Opened 4 months ago

Closed 5 weeks ago

Last modified 4 weeks ago

#2179 closed enhancement (fixed)

Wipe out memory used for storing SSL keys before released

Reported by: nanang Owned by: nanang
Priority: normal Milestone: release-2.9
Component: pjlib Version: trunk
Keywords: Cc:
Backport to 1.x milestone: Backported: no

Description (last modified by nanang)

Zeroing our buffers should be sufficient as we cannot really manage the OpenSSL internal buffers. Moreover, it seems that OpenSSL already does wipe out its internal buffers, i.e: a lot of OpenSSL_cleanse() calls in OpenSSL source code, the function will fill a buffer with garbage or zero. But unfortunately cannot really find official docs about it.

Additionally, SSL socket pool content will be zeroed before released, it is done using a new API pj_pool_secure_release().

Thanks Peter Koletzki for the feedback.

Change History (4)

comment:1 Changed 5 weeks ago by nanang

  • Description modified (diff)

comment:2 Changed 5 weeks ago by nanang

  • Owner set to nanang
  • Resolution set to fixed
  • Status changed from new to closed

In 5990:

Close #2179: Wipe out memory used for storing SSL keys before released.

comment:3 Changed 5 weeks ago by nanang

In 5994:

Re #2179: Wipe out memory used for storing SSL keys in PJSIP TLS transport and pjsua app. Thanks Peter Koletzki for the feedback.

comment:4 Changed 4 weeks ago by nanang

In 5999:

Re #2179: Fixed linking error when PJSIP_HAS_TLS_TRANSPORT is not defined.

Note: See TracTickets for help on using tickets.