[thirdparty/openssl.git] / test / secmemtest.c

/*
 * Copyright 2015-2018 The OpenSSL Project Authors. All Rights Reserved.
 *
 * Licensed under the OpenSSL license (the "License").  You may not use
 * this file except in compliance with the License.  You can obtain a copy
 * in the file LICENSE in the source distribution or at
 * https://www.openssl.org/source/license.html
 */

#include <openssl/crypto.h>

#include "testutil.h"

static int test_sec_mem(void)
{
#if defined(OPENSSL_SYS_LINUX) || defined(OPENSSL_SYS_UNIX)
    int testresult = 0;
    char *p = NULL, *q = NULL, *r = NULL, *s = NULL;

    s = OPENSSL_secure_malloc(20);
    /* s = non-secure 20 */
    if (!TEST_ptr(s)
        || !TEST_false(CRYPTO_secure_allocated(s)))
        goto end;
    r = OPENSSL_secure_malloc(20);
    /* r = non-secure 20, s = non-secure 20 */
    if (!TEST_ptr(r)
        || !TEST_true(CRYPTO_secure_malloc_init(4096, 32))
        || !TEST_false(CRYPTO_secure_allocated(r)))
        goto end;
    p = OPENSSL_secure_malloc(20);
    if (!TEST_ptr(p)
        /* r = non-secure 20, p = secure 20, s = non-secure 20 */
        || !TEST_true(CRYPTO_secure_allocated(p))
        /* 20 secure -> 32-byte minimum allocation unit */
        || !TEST_size_t_eq(CRYPTO_secure_used(), 32))
        goto end;
    q = OPENSSL_malloc(20);
    if (!TEST_ptr(q))
        goto end;
    /* r = non-secure 20, p = secure 20, q = non-secure 20, s = non-secure 20 */
    if (!TEST_false(CRYPTO_secure_allocated(q)))
        goto end;
    OPENSSL_secure_clear_free(s, 20);
    s = OPENSSL_secure_malloc(20);
    if (!TEST_ptr(s)
        /* r = non-secure 20, p = secure 20, q = non-secure 20, s = secure 20 */
        || !TEST_true(CRYPTO_secure_allocated(s))
        /* 2 * 20 secure -> 64 bytes allocated */
        || !TEST_size_t_eq(CRYPTO_secure_used(), 64))
        goto end;
    OPENSSL_secure_clear_free(p, 20);
    p = NULL;
    /* 20 secure -> 32 bytes allocated */
    if (!TEST_size_t_eq(CRYPTO_secure_used(), 32))
        goto end;
    OPENSSL_free(q);
    q = NULL;
    /* should not complete, as secure memory is still allocated */
    if (!TEST_false(CRYPTO_secure_malloc_done())
        || !TEST_true(CRYPTO_secure_malloc_initialized()))
        goto end;
    OPENSSL_secure_free(s);
    s = NULL;
    /* secure memory should now be 0, so done should complete */
    if (!TEST_size_t_eq(CRYPTO_secure_used(), 0)
        || !TEST_true(CRYPTO_secure_malloc_done())
        || !TEST_false(CRYPTO_secure_malloc_initialized()))
        goto end;

    TEST_info("Possible infinite loop: allocate more than available");
    if (!TEST_true(CRYPTO_secure_malloc_init(32768, 16)))
        goto end;
    TEST_ptr_null(OPENSSL_secure_malloc((size_t)-1));
    TEST_true(CRYPTO_secure_malloc_done());

    /*
     * If init fails, then initialized should be false, if not, this
     * could cause an infinite loop secure_malloc, but we don't test it
     */
    if (TEST_false(CRYPTO_secure_malloc_init(16, 16)) &&
        !TEST_false(CRYPTO_secure_malloc_initialized())) {
        TEST_true(CRYPTO_secure_malloc_done());
        goto end;
    }

