Author: mturk Date: Thu Sep 8 15:37:55 2011 New Revision: 1166753 URL: http://svn.apache.org/viewvc?rev=1166753&view=rev Log: Cleanse password memory when done
Modified: commons/sandbox/runtime/trunk/src/main/java/org/apache/commons/runtime/ssl/LocalStrings.properties commons/sandbox/runtime/trunk/src/main/java/org/apache/commons/runtime/ssl/PasswordCallback.java commons/sandbox/runtime/trunk/src/main/native/modules/openssl/password.c commons/sandbox/runtime/trunk/src/main/native/shared/callback.c commons/sandbox/runtime/trunk/src/main/native/shared/memory.c commons/sandbox/runtime/trunk/src/main/test/org/apache/commons/runtime/TestOpenSSL.java Modified: commons/sandbox/runtime/trunk/src/main/java/org/apache/commons/runtime/ssl/LocalStrings.properties URL: http://svn.apache.org/viewvc/commons/sandbox/runtime/trunk/src/main/java/org/apache/commons/runtime/ssl/LocalStrings.properties?rev=1166753&r1=1166752&r2=1166753&view=diff ============================================================================== --- commons/sandbox/runtime/trunk/src/main/java/org/apache/commons/runtime/ssl/LocalStrings.properties (original) +++ commons/sandbox/runtime/trunk/src/main/java/org/apache/commons/runtime/ssl/LocalStrings.properties Thu Sep 8 15:37:55 2011 @@ -14,3 +14,6 @@ # limitations under the License. fips.ENOTIMPL=FIPS was not available at build time. You will need an OpenSSL with FIPS support. +password.PROMPT=Some of your private key files are encrypted for security reasons.\ +\nIn order to read them you have to provide the pass phrases.\ +\nEnter password : Modified: commons/sandbox/runtime/trunk/src/main/java/org/apache/commons/runtime/ssl/PasswordCallback.java URL: http://svn.apache.org/viewvc/commons/sandbox/runtime/trunk/src/main/java/org/apache/commons/runtime/ssl/PasswordCallback.java?rev=1166753&r1=1166752&r2=1166753&view=diff ============================================================================== --- commons/sandbox/runtime/trunk/src/main/java/org/apache/commons/runtime/ssl/PasswordCallback.java (original) +++ commons/sandbox/runtime/trunk/src/main/java/org/apache/commons/runtime/ssl/PasswordCallback.java Thu Sep 8 15:37:55 2011 @@ -23,17 +23,13 @@ import org.apache.commons.runtime.Callba */ public abstract class PasswordCallback implements Callback { - private String prompt + private String prompt; private long handler; private native long new0(); private native void def0(long handler); private native void del0(long handler); private native void set0(long handler, String password); - private static final String defaultPrompt = "Some of your private key files are encrypted for security reasons.\n" + - "In order to read them you have to provide the pass phrases.\n" + - "Enter password :"; - private static Object lock; static { lock = new Object(); @@ -45,14 +41,23 @@ public abstract class PasswordCallback i protected PasswordCallback() { handler = new0(); - prompt = defaultPrompt; + prompt = Local.sm.get("password.PROMPT"); + } + + /** + * Creates a new object instance + */ + protected PasswordCallback(String prompt) + { + handler = new0(); + this.prompt = prompt; } @Override public int handler(Object thiz, int code) { try { - String pass = onPromptPassword(prompt); + String pass = onPasswordPrompt(prompt); set0(handler, pass); return 1; } catch (Exception x) { @@ -83,7 +88,7 @@ public abstract class PasswordCallback i /** * Application provided handler method. */ - protected abstract String onPromptPassword(String prompt) + protected abstract String onPasswordPrompt(String prompt) throws Exception; /** Modified: commons/sandbox/runtime/trunk/src/main/native/modules/openssl/password.c URL: http://svn.apache.org/viewvc/commons/sandbox/runtime/trunk/src/main/native/modules/openssl/password.c?rev=1166753&r1=1166752&r2=1166753&view=diff ============================================================================== --- commons/sandbox/runtime/trunk/src/main/native/modules/openssl/password.c (original) +++ commons/sandbox/runtime/trunk/src/main/native/modules/openssl/password.c Thu Sep 8 15:37:55 2011 @@ -48,9 +48,11 @@ ACR_SSL_EXPORT(void, PasswordCallback, d ssl_pass_cb_t *pc = J2P(ph, ssl_pass_cb_t *); if (pc != 0) { - /* TODO: