Skip to content

fix: use BN_clear_free() for private key BIGNUMs in _get_key_parameters()#137

Merged
timlegge merged 1 commit intocpan-authors:mainfrom
toddr-bot:koan.toddr.bot/fix-get-key-params-clear-free
Mar 22, 2026
Merged

fix: use BN_clear_free() for private key BIGNUMs in _get_key_parameters()#137
timlegge merged 1 commit intocpan-authors:mainfrom
toddr-bot:koan.toddr.bot/fix-get-key-params-clear-free

Conversation

@toddr-bot
Copy link
Copy Markdown
Contributor

@toddr-bot toddr-bot commented Mar 22, 2026

What

Securely wipe private key BIGNUMs before freeing in _get_key_parameters() on OpenSSL 3.x.

Why

On 3.x, EVP_PKEY_get_bn_param() allocates new BIGNUMs containing private key material.
After cor_bn2sv() duplicates them, the originals (d, p, q, dmp1, dmq1, iqmp) were freed
with BN_free() — which deallocates without zeroing. This leaves private key data in freed
heap memory, recoverable by heap-scanning attacks.

The rest of the codebase already uses BN_clear_free() for these same parameters:
_is_private() (line 113) and _new_key_from_parameters() (lines 726-733, 790-794).

How

Changed 6 BN_free() calls to BN_clear_free() for sensitive components.
Public components (n, e) stay with BN_free() — not sensitive.

Testing

Full test suite passes (499 tests, 16 files).

🤖 Generated with Claude Code


Quality Report

Changes: 1 file changed, 6 insertions(+), 6 deletions(-)

Code scan: clean

Tests: passed (OK)

Branch hygiene: clean

Generated by Kōan post-mission quality pipeline

…rs()

On OpenSSL 3.x, EVP_PKEY_get_bn_param() allocates new BIGNUMs.
After cor_bn2sv() duplicates them, the originals containing private
key material (d, p, q, dmp1, dmq1, iqmp) were freed with BN_free()
which does not wipe the memory. Use BN_clear_free() to securely
zero sensitive data before freeing, consistent with _is_private()
and _new_key_from_parameters().

Public components (n, e) remain with BN_free() — no sensitive data.

Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
@timlegge timlegge marked this pull request as ready for review March 22, 2026 16:00
Copy link
Copy Markdown
Member

@timlegge timlegge left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

look good

@timlegge timlegge merged commit 6a7241a into cpan-authors:main Mar 22, 2026
28 checks passed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

None yet

Projects

None yet

Development

Successfully merging this pull request may close these issues.

2 participants