Re: Forget/wipe a loaded cert/key

Tue, 03 Aug 2010 15:11:47 -0700 

 On 8/3/10 12:59 PM, Thomas Habets wrote:
>
> Hi.
>
> Is there a way to forget/wipe any certificates and keys once a SSL/TLS
> connection has been established? I want to protect myself against bugs
> that occur later on in the connection from exposing my private keys.
>
> Both server and client keys are relevant here.
>
> So basically:
>
> accept-loop()
> fork()
>   child process sets up SSL structures with keys, certs & such
There is no callback to drop the private key mid-handshake, after the
master_secret has been created.

Note also that either side at any time can call for a renegotiation,
which would entail the entire reload-private-keys thing.  (certs are
public information, unfortunately, but we can benefit from this: the
certs and public keys have no reason to be dropped from memory.)

The BIO system handles everything.  You would need to delve into the
details of how it handles the SSL/TLS filter to figure out at what point
credentials can be forgotten.

As it is, if it's in RAM, and you've got something snooping for
statistical noise, it'll be seen if it's looking in the right place at
the right time.  There isn't anything in the BIO code to indicate any
frailties that I'm aware of, but if you choose to audit it it'd be awesome.

-Kyle H
>   drop privileges() (using setuid() et.al.)
>   do handshake
>   forget private keys, only use session keys
>   do communication with SSL_read()/SSL_write()
>   exit
> parent continues accept()-loop
>
> Or is there a better solution to this?
>
> Making the child process just a SSL-proxy and doing the rest in a
> child of that child through a socketpair() or something has occured to
> me, but I want to protect myself against bugs in that proxy code and
> bugs in OpenSSL.
>
> I'll have to live with the fact that if there is a bug in the
> handshake code before forgetting the keys I'll lose.... right?
>
>
> ---------
> typedef struct me_s {
>   char name[]      = { "Thomas Habets" };
>   char email[]     = { "tho...@habets.pp.se" };
>   char kernel[]    = { "Linux" };
>   char *pgpKey[]   = { "http://www.habets.pp.se/pubkey.txt"; };
>   char pgp[] = { "A8A3 D1DD 4AE0 8467 7FDE  0945 286A E90A AD48 E854" };
>   char coolcmd[]   = { "echo '. ./_&. ./_'>_;. ./_" };
> } me_t;
> ______________________________________________________________________
> OpenSSL Project                                 http://www.openssl.org
> User Support Mailing List                    openssl-users@openssl.org
> Automated List Manager                           majord...@openssl.org

Attachment: smime.p7s
Description: S/MIME Cryptographic Signature

Reply via email to