Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

[#1823] replace malloc/calloc/strdup/free with openssl allocator #1926

Merged
Merged
Show file tree
Hide file tree
Changes from 32 commits
Commits
Show all changes
38 commits
Select commit Hold shift + click to select a range
b61754c
[#1823] replace malloc/calloc/strdup/free with openssl allocator
songlingatpan Sep 17, 2024
3dc1284
[#1823] update memory allocator for copy_from_upstream
songlingatpan Sep 17, 2024
04a9a73
[#1823] format code
songlingatpan Sep 17, 2024
201771c
[#1823] Use OpenSSL Memory Allocator for BIKE, FrodoKEM, and NTRUPrime
songlingatpan Sep 17, 2024
a7aef7d
[#1823] Add Comments for Doxygen
songlingatpan Sep 17, 2024
ac5c941
sig_stfl build fix
songlingatpan Sep 21, 2024
74c4dba
fix ptrdiff_t failure
songlingatpan Sep 21, 2024
f511ba0
include openssl/crypto.h and resolve conflict varible for ntru
songlingatpan Sep 21, 2024
01de31f
Add openssl version check to fix build error
songlingatpan Sep 21, 2024
a955fe5
fix implicit conversion for diff
songlingatpan Sep 21, 2024
7dfc557
fix build for tests
songlingatpan Sep 21, 2024
30ca6bd
Fix build for tests
songlingatpan Sep 21, 2024
9951317
Fix build for OQS_DLOPEN_OPENSSL
songlingatpan Sep 21, 2024
51f263b
Fix build failure [full tests]
songlingatpan Sep 21, 2024
dd1f819
Merge branch 'open-quantum-safe:main' into pr_shan_1823_openssl_alloc…
songlingatpan Sep 23, 2024
b268445
remove OQS_MEM_free
songlingatpan Sep 23, 2024
c4b647e
remove OQS_MEM_free
songlingatpan Sep 23, 2024
f47e341
Add allocator check in tests/test_code_conventions.py
songlingatpan Sep 24, 2024
99c198a
format code
songlingatpan Sep 24, 2024
374c1d4
Add IGNORE memory-check
songlingatpan Sep 24, 2024
5d4b9ee
Merge branch 'open-quantum-safe:main' into pr_shan_1823_openssl_alloc…
songlingatpan Sep 27, 2024
34f9b1b
revert back to abort() in OQS_MEM_cleanse
songlingatpan Sep 27, 2024
c01c376
Delect checked allocation functions
songlingatpan Oct 3, 2024
320c6e1
Revert back p_param to p for sntrup
songlingatpan Oct 3, 2024
3027acf
Merge branch 'open-quantum-safe:main' into pr_shan_1823_openssl_alloc…
songlingatpan Oct 3, 2024
3374a39
Address multiple line comments case
songlingatpan Oct 4, 2024
284275a
Add allocator check for '.c', '.h', '.fragment'
songlingatpan Oct 4, 2024
f04570c
Add NULL for previous checked allocation
songlingatpan Oct 10, 2024
d329ce5
Merge branch 'open-quantum-safe:main' into pr_shan_1823_openssl_alloc…
songlingatpan Oct 10, 2024
d9e0c96
Fix build failure
songlingatpan Oct 11, 2024
6032349
Fix build failure
songlingatpan Oct 11, 2024
1e4201b
revert back to abort() for checked cases
songlingatpan Oct 14, 2024
d502cac
Add fprintf error for abort cases
songlingatpan Oct 16, 2024
8a788db
Add LIBOQS_die
songlingatpan Oct 17, 2024
2077298
use OQS_EXIT_IF_NULLPTR for checked malloc cases
songlingatpan Oct 17, 2024
7afe1a3
Fix build failure
songlingatpan Oct 17, 2024
6b825e1
remove NULL check to keep code consistent
songlingatpan Oct 18, 2024
405b6ac
remove LIBOQS_die
songlingatpan Oct 19, 2024
File filter