    /*-
     * There was also a possible infinite loop when the number of
     * elements was 1<<31, as |int i| was set to that, which is a
     * negative number. However, it requires minimum input values:
     *
     * CRYPTO_secure_malloc_init((size_t)1<<34, (size_t)1<<4);
     *
     * Which really only works on 64-bit systems, since it took 16 GB
     * secure memory arena to trigger the problem. It naturally takes
     * corresponding amount of available virtual and physical memory
     * for test to be feasible/representative. Since we can't assume
     * that every system is equipped with that much memory, the test
     * remains disabled. If the reader of this comment really wants
     * to make sure that infinite loop is fixed, they can enable the
     * code below.
     */
# if 0
    /*-
     * On Linux and BSD this test has a chance to complete in minimal
     * time and with minimum side effects, because mlock is likely to
     * fail because of RLIMIT_MEMLOCK, which is customarily [much]
     * smaller than 16GB. In other words Linux and BSD users can be
     * limited by virtual space alone...
     */
    if (sizeof(size_t) > 4) {
        TEST_info("Possible infinite loop: 1<<31 limit");
        if (TEST_true(CRYPTO_secure_malloc_init((size_t)1<<34, (size_t)1<<4) != 0))
            TEST_true(CRYPTO_secure_malloc_done());
    }
# endif

    /* this can complete - it was not really secure */
    testresult = 1;
 end:
    OPENSSL_secure_free(p);
    OPENSSL_free(q);
    OPENSSL_secure_free(r);
    OPENSSL_secure_free(s);
    return testresult;
#else
    /* Should fail. */
    return TEST_false(CRYPTO_secure_malloc_init(4096, 32));
#endif
}

static int test_sec_mem_clear(void)
{
#if defined(OPENSSL_SYS_LINUX) || defined(OPENSSL_SYS_UNIX)
    const int size = 64;
    unsigned char *p = NULL;
    int i, res = 0;

    if (!TEST_true(CRYPTO_secure_malloc_init(4096, 32))
            || !TEST_ptr(p = OPENSSL_secure_malloc(size)))
        goto err;

    for (i = 0; i < size; i++)
        if (!TEST_uchar_eq(p[i], 0))
            goto err;

    for (i = 0; i < size; i++)
        p[i] = (unsigned char)(i + ' ' + 1);

    OPENSSL_secure_free(p);

    /*
     * A deliberate use after free here to verify that the memory has been
     * cleared properly.  Since secure free doesn't return the memory to
     * libc's memory pool, it technically isn't freed.  However, the header
     * bytes have to be skipped and these consist of two pointers in the
     * current implementation.
     */
    for (i = sizeof(void *) * 2; i < size; i++)
        if (!TEST_uchar_eq(p[i], 0))
            return 0;

    res = 1;
    p = NULL;

err:
    OPENSSL_secure_free(p);
    CRYPTO_secure_malloc_done();
    return res;
#else
    return 1;
#endif
}

