haskell-cryptography
EVP_CipherFinal usage?
When linking HsOpenSSL against libressl-2.7.4, I get a linker warning saying
(.text+0x49fe): warning: EVP_CipherFinal is often misused, please use EVP_CipherFinal_ex and EVP_CIPHER_CTX_cleanup
Should this package be using that function, or is it nothing to worry about?
I'm not the original author and can't say what this error could mean. But I would gladly accept a pull request that removes this warning.
Seems like it's FFI bound here.
According to the libressl man page,
EVP_CIPHER_CTX_cleanup() clears all information from a cipher context and free up any allocated memory associated with it. It should be called after all operations using a cipher are complete so sensitive information does not remain in memory.
EVP_EncryptFinal(), EVP_DecryptFinal(), and EVP_CipherFinal() are identical to EVP_EncryptFinal_ex(), EVP_DecryptFinal_ex(), and EVP_CipherFinal_ex(). In previous releases of OpenSSL, they also used to clean up the ctx, but this is no longer done and EVP_CIPHER_CTX_cleanup() must be called to free any context resources.
Since we just failIf (/= 1) on the output of EVP_CipherFinal, the context is not being cleaned up correctly, which could leave sensitive information in memory (and it's not like there's a ForeignPtr finalizer doing it separately somewhere -- we don't even have an FFI binding to EVP_CIPHER_CTX_cleanup).
I think it worth to follow libressl advice and replace EVP_CipherFinal with EVP_CipherFinal_ex and EVP_CIPHER_CTX_cleanup but I currently have no time to implement it. If you like you could make a PR and I will release an updated version of HsOpenSSL.