[thirdparty/openssl.git] / test / secmemtest.c

/*
 * Copyright 2015-2018 The OpenSSL Project Authors. All Rights Reserved.
 *
 * Licensed under the Apache License 2.0 (the "License").  You may not use
 * this file except in compliance with the License.  You can obtain a copy
 * in the file LICENSE in the source distribution or at
 * https://www.openssl.org/source/license.html
 */

#include <openssl/crypto.h>

#include "testutil.h"
#include "../e_os.h"

static int test_sec_mem(void)
{
#ifndef OPENSSL_NO_SECURE_MEMORY
    int testresult = 0;
    char *p = NULL, *q = NULL, *r = NULL, *s = NULL;

    TEST_info("Secure memory is implemented.");

    s = OPENSSL_secure_malloc(20);
    /* s = non-secure 20 */
    if (!TEST_ptr(s)
        || !TEST_false(CRYPTO_secure_allocated(s)))
        goto end;
    r = OPENSSL_secure_malloc(20);
    /* r = non-secure 20, s = non-secure 20 */
    if (!TEST_ptr(r)
        || !TEST_true(CRYPTO_secure_malloc_init(4096, 32))
        || !TEST_false(CRYPTO_secure_allocated(r)))
        goto end;
    p = OPENSSL_secure_malloc(20);
    if (!TEST_ptr(p)
        /* r = non-secure 20, p = secure 20, s = non-secure 20 */
        || !TEST_true(CRYPTO_secure_allocated(p))
        /* 20 secure -> 32-byte minimum allocation unit */
        || !TEST_size_t_eq(CRYPTO_secure_used(), 32))
        goto end;
    q = OPENSSL_malloc(20);
    if (!TEST_ptr(q))
        goto end;
    /* r = non-secure 20, p = secure 20, q = non-secure 20, s = non-secure 20 */
    if (!TEST_false(CRYPTO_secure_allocated(q)))
        goto end;
    OPENSSL_secure_clear_free(s, 20);
    s = OPENSSL_secure_malloc(20);
    if (!TEST_ptr(s)
        /* r = non-secure 20, p = secure 20, q = non-secure 20, s = secure 20 */
        || !TEST_true(CRYPTO_secure_allocated(s))
        /* 2 * 20 secure -> 64 bytes allocated */
        || !TEST_size_t_eq(CRYPTO_secure_used(), 64))
        goto end;
    OPENSSL_secure_clear_free(p, 20);
    p = NULL;
    /* 20 secure -> 32 bytes allocated */
    if (!TEST_size_t_eq(CRYPTO_secure_used(), 32))
        goto end;
    OPENSSL_free(q);
    q = NULL;
    /* should not complete, as secure memory is still allocated */
    if (!TEST_false(CRYPTO_secure_malloc_done())
        || !TEST_true(CRYPTO_secure_malloc_initialized()))
        goto end;
    OPENSSL_secure_free(s);
    s = NULL;
    /* secure memory should now be 0, so done should complete */
    if (!TEST_size_t_eq(CRYPTO_secure_used(), 0)
        || !TEST_true(CRYPTO_secure_malloc_done())
        || !TEST_false(CRYPTO_secure_malloc_initialized()))
        goto end;

    TEST_info("Possible infinite loop: allocate more than available");
    if (!TEST_true(CRYPTO_secure_malloc_init(32768, 16)))
        goto end;
    TEST_ptr_null(OPENSSL_secure_malloc((size_t)-1));
    TEST_true(CRYPTO_secure_malloc_done());

    /*
     * If init fails, then initialized should be false, if not, this
     * could cause an infinite loop secure_malloc, but we don't test it
     */
    if (TEST_false(CRYPTO_secure_malloc_init(16, 16)) &&
        !TEST_false(CRYPTO_secure_malloc_initialized())) {
        TEST_true(CRYPTO_secure_malloc_done());
        goto end;
    }