int setup_tests(void)
{
    ADD_TEST(test_sec_mem);
    ADD_TEST(test_sec_mem_clear);
    return 1;
}
Commit	Line	Data
440e5d80	1	/*
1212818e	2	* Copyright 2015-2018 The OpenSSL Project Authors. All Rights Reserved.
440e5d80 RS	3	*
	4	* Licensed under the OpenSSL license (the "License"). You may not use
	5	* this file except in compliance with the License. You can obtain a copy
	6	* in the file LICENSE in the source distribution or at
	7	* https://www.openssl.org/source/license.html
	8	*/
74924dcb RS	9
	10	#include <openssl/crypto.h>
	11
789dfc47	12	#include "testutil.h"
e8408681	13
789dfc47	14	static int test_sec_mem(void)
74924dcb RS	15	{
74924dcb RS	16	#if defined(OPENSSL_SYS_LINUX) \|\| defined(OPENSSL_SYS_UNIX)
789dfc47	17	int testresult = 0;
e8408681	18	char p = NULL, q = NULL, r = NULL, s = NULL;
74924dcb	19
8bf2d930 BE	20	s = OPENSSL_secure_malloc(20);
	21	/* s = non-secure 20 */
	22	if (!TEST_ptr(s)
	23	\|\| !TEST_false(CRYPTO_secure_allocated(s)))
	24	goto end;
e8408681	25	r = OPENSSL_secure_malloc(20);
8bf2d930	26	/* r = non-secure 20, s = non-secure 20 */
789dfc47 P	27	if (!TEST_ptr(r)
	28	\|\| !TEST_true(CRYPTO_secure_malloc_init(4096, 32))
	29	\|\| !TEST_false(CRYPTO_secure_allocated(r)))
	30	goto end;
74924dcb	31	p = OPENSSL_secure_malloc(20);
789dfc47	32	if (!TEST_ptr(p)
8bf2d930	33	/* r = non-secure 20, p = secure 20, s = non-secure 20 */
789dfc47	34	\|\| !TEST_true(CRYPTO_secure_allocated(p))
44e69951	35	/* 20 secure -> 32-byte minimum allocation unit */
789dfc47 P	36	\|\| !TEST_size_t_eq(CRYPTO_secure_used(), 32))
789dfc47 P	37	goto end;
74924dcb	38	q = OPENSSL_malloc(20);
789dfc47 P	39	if (!TEST_ptr(q))
789dfc47 P	40	goto end;
8bf2d930	41	/* r = non-secure 20, p = secure 20, q = non-secure 20, s = non-secure 20 */
789dfc47 P	42	if (!TEST_false(CRYPTO_secure_allocated(q)))
789dfc47 P	43	goto end;
8bf2d930	44	OPENSSL_secure_clear_free(s, 20);
e8408681	45	s = OPENSSL_secure_malloc(20);
789dfc47 P	46	if (!TEST_ptr(s)
	47	/* r = non-secure 20, p = secure 20, q = non-secure 20, s = secure 20 */
	48	\|\| !TEST_true(CRYPTO_secure_allocated(s))
	49	/* 2 * 20 secure -> 64 bytes allocated */
	50	\|\| !TEST_size_t_eq(CRYPTO_secure_used(), 64))
	51	goto end;
8bf2d930	52	OPENSSL_secure_clear_free(p, 20);
789dfc47	53	p = NULL;
e8408681	54	/* 20 secure -> 32 bytes allocated */
789dfc47 P	55	if (!TEST_size_t_eq(CRYPTO_secure_used(), 32))
789dfc47 P	56	goto end;
d6b55fac	57	OPENSSL_free(q);
789dfc47	58	q = NULL;
e8408681	59	/* should not complete, as secure memory is still allocated */
789dfc47 P	60	if (!TEST_false(CRYPTO_secure_malloc_done())
	61	\|\| !TEST_true(CRYPTO_secure_malloc_initialized()))
	62	goto end;
e8408681	63	OPENSSL_secure_free(s);
789dfc47	64	s = NULL;
e8408681	65	/* secure memory should now be 0, so done should complete */
789dfc47 P	66	if (!TEST_size_t_eq(CRYPTO_secure_used(), 0)
	67	\|\| !TEST_true(CRYPTO_secure_malloc_done())
	68	\|\| !TEST_false(CRYPTO_secure_malloc_initialized()))
	69	goto end;
7031ddac TS	70
	71	TEST_info("Possible infinite loop: allocate more than available");
	72	if (!TEST_true(CRYPTO_secure_malloc_init(32768, 16)))
	73	goto end;
	74	TEST_ptr_null(OPENSSL_secure_malloc((size_t)-1));
	75	TEST_true(CRYPTO_secure_malloc_done());
	76
fee423bb TS	77	/*
	78	* If init fails, then initialized should be false, if not, this
	79	* could cause an infinite loop secure_malloc, but we don't test it
	80	*/
	81	if (TEST_false(CRYPTO_secure_malloc_init(16, 16)) &&
