On Sat, Feb 17, 2018 at 4:35 AM, Niels Möller nisse@lysator.liu.se wrote:
...
@@ -80,7 +80,7 @@ openssl_evp_set_encrypt_key(void *p, const uint8_t *key, { struct openssl_cipher_ctx *ctx = p; ctx->evp = EVP_CIPHER_CTX_new();
- assert(EVP_EncryptInit_ex(ctx->evp, cipher, NULL, key, NULL) == 1);
- assert(EVP_CipherInit_ex(ctx->evp, cipher, NULL, key, NULL, 1) == 1); EVP_CIPHER_CTX_set_padding(ctx->evp, 0);
}
It's not right to use assert on expressions with side-effects. Since will break builds with ./configure CFLAGS='-DNDEBUG'.
No asserts, period. They should not get through an audit.
What happens when an assert fires? According to Posix an abort() happens (http://pubs.opengroup.org/onlinepubs/009695399/functions/assert.html).
What happens when the abort happens? The sensitive information inside the app's security boundary leaves the security boundary. It is egressed from the app and written to a core file.
It gets worse. If services are engaged like Windows Error Reporting, Appport, Apple Crash Reporter, Crashlytics , and friends, then the sensitive information leaves the computer or device, too. It just crossed another security boundary and a third party owns it.
Everything that used to be private, like password lists and private keys, are now public information. The NSA, GCHQ and law enforcement thanks you.
The library that really perplexes me is libsodium. It is used in software like Bitcoin and Monero. Every time an assert fires it is like opening the wallet up for thieves to take what they want.
Please ensure you always build high integrity software with -DNDEBUG to remove the asserts.
Jeff