openssl/openssl

Make OpenSSL use pointers from input buffer for holding CMS structure instead of allocating memory

Open

#24.832 aperta il 10 lug 2024

Vedi su GitHub
 (1 commento) (0 reazioni) (0 assegnatari)C (11.262 fork)batch import
branch: masterhelp wantedtriaged: feature

Metriche repository

Star
 (30.157 star)
Metriche merge PR
 (Nessuna PR mergiata in 30 g)

Descrizione

Discussed in https://github.com/openssl/openssl/discussions/24822

Originally posted by mura1i July 9, 2024 An embedded device with limited memory is already using OpenSSL for communication.

I am implementing a CMS signature verification wrapper library using OpenSSL that should work for the device.

We already have the below code which is working.

CMS_ContentInfo *cms = d2i_CMS_ContentInfo(nullptr, in, len); // allocates memory 1

if (CMS_verify(cms, nullptr, store, nullptr, nullptr, 0))
{
    ASN1_OCTET_STRING **data = CMS_get0_content(cms);
    len = (*data)->length);
    out = OPENSSL_zalloc(len); // allocates memory 2
    memcpy(out, (*data)->data, len);
}

CMS_ContentInfo_free(cms); // frees memory 1

But it allocates redundant memory 2 times.

Any way to make OpenSSL use the input buffer itself for holding the data?

Found out that this is not currently feasible from the discussion. Raising this as a feature request hoping someone would find a way in future 🤞

Guida contributor