    /*-
     * There was also a possible infinite loop when the number of
     * elements was 1<<31, as |int i| was set to that, which is a
     * negative number. However, it requires minimum input values:
     *
     * CRYPTO_secure_malloc_init((size_t)1<<34, 1<<4);
     *
     * Which really only works on 64-bit systems, since it took 16 GB
     * secure memory arena to trigger the problem. It naturally takes
     * corresponding amount of available virtual and physical memory
     * for test to be feasible/representative. Since we can't assume
     * that every system is equipped with that much memory, the test
     * remains disabled. If the reader of this comment really wants
     * to make sure that infinite loop is fixed, they can enable the
     * code below.
     */
# if 0
    /*-
     * On Linux and BSD this test has a chance to complete in minimal
     * time and with minimum side effects, because mlock is likely to
     * fail because of RLIMIT_MEMLOCK, which is customarily [much]
     * smaller than 16GB. In other words Linux and BSD users can be
     * limited by virtual space alone...
     */
    if (sizeof(size_t) > 4) {
        TEST_info("Possible infinite loop: 1<<31 limit");
        if (TEST_true(CRYPTO_secure_malloc_init((size_t)1<<34, 1<<4) != 0))
            TEST_true(CRYPTO_secure_malloc_done());
    }
# endif

    /* this can complete - it was not really secure */
    testresult = 1;
 end:
    OPENSSL_secure_free(p);
    OPENSSL_free(q);
    OPENSSL_secure_free(r);
    OPENSSL_secure_free(s);
    return testresult;
#else
    TEST_info("Secure memory is *not* implemented.");
    /* Should fail. */
    return TEST_false(CRYPTO_secure_malloc_init(4096, 32));
#endif
}

static int test_sec_mem_clear(void)
{
#ifndef OPENSSL_NO_SECURE_MEMORY
    const int size = 64;
    unsigned char *p = NULL;
    int i, res = 0;

    if (!TEST_true(CRYPTO_secure_malloc_init(4096, 32))
            || !TEST_ptr(p = OPENSSL_secure_malloc(size)))
        goto err;

    for (i = 0; i < size; i++)
        if (!TEST_uchar_eq(p[i], 0))
            goto err;

    for (i = 0; i < size; i++)
        p[i] = (unsigned char)(i + ' ' + 1);

    OPENSSL_secure_free(p);

    /*
     * A deliberate use after free here to verify that the memory has been
     * cleared properly.  Since secure free doesn't return the memory to
     * libc's memory pool, it technically isn't freed.  However, the header
     * bytes have to be skipped and these consist of two pointers in the
     * current implementation.
     */
    for (i = sizeof(void *) * 2; i < size; i++)
        if (!TEST_uchar_eq(p[i], 0))
            return 0;

    res = 1;
    p = NULL;
err:
    OPENSSL_secure_free(p);
    CRYPTO_secure_malloc_done();
    return res;
#else
    return 1;
#endif
}