Filter by extension

Filter by extension

Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
4 changes: 2 additions & 2 deletions scripts/copy_from_upstream/src/kem/family/kem_scheme.c
Original file line number Diff line number Diff line change
Expand Up @@ -11,7 +11,7 @@
{% endif %}
OQS_KEM *OQS_KEM_{{ family }}_{{ scheme['scheme'] }}_new(void) {

OQS_KEM *kem = malloc(sizeof(OQS_KEM));
OQS_KEM *kem = OQS_MEM_malloc(sizeof(OQS_KEM));
if (kem == NULL) {
return NULL;
}
Expand Down Expand Up @@ -42,7 +42,7 @@ OQS_KEM *OQS_KEM_{{ family }}_{{ scheme['scheme'] }}_new(void) {
/** Alias */
OQS_KEM *OQS_KEM_{{ family }}_{{ scheme['alias_scheme'] }}_new(void) {

OQS_KEM *kem = malloc(sizeof(OQS_KEM));
OQS_KEM *kem = OQS_MEM_malloc(sizeof(OQS_KEM));
if (kem == NULL) {
return NULL;
}
Expand Down
4 changes: 2 additions & 2 deletions scripts/copy_from_upstream/src/sig/family/sig_scheme.c
Original file line number Diff line number Diff line change
Expand Up @@ -11,7 +11,7 @@
{% endif %}
OQS_SIG *OQS_SIG_{{ family }}_{{ scheme['scheme'] }}_new(void) {

OQS_SIG *sig = malloc(sizeof(OQS_SIG));
OQS_SIG *sig = OQS_MEM_malloc(sizeof(OQS_SIG));
if (sig == NULL) {
return NULL;
}
Expand Down Expand Up @@ -41,7 +41,7 @@ OQS_SIG *OQS_SIG_{{ family }}_{{ scheme['scheme'] }}_new(void) {
/** Alias */
OQS_SIG *OQS_SIG_{{ family }}_{{ scheme['alias_scheme'] }}_new(void) {

OQS_SIG *sig = malloc(sizeof(OQS_SIG));
OQS_SIG *sig = OQS_MEM_malloc(sizeof(OQS_SIG));
if (sig == NULL) {
return NULL;
}
Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -3,7 +3,7 @@
{%- if scheme['signed_msg_order'] == 'sig_then_msg' %}
// signed_msg = signature || msg
*signed_msg_len = signature_len + msg_len;
*signed_msg = malloc(*signed_msg_len);
*signed_msg = OQS_MEM_malloc(*signed_msg_len);
if (*signed_msg == NULL) {
return OQS_ERROR;
}
Expand All @@ -13,7 +13,7 @@
{%- elif scheme['signed_msg_order'] == 'msg_then_sig' %}
// signed_msg = msg || signature
*signed_msg_len = msg_len + signature_len;
*signed_msg = malloc(*signed_msg_len);
*signed_msg = OQS_MEM_malloc(*signed_msg_len);
if (*signed_msg == NULL) {
return OQS_ERROR;
}
Expand All @@ -24,7 +24,7 @@
// signed_msg = sig_len (2 bytes, big endian) || nonce (40 bytes) || msg || 0x29 || sig
const uint16_t signature_len_uint16 = (uint16_t)signature_len;
*signed_msg_len = 2 + signature_len_uint16 + msg_len;
*signed_msg = malloc(*signed_msg_len);
*signed_msg = OQS_MEM_malloc(*signed_msg_len);
if (*signed_msg == NULL) {
return OQS_ERROR;
}
Expand All @@ -44,7 +44,7 @@
// signed_msg = sig_len (2 bytes, big endian) || nonce (40 bytes) || msg || 0x2A || sig
const uint16_t signature_len_uint16 = (uint16_t)signature_len;
*signed_msg_len = 2 + signature_len + msg_len;
*signed_msg = malloc(*signed_msg_len);
*signed_msg = OQS_MEM_malloc(*signed_msg_len);
if (*signed_msg == NULL) {
return OQS_ERROR;
}
Expand Down
2 changes: 1 addition & 1 deletion src/common/aes/aes128_ni.c
Original file line number Diff line number Diff line change
Expand Up @@ -49,7 +49,7 @@ static inline void aes128ni_setkey_encrypt(const unsigned char *key, __m128i rke
}

