib.c BN_bin2bn (539) bin2bn
3 openssl/crypto/bn/bn_lib.c bin2bn (451) ret = bn = BN_new();
  1. Should we update BN_new() to BN_secure_new inside the bin2bn.
  2. Or should we pass in an additional flag to the function bin2bin that determines if we should use BN_new() or BN_secure_new
  3. Or should we create a new function called bin2bn_secure that duplicates everything from bin2bn but uses the BN_secure_new instead of BN_new and use this function to allocate a,b,s,v

@t8m
Copy link
Member

t8m commented Dec 12, 2025

All allocations are happening taking place in file bn_lib.c in a function called bin2bn. The current call sequence to allocate (for example s->srp_ctx.a) are as follows

File function (line#) Call

1 openssl/ssl/tls_srp.c ssl_srp_calc_a_param_intern (458) s->srp_ctx.a = BN_bin2bn(rnd, sizeof(rnd), s->srp_ctx.a);
2 openssl/crypto/bn/bn_lib.c BN_bin2bn (539) bin2bn
3 openssl/crypto/bn/bn_lib.c bin2bn (451) ret = bn = BN_new();

1. Should we update `BN_new()` to `BN_secure_new` inside the `bin2bn`.

2. Or should we pass in an additional flag to the function `bin2bin` that determines if we should use `BN_new()` or `BN_secure_new`

3. Or should we create a new function called `bin2bn_secure` that duplicates everything from `bin2bn` but uses the `BN_secure_new` instead of `BN_new` and use this function to allocate a,b,s,v

Please do not change this. These are ephemeral secrets and thus should not be stored in secure memory.

Please squash the commits, drop the merge commits and rebase.

@t8m t8m added branch: master Applies to master branch triaged: feature The issue/pr requests/adds a feature tests: exempted The PR is exempt from requirements for testing labels Dec 12, 2025
@coolshrid
Copy link
Contributor Author

coolshrid commented Dec 13, 2025

This pull contains releasing the allocated memory on failures only. Should I create a brand new pull request?

@coolshrid coolshrid marked this pull request as draft December 13, 2025 02:42
@coolshrid coolshrid marked this pull request as ready for review December 14, 2025 02:01
t8m
t8m requested changes Dec 15, 2025
View reviewed changes
ssl/tls_srp.c Outdated
Comment on lines 199 to 200
BN_free(s->srp_ctx.b);
return SSL3_AL_FATAL;
Copy link
Member

@t8m t8m Dec 15, 2025

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

You need to do this:

Suggested change
BN_free(s->srp_ctx.b);
return SSL3_AL_FATAL;
BN_clear_free(s->srp_ctx.b);
s->srp_ctx.b = NULL;
return SSL3_AL_FATAL;

@coolshrid coolshrid marked this pull request as draft December 15, 2025 18:56
@coolshrid
Copy link
Contributor Author

coolshrid commented Dec 15, 2025

Updated.

@t8m t8m marked this pull request as ready for review December 15, 2025 19:41
@t8m t8m added the approval: review pending This pull request needs review by a committer label Dec 15, 2025
@openssl-machine
Copy link
Collaborator

openssl-machine commented Jan 15, 2026

This PR is in a state where it requires action by @openssl/committers but the last update was 30 days ago

@paulidale paulidale added approval: done This pull request has the required number of approvals and removed approval: review pending This pull request needs review by a committer labels Jan 15, 2026
@openssl-machine openssl-machine added approval: ready to merge The 24 hour grace period has passed, ready to merge and removed approval: done This pull request has the required number of approvals labels Jan 16, 2026
@openssl-machine
Copy link
Collaborator

openssl-machine commented Jan 16, 2026

This pull request is ready to merge

@mattcaswell
Copy link
Member

mattcaswell commented Jan 19, 2026

Pushed to master. Thank you for the contribution.

openssl-machine pushed a commit that referenced this pull request Jan 19, 2026
@coolshrid @mattcaswell
Fixes issue 28885
9547ac7 
Reviewed-by: Tomas Mraz <[email protected]>
Reviewed-by: Paul Dale <[email protected]>
MergeDate: Mon Jan 19 11:55:58 2026
(Merged from #29297)
esyr pushed a commit to esyr/openssl that referenced this pull request Jan 19, 2026
@coolshrid @esyr
Fixes issue 28885
ffdd267 
Reviewed-by: Tomas Mraz <[email protected]>
Reviewed-by: Paul Dale <[email protected]>
MergeDate: Mon Jan 19 11:55:58 2026
(Merged from openssl#29297)
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@t8m t8m t8m approved these changes

@paulidale paulidale paulidale approved these changes

Assignees

No one assigned

Labels

approval: ready to merge The 24 hour grace period has passed, ready to merge branch: master Applies to master branch tests: exempted The PR is exempt from requirements for testing triaged: feature The issue/pr requests/adds a feature

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

SRP secret not cleared on SRP_Calc_B_ex failure

5 participants

@coolshrid @paulidale @t8m @openssl-machine @mattcaswell