int setup_tests(void)
{
    ADD_TEST(test_sec_mem);
    ADD_TEST(test_sec_mem_clear);
    return 1;
}
Commit	Line	Data
440e5d80	1	/*
1212818e	2	* Copyright 2015-2018 The OpenSSL Project Authors. All Rights Reserved.
440e5d80	3	*
909f1a2e	4	* Licensed under the Apache License 2.0 (the "License"). You may not use
440e5d80 RS	5	* this file except in compliance with the License. You can obtain a copy
	6	* in the file LICENSE in the source distribution or at
	7	* https://www.openssl.org/source/license.html
	8	*/
74924dcb RS	9
	10	#include <openssl/crypto.h>
	11
789dfc47	12	#include "testutil.h"
8529b156	13	#include "../e_os.h"
e8408681	14
789dfc47	15	static int test_sec_mem(void)
74924dcb	16	{
6943335e	17	#ifndef OPENSSL_NO_SECURE_MEMORY
789dfc47	18	int testresult = 0;
e8408681	19	char p = NULL, q = NULL, r = NULL, s = NULL;
74924dcb	20
8529b156 DMSP	21	TEST_info("Secure memory is implemented.");
8529b156 DMSP	22
8bf2d930 BE	23	s = OPENSSL_secure_malloc(20);
	24	/* s = non-secure 20 */
	25	if (!TEST_ptr(s)
	26	\|\| !TEST_false(CRYPTO_secure_allocated(s)))
	27	goto end;
e8408681	28	r = OPENSSL_secure_malloc(20);
8bf2d930	29	/* r = non-secure 20, s = non-secure 20 */
789dfc47 P	30	if (!TEST_ptr(r)
	31	\|\| !TEST_true(CRYPTO_secure_malloc_init(4096, 32))
	32	\|\| !TEST_false(CRYPTO_secure_allocated(r)))
	33	goto end;
74924dcb	34	p = OPENSSL_secure_malloc(20);
789dfc47	35	if (!TEST_ptr(p)
8bf2d930	36	/* r = non-secure 20, p = secure 20, s = non-secure 20 */
789dfc47	37	\|\| !TEST_true(CRYPTO_secure_allocated(p))
44e69951	38	/* 20 secure -> 32-byte minimum allocation unit */
789dfc47 P	39	\|\| !TEST_size_t_eq(CRYPTO_secure_used(), 32))
789dfc47 P	40	goto end;
74924dcb	41	q = OPENSSL_malloc(20);
789dfc47 P	42	if (!TEST_ptr(q))
789dfc47 P	43	goto end;
8bf2d930	44	/* r = non-secure 20, p = secure 20, q = non-secure 20, s = non-secure 20 */
789dfc47 P	45	if (!TEST_false(CRYPTO_secure_allocated(q)))
789dfc47 P	46	goto end;
8bf2d930	47	OPENSSL_secure_clear_free(s, 20);
e8408681	48	s = OPENSSL_secure_malloc(20);
789dfc47 P	49	if (!TEST_ptr(s)
	50	/* r = non-secure 20, p = secure 20, q = non-secure 20, s = secure 20 */
	51	\|\| !TEST_true(CRYPTO_secure_allocated(s))
	52	/* 2 * 20 secure -> 64 bytes allocated */
	53	\|\| !TEST_size_t_eq(CRYPTO_secure_used(), 64))
	54	goto end;
8bf2d930	55	OPENSSL_secure_clear_free(p, 20);
789dfc47	56	p = NULL;
e8408681	57	/* 20 secure -> 32 bytes allocated */
789dfc47 P	58	if (!TEST_size_t_eq(CRYPTO_secure_used(), 32))
789dfc47 P	59	goto end;
d6b55fac	60	OPENSSL_free(q);
789dfc47	61	q = NULL;
e8408681	62	/* should not complete, as secure memory is still allocated */
789dfc47 P	63	if (!TEST_false(CRYPTO_secure_malloc_done())
	64	\|\| !TEST_true(CRYPTO_secure_malloc_initialized()))
	65	goto end;
e8408681	66	OPENSSL_secure_free(s);
789dfc47	67	s = NULL;
e8408681	68	/* secure memory should now be 0, so done should complete */
789dfc47 P	69	if (!TEST_size_t_eq(CRYPTO_secure_used(), 0)
	70	\|\| !TEST_true(CRYPTO_secure_malloc_done())
	71	\|\| !TEST_false(CRYPTO_secure_malloc_initialized()))
	72	goto end;
7031ddac TS	73
	74	TEST_info("Possible infinite loop: allocate more than available");
	75	if (!TEST_true(CRYPTO_secure_malloc_init(32768, 16)))
	76	goto end;
	77	TEST_ptr_null(OPENSSL_secure_malloc((size_t)-1));
	78	TEST_true(CRYPTO_secure_malloc_done());
	79
fee423bb TS	80	/*
	81	* If init fails, then initialized should be false, if not, this
	82	* could cause an infinite loop secure_malloc, but we don't test it
	83	*/