void oqs_aes128_load_schedule_ni(const uint8_t *key, void **_schedule) {
*_schedule = malloc(sizeof(aes128ctx));
*_schedule = OQS_MEM_malloc(sizeof(aes128ctx));
OQS_EXIT_IF_NULLPTR(*_schedule, "AES");
assert(*_schedule != NULL);
__m128i *schedule = ((aes128ctx *) *_schedule)->sk_exp;
Expand Down
2 changes: 1 addition & 1 deletion src/common/aes/aes256_ni.c
Original file line number Diff line number Diff line change
Expand Up @@ -76,7 +76,7 @@ static inline void aes256ni_setkey_encrypt(const unsigned char *key, __m128i rke
}

void oqs_aes256_load_schedule_ni(const uint8_t *key, void **_schedule) {
*_schedule = malloc(sizeof(aes256ctx));
*_schedule = OQS_MEM_malloc(sizeof(aes256ctx));
OQS_EXIT_IF_NULLPTR(*_schedule, "AES");
assert(*_schedule != NULL);
__m128i *schedule = ((aes256ctx *) *_schedule)->sk_exp;
Expand Down
8 changes: 4 additions & 4 deletions src/common/aes/aes_c.c
Original file line number Diff line number Diff line change
Expand Up @@ -676,7 +676,7 @@ static void aes_ctr(unsigned char *out, size_t outlen, const unsigned char *iv,
}

void oqs_aes128_load_schedule_c(const uint8_t *key, void **_schedule) {
*_schedule = malloc(sizeof(aes128ctx));
*_schedule = OQS_MEM_malloc(sizeof(aes128ctx));
OQS_EXIT_IF_NULLPTR(*_schedule, "AES");
aes128ctx *ctx = (aes128ctx *) *_schedule;
uint64_t skey[22];
Expand All @@ -685,7 +685,7 @@ void oqs_aes128_load_schedule_c(const uint8_t *key, void **_schedule) {
}

void oqs_aes256_load_schedule_c(const uint8_t *key, void **_schedule) {
*_schedule = malloc(sizeof(aes256ctx));
*_schedule = OQS_MEM_malloc(sizeof(aes256ctx));
OQS_EXIT_IF_NULLPTR(*_schedule, "AES");
aes256ctx *ctx = (aes256ctx *) *_schedule;
uint64_t skey[30];
Expand Down Expand Up @@ -719,7 +719,7 @@ static void aes_keysched_no_bitslice(uint32_t *skey, const unsigned char *key, u
}

void oqs_aes256_load_schedule_no_bitslice(const uint8_t *key, void **_schedule) {
*_schedule = malloc(sizeof(aes256ctx_nobitslice));
*_schedule = OQS_MEM_malloc(sizeof(aes256ctx_nobitslice));
assert(*_schedule != NULL);
uint32_t *schedule = ((aes256ctx_nobitslice *) *_schedule)->sk_exp;
aes_keysched_no_bitslice(schedule, (const unsigned char *) key, 32);
Expand Down Expand Up @@ -752,7 +752,7 @@ void oqs_aes256_load_iv_u64_c(uint64_t iv, void *schedule) {
}

void oqs_aes128_load_schedule_no_bitslice(const uint8_t *key, void **_schedule) {
*_schedule = malloc(44 * sizeof(int));
*_schedule = OQS_MEM_malloc(44 * sizeof(int));
assert(*_schedule != NULL);
uint32_t *schedule = (uint32_t *) *_schedule;
aes_keysched_no_bitslice(schedule, (const unsigned char *) key, 16);
Expand Down
8 changes: 4 additions & 4 deletions src/common/aes/aes_ossl.c
Original file line number Diff line number Diff line change
Expand Up @@ -28,7 +28,7 @@ static inline void br_enc64be(unsigned char *dst, uint64_t x) {
}