clanse password */ - if (pc == ACRSSL_password_cb) + if (pc == ACRSSL_password_cb) { + /* XXX: Should we allow that ? */ ACRSSL_password_cb = 0; + } + AcrMemCleanse(pc->password, 0); AcrFree(pc->password); AcrFree(pc); } @@ -66,9 +68,25 @@ ACR_SSL_EXPORT(void, PasswordCallback, s { ssl_pass_cb_t *pc = J2P(ph, ssl_pass_cb_t *); if (pc != 0) { - AcrFree(pc->password); - WITH_DSTR(password) { - pc->password = J2S(password); + AcrMemCleanse(pc->password, 0); + ACR_MFREE(pc->password); + WITH_CSTR(password) { + pc->password = AcrStrdup(env, J2S(password)); } DONE_WITH_STR(password); } } + +#if defined(ENABLE_TEST_PRIVATE) +ACR_SSL_EXPORT(int, TestOpenSSL, runPasswordCallback)(JNI_STDARGS) +{ + if (ACRSSL_password_cb != 0) { + AcrCallbackRun(0, ACRSSL_password_cb->cb, 0, 0, 0); + if (ACRSSL_password_cb->password && strcmp(ACRSSL_password_cb->password, "secret") == 0) + return 0; + else + return ACR_EINVAL; + } + else + return ACR_EINIT; +} +#endif Modified: commons/sandbox/runtime/trunk/src/main/native/shared/callback.c URL: http://svn.apache.org/viewvc/commons/sandbox/runtime/trunk/src/main/native/shared/callback.c?rev=1166753&r1=1166752&r2=1166753&view=diff ============================================================================== --- commons/sandbox/runtime/trunk/src/main/native/shared/callback.c (original) +++ commons/sandbox/runtime/trunk/src/main/native/shared/callback.c Thu Sep 8 15:37:55 2011 @@ -121,11 +121,14 @@ AcrCallbackFree(JNI_STDENV, acr_callback int AcrCallbackRun(JNI_STDENV, acr_callback_t *cb, void *ctx, int val, int *rv) { + int unused; int rc = ACR_ECLASSNOTFOUND; - if (cb == 0) { + + if (cb == 0) return ACR_EINVAL; - } + if (rv == 0) + rv = &unused; if (env == 0 && cb->thiz) { /* Get JNIEnv only if needed */ Modified: commons/sandbox/runtime/trunk/src/main/native/shared/memory.c URL: http://svn.apache.org/viewvc/commons/sandbox/runtime/trunk/src/main/native/shared/memory.c?rev=1166753&r1=1166752&r2=1166753&view=diff ============================================================================== --- commons/sandbox/runtime/trunk/src/main/native/shared/memory.c (original) +++ commons/sandbox/runtime/trunk/src/main/native/shared/memory.c Thu Sep 8 15:37:55 2011 @@ -158,7 +158,7 @@ AcrMemCleanse(void *p, size_t len) volatile unsigned char *ptr = (volatile unsigned char *)p; if (p != 0) { - size_t loop = len; + size_t loop = len == 0 ? strlen((const char *)p) : len; size_t cctr = cleanse_ctr; /* Suppose compiler won't rule that out */ while (loop-- != 0) { Modified: commons/sandbox/runtime/trunk/src/main/test/org/apache/commons/runtime/TestOpenSSL.java URL: http://svn.apache.org/viewvc/commons/sandbox/runtime/trunk/src/main/test/org/apache/commons/runtime/TestOpenSSL.java?rev=1166753&r1=1166752&r2=1166753&view=diff ============================================================================== --- commons/sandbox/runtime/trunk/src/main/test/org/apache/commons/runtime/TestOpenSSL.java (original) +++ commons/sandbox/runtime/trunk/src/main/test/org/apache/commons/runtime/TestOpenSSL.java Thu Sep 8 15:37:55 2011 @@ -25,21 +25,51 @@ import org.apache.commons.runtime.Native public class TestOpenSSL extends Assert { + private static native int runPasswordCallback(); + + public class PasswordHandler extends PasswordCallback + { + public PasswordHandler() + { + } + + @Override + public String onPasswordPrompt(String prompt) + throws Exception + { + System.out.print(prompt); + System.out.println(); + return "secret"; + } + } + @BeforeSuite(groups = { "openssl" }) public void setUp() { if (Native.HAS_OPENSSL) { assertTrue(Native.ldopenssl()); } + Library.initialize(); + assertTrue(Library.initialized()); } @Test(groups = { "openssl" }) public void sslInit() { - Library.initialize(); assertTrue(Library.initialized()); - System.out.println("PRNG file: " + Random.getSeedFile()); - System.out.println("PRNG seed: " + Random.seed()); + assertTrue(Random.seed()); + } + + @Test(groups = { "openssl" }) + public void setupPasswordCallback() + { + PasswordHandler h = new PasswordHandler(); + h.setDefault(); + try { + assertEquals(runPasswordCallback(), 0); + } catch (UnsatisfiedLinkError e) { + // Ignore cause its compile time defined. + } }