From: Pauli <ppzgs1@gmail.com>
Date: Mon, 1 Sep 2025 22:48:06 +0000 (+1000)
Subject: hmac: stop using secure memory for the HMAC key
X-Git-Tag: openssl-3.5.3~20
X-Git-Url: http://git.ipfire.org/?a=commitdiff_plain;h=9d8107751c6088d7bfbfe2100038391e2ff2daaf;p=thirdparty%2Fopenssl.git

hmac: stop using secure memory for the HMAC key

Secure memory is design for long term storage of private material.
HMAC keys are not this.

Secure memory use was introduced in July 2020 by commit
3fddbb264e87a8cef2903cbd7b02b8e1a39a2a99.

Fixes #28346

Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Dmitry Belyavskiy <beldmit@gmail.com>
(Merged from https://github.com/openssl/openssl/pull/28411)

(cherry picked from commit 362739d771f671b444cb9a12a34accf2dce8220e)
---

diff --git a/providers/implementations/macs/hmac_prov.c b/providers/implementations/macs/hmac_prov.c
index e9c3087027c..3fb75dce4cf 100644
--- a/providers/implementations/macs/hmac_prov.c
+++ b/providers/implementations/macs/hmac_prov.c
@@ -98,7 +98,7 @@ static void hmac_free(void *vmacctx)
     if (macctx != NULL) {
         HMAC_CTX_free(macctx->ctx);
         ossl_prov_digest_reset(&macctx->digest);
-        OPENSSL_secure_clear_free(macctx->key, macctx->keylen);
+        OPENSSL_clear_free(macctx->key, macctx->keylen);
         OPENSSL_free(macctx);
     }
 }
@@ -127,13 +127,13 @@ static void *hmac_dup(void *vsrc)
         return NULL;
     }
     if (src->key != NULL) {
-        /* There is no "secure" OPENSSL_memdup */
-        dst->key = OPENSSL_secure_malloc(src->keylen > 0 ? src->keylen : 1);
+        dst->key = OPENSSL_malloc(src->keylen > 0 ? src->keylen : 1);
         if (dst->key == NULL) {
             hmac_free(dst);
             return 0;
         }
-        memcpy(dst->key, src->key, src->keylen);
+        if (src->keylen > 0)
+            memcpy(dst->key, src->key, src->keylen);
     }
     return dst;
 }
@@ -178,13 +178,14 @@ static int hmac_setkey(struct hmac_data_st *macctx,
 #endif
 
     if (macctx->key != NULL)
-        OPENSSL_secure_clear_free(macctx->key, macctx->keylen);
+        OPENSSL_clear_free(macctx->key, macctx->keylen);
     /* Keep a copy of the key in case we need it for TLS HMAC */
-    macctx->key = OPENSSL_secure_malloc(keylen > 0 ? keylen : 1);
+    macctx->key = OPENSSL_malloc(keylen > 0 ? keylen : 1);
     if (macctx->key == NULL)
         return 0;
 
-    memcpy(macctx->key, key, keylen);
+    if (keylen > 0)
+        memcpy(macctx->key, key, keylen);
     macctx->keylen = keylen;
 
     digest = ossl_prov_digest_md(&macctx->digest);