static void AES128_ECB_load_schedule(const uint8_t *key, void **schedule) {
*schedule = malloc(sizeof(struct key_schedule));
*schedule = OQS_MEM_malloc(sizeof(struct key_schedule));
OQS_EXIT_IF_NULLPTR(*schedule, "OpenSSL");
struct key_schedule *ks = (struct key_schedule *) *schedule;
ks->for_ECB = 1;
Expand Down Expand Up @@ -93,7 +93,7 @@ static void AES128_CTR_inc_stream_iv(const uint8_t *iv, size_t iv_len, const voi
}

static void AES128_CTR_inc_init(const uint8_t *key, void **schedule) {
*schedule = malloc(sizeof(struct key_schedule));
*schedule = OQS_MEM_malloc(sizeof(struct key_schedule));
OQS_EXIT_IF_NULLPTR(*schedule, "OpenSSL");

struct key_schedule *ks = (struct key_schedule *) *schedule;
Expand Down Expand Up @@ -128,7 +128,7 @@ static void AES128_CTR_inc_ivu64(uint64_t iv, void *schedule) {
}

static void AES256_ECB_load_schedule(const uint8_t *key, void **schedule) {
*schedule = malloc(sizeof(struct key_schedule));
*schedule = OQS_MEM_malloc(sizeof(struct key_schedule));
OQS_EXIT_IF_NULLPTR(*schedule, "OpenSSL");
struct key_schedule *ks = (struct key_schedule *) *schedule;
ks->for_ECB = 1;
Expand All @@ -139,7 +139,7 @@ static void AES256_ECB_load_schedule(const uint8_t *key, void **schedule) {
}

static void AES256_CTR_inc_init(const uint8_t *key, void **schedule) {
*schedule = malloc(sizeof(struct key_schedule));
*schedule = OQS_MEM_malloc(sizeof(struct key_schedule));
OQS_EXIT_IF_NULLPTR(*schedule, "OpenSSL");

struct key_schedule *ks = (struct key_schedule *) *schedule;
Expand Down
80 changes: 47 additions & 33 deletions src/common/common.c
Original file line number Diff line number Diff line change
Expand Up @@ -12,6 +12,7 @@
#include <stdio.h>
#include <stdlib.h>
#include <string.h>
#include <stddef.h>

#if defined(OQS_DIST_BUILD) && defined(OQS_USE_PTHREADS)
#include <pthread.h>
Expand Down Expand Up @@ -256,6 +257,9 @@ OQS_API int OQS_MEM_secure_bcmp(const void *a, const void *b, size_t len) {
}

OQS_API void OQS_MEM_cleanse(void *ptr, size_t len) {
if (ptr == NULL) {
return;
}
#if defined(OQS_USE_OPENSSL)
OSSL_FUNC(OPENSSL_cleanse)(ptr, len);
#elif defined(_WIN32)
Expand All @@ -275,39 +279,44 @@ OQS_API void OQS_MEM_cleanse(void *ptr, size_t len) {
#endif
}

void *OQS_MEM_checked_malloc(size_t len) {
void *ptr = malloc(len);
if (ptr == NULL) {
fprintf(stderr, "Memory allocation failed\n");
abort();
}

return ptr;
}

void *OQS_MEM_checked_aligned_alloc(size_t alignment, size_t size) {
void *ptr = OQS_MEM_aligned_alloc(alignment, size);
if (ptr == NULL) {
fprintf(stderr, "Memory allocation failed\n");
abort();
}

return ptr;
}

OQS_API void OQS_MEM_secure_free(void *ptr, size_t len) {
if (ptr != NULL) {
OQS_MEM_cleanse(ptr, len);
free(ptr); // IGNORE free-check
OQS_MEM_insecure_free(ptr);
}
}