	84	if (TEST_false(CRYPTO_secure_malloc_init(16, 16)) &&
	85	!TEST_false(CRYPTO_secure_malloc_initialized())) {
	86	TEST_true(CRYPTO_secure_malloc_done());
7031ddac	87	goto end;
fee423bb	88	}
7031ddac	89
c8e89d58 TS	90	/*-
	91	* There was also a possible infinite loop when the number of
	92	* elements was 1<<31, as \|int i\| was set to that, which is a
	93	* negative number. However, it requires minimum input values:
	94	*
34b16762	95	* CRYPTO_secure_malloc_init((size_t)1<<34, 1<<4);
c8e89d58	96	*
a486561b AP	97	* Which really only works on 64-bit systems, since it took 16 GB
	98	* secure memory arena to trigger the problem. It naturally takes
	99	* corresponding amount of available virtual and physical memory
	100	* for test to be feasible/representative. Since we can't assume
	101	* that every system is equipped with that much memory, the test
	102	* remains disabled. If the reader of this comment really wants
	103	* to make sure that infinite loop is fixed, they can enable the
	104	* code below.
c8e89d58 TS	105	*/
c8e89d58 TS	106	# if 0
a486561b AP	107	/*-
	108	* On Linux and BSD this test has a chance to complete in minimal
	109	* time and with minimum side effects, because mlock is likely to
	110	* fail because of RLIMIT_MEMLOCK, which is customarily [much]
	111	* smaller than 16GB. In other words Linux and BSD users can be
	112	* limited by virtual space alone...
	113	*/
7031ddac TS	114	if (sizeof(size_t) > 4) {
7031ddac TS	115	TEST_info("Possible infinite loop: 1<<31 limit");
34b16762	116	if (TEST_true(CRYPTO_secure_malloc_init((size_t)1<<34, 1<<4) != 0))
c8e89d58	117	TEST_true(CRYPTO_secure_malloc_done());
7031ddac	118	}
c8e89d58	119	# endif
fee423bb	120
e8408681	121	/* this can complete - it was not really secure */
789dfc47 P	122	testresult = 1;
	123	end:
	124	OPENSSL_secure_free(p);
	125	OPENSSL_free(q);
e8408681	126	OPENSSL_secure_free(r);
789dfc47 P	127	OPENSSL_secure_free(s);
789dfc47 P	128	return testresult;
74924dcb	129	#else
8529b156	130	TEST_info("Secure memory is not implemented.");
74924dcb	131	/* Should fail. */
789dfc47	132	return TEST_false(CRYPTO_secure_malloc_init(4096, 32));
74924dcb	133	#endif
789dfc47 P	134	}
789dfc47 P	135
3b8e97ab P	136	static int test_sec_mem_clear(void)
3b8e97ab P	137	{
6943335e	138	#ifndef OPENSSL_NO_SECURE_MEMORY
3b8e97ab P	139	const int size = 64;
	140	unsigned char *p = NULL;
	141	int i, res = 0;
	142
	143	if (!TEST_true(CRYPTO_secure_malloc_init(4096, 32))
	144	\|\| !TEST_ptr(p = OPENSSL_secure_malloc(size)))
	145	goto err;
	146
	147	for (i = 0; i < size; i++)
	148	if (!TEST_uchar_eq(p[i], 0))
	149	goto err;
	150
	151	for (i = 0; i < size; i++)
	152	p[i] = (unsigned char)(i + ' ' + 1);
	153
	154	OPENSSL_secure_free(p);
	155
	156	/*
	157	* A deliberate use after free here to verify that the memory has been
	158	* cleared properly. Since secure free doesn't return the memory to
	159	* libc's memory pool, it technically isn't freed. However, the header
	160	* bytes have to be skipped and these consist of two pointers in the
	161	* current implementation.
	162	*/
	163	for (i = sizeof(void ) 2; i < size; i++)
	164	if (!TEST_uchar_eq(p[i], 0))
	165	return 0;
	166
	167	res = 1;
	168	p = NULL;
3b8e97ab P	169	err:
	170	OPENSSL_secure_free(p);
	171	CRYPTO_secure_malloc_done();
	172	return res;
	173	#else
	174	return 1;
	175	#endif
	176	}
	177
ad887416	178	int setup_tests(void)
789dfc47 P	179	{
789dfc47 P	180	ADD_TEST(test_sec_mem);
3b8e97ab	181	ADD_TEST(test_sec_mem_clear);
ad887416	182	return 1;
74924dcb	183	}