	82	!TEST_false(CRYPTO_secure_malloc_initialized())) {
	83	TEST_true(CRYPTO_secure_malloc_done());
7031ddac	84	goto end;
fee423bb	85	}
7031ddac	86
c8e89d58 TS	87	/*-
	88	* There was also a possible infinite loop when the number of
	89	* elements was 1<<31, as \|int i\| was set to that, which is a
	90	* negative number. However, it requires minimum input values:
	91	*
	92	* CRYPTO_secure_malloc_init((size_t)1<<34, (size_t)1<<4);
	93	*
a486561b AP	94	* Which really only works on 64-bit systems, since it took 16 GB
	95	* secure memory arena to trigger the problem. It naturally takes
	96	* corresponding amount of available virtual and physical memory
	97	* for test to be feasible/representative. Since we can't assume
	98	* that every system is equipped with that much memory, the test
	99	* remains disabled. If the reader of this comment really wants
	100	* to make sure that infinite loop is fixed, they can enable the
	101	* code below.
c8e89d58 TS	102	*/
c8e89d58 TS	103	# if 0
a486561b AP	104	/*-
	105	* On Linux and BSD this test has a chance to complete in minimal
	106	* time and with minimum side effects, because mlock is likely to
	107	* fail because of RLIMIT_MEMLOCK, which is customarily [much]
	108	* smaller than 16GB. In other words Linux and BSD users can be
	109	* limited by virtual space alone...
	110	*/
7031ddac TS	111	if (sizeof(size_t) > 4) {
7031ddac TS	112	TEST_info("Possible infinite loop: 1<<31 limit");
c8e89d58 TS	113	if (TEST_true(CRYPTO_secure_malloc_init((size_t)1<<34, (size_t)1<<4) != 0))
c8e89d58 TS	114	TEST_true(CRYPTO_secure_malloc_done());
7031ddac	115	}
c8e89d58	116	# endif
fee423bb	117
e8408681	118	/* this can complete - it was not really secure */
789dfc47 P	119	testresult = 1;
	120	end:
	121	OPENSSL_secure_free(p);
	122	OPENSSL_free(q);
e8408681	123	OPENSSL_secure_free(r);
789dfc47 P	124	OPENSSL_secure_free(s);
789dfc47 P	125	return testresult;
74924dcb RS	126	#else
74924dcb RS	127	/* Should fail. */
789dfc47	128	return TEST_false(CRYPTO_secure_malloc_init(4096, 32));
74924dcb	129	#endif
789dfc47 P	130	}
789dfc47 P	131
3b8e97ab P	132	static int test_sec_mem_clear(void)
	133	{
	134	#if defined(OPENSSL_SYS_LINUX) \|\| defined(OPENSSL_SYS_UNIX)
	135	const int size = 64;
	136	unsigned char *p = NULL;
	137	int i, res = 0;
	138
	139	if (!TEST_true(CRYPTO_secure_malloc_init(4096, 32))
	140	\|\| !TEST_ptr(p = OPENSSL_secure_malloc(size)))
	141	goto err;
	142
	143	for (i = 0; i < size; i++)
	144	if (!TEST_uchar_eq(p[i], 0))
	145	goto err;
	146
	147	for (i = 0; i < size; i++)
	148	p[i] = (unsigned char)(i + ' ' + 1);
	149
	150	OPENSSL_secure_free(p);
	151
	152	/*
	153	* A deliberate use after free here to verify that the memory has been
	154	* cleared properly. Since secure free doesn't return the memory to
	155	* libc's memory pool, it technically isn't freed. However, the header
	156	* bytes have to be skipped and these consist of two pointers in the
	157	* current implementation.
	158	*/
	159	for (i = sizeof(void ) 2; i < size; i++)
	160	if (!TEST_uchar_eq(p[i], 0))
	161	return 0;
	162
	163	res = 1;
	164	p = NULL;
	165
	166	err:
	167	OPENSSL_secure_free(p);
	168	CRYPTO_secure_malloc_done();
	169	return res;
	170	#else
	171	return 1;
	172	#endif
	173	}
	174
ad887416	175	int setup_tests(void)
789dfc47 P	176	{
789dfc47 P	177	ADD_TEST(test_sec_mem);
3b8e97ab	178	ADD_TEST(test_sec_mem_clear);
ad887416	179	return 1;
74924dcb	180	}