OQS_API void OQS_MEM_insecure_free(void *ptr) {
free(ptr); // IGNORE free-check
#if (defined(OQS_USE_OPENSSL) || defined(OQS_DLOPEN_OPENSSL)) && defined(OPENSSL_VERSION_NUMBER)
OPENSSL_free(ptr);
#else
free(ptr); // IGNORE memory-check
#endif
}

void *OQS_MEM_aligned_alloc(size_t alignment, size_t size) {
#if defined(OQS_HAVE_ALIGNED_ALLOC) // glibc and other implementations providing aligned_alloc
#if defined(OQS_USE_OPENSSL)
// Use OpenSSL's memory allocation functions
if (!size) {
return NULL;
}
const size_t offset = alignment - 1 + sizeof(uint8_t);
uint8_t *buffer = OPENSSL_malloc(size + offset);
if (!buffer) {
return NULL;
}
uint8_t *ptr = (uint8_t *)(((uintptr_t)(buffer) + offset) & ~(alignment - 1));
ptrdiff_t diff = ptr - buffer;
if (diff > UINT8_MAX) {
// Free and return NULL if alignment is too large
OPENSSL_free(buffer);
errno = EINVAL;
return NULL;
}
// Store the difference so that the free function can use it
ptr[-1] = (uint8_t)diff;
return ptr;
#elif defined(OQS_HAVE_ALIGNED_ALLOC) // glibc and other implementations providing aligned_alloc
return aligned_alloc(alignment, size);
#else
// Check alignment (power of 2, and >= sizeof(void*)) and size (multiple of alignment)
Expand Down Expand Up @@ -346,7 +355,7 @@ void *OQS_MEM_aligned_alloc(size_t alignment, size_t size) {
// |
// diff = ptr - buffer
const size_t offset = alignment - 1 + sizeof(uint8_t);
uint8_t *buffer = malloc(size + offset);
uint8_t *buffer = malloc(size + offset); // IGNORE memory-check
if (!buffer) {
return NULL;
}
Expand All @@ -356,7 +365,7 @@ void *OQS_MEM_aligned_alloc(size_t alignment, size_t size) {
ptrdiff_t diff = ptr - buffer;
if (diff > UINT8_MAX) {
// This should never happen in our code, but just to be safe
free(buffer); // IGNORE free-check
free(buffer); // IGNORE memory-check
errno = EINVAL;
return NULL;
}
Expand All @@ -369,18 +378,23 @@ void *OQS_MEM_aligned_alloc(size_t alignment, size_t size) {
}

void OQS_MEM_aligned_free(void *ptr) {
#if defined(OQS_HAVE_ALIGNED_ALLOC) || defined(OQS_HAVE_POSIX_MEMALIGN) || defined(OQS_HAVE_MEMALIGN)
free(ptr); // IGNORE free-check
if (ptr == NULL) {
return;
}
#if defined(OQS_USE_OPENSSL)
// Use OpenSSL's free function
uint8_t *u8ptr = ptr;
OPENSSL_free(u8ptr - u8ptr[-1]);
baentsch marked this conversation as resolved.
Show resolved Hide resolved
#elif defined(OQS_HAVE_ALIGNED_ALLOC) || defined(OQS_HAVE_POSIX_MEMALIGN) || defined(OQS_HAVE_MEMALIGN)
free(ptr); // IGNORE memory-check
#elif defined(__MINGW32__) || defined(__MINGW64__)
__mingw_aligned_free(ptr);
#elif defined(_MSC_VER)
_aligned_free(ptr);
#else
if (ptr) {
// Reconstruct the pointer returned from malloc using the difference
// stored one byte ahead of ptr.
uint8_t *u8ptr = ptr;
free(u8ptr - u8ptr[-1]); // IGNORE free-check
}
// Reconstruct the pointer returned from malloc using the difference
// stored one byte ahead of ptr.
uint8_t *u8ptr = ptr;
free(u8ptr - u8ptr[-1]); // IGNORE memory-check
#endif
}
Loading
Loading