From 8a1542fc41b43bdcd67cd341c1d332d2e05e2340 Mon Sep 17 00:00:00 2001
From: David Benjamin <davidben@google.com>
Date: Tue, 6 Sep 2022 12:40:08 -0400
Subject: [PATCH] Stub out the OpenSSL secure heap.

OpenSSL added a separate "secure heap" to allocate some data in a
different heap. We don't implement this, so just act as if initializing
it always fails. Node now expects these functions to be available.

Change-Id: I4c57c807c51681b16ec3a60e9674583b193358c4
Reviewed-on: https://boringssl-review.googlesource.com/c/boringssl/+/54309
Auto-Submit: David Benjamin <davidben@google.com>
Reviewed-by: Bob Beck <bbe@google.com>
Commit-Queue: Bob Beck <bbe@google.com>
---
 crypto/fipsmodule/bn/bn.c |  2 ++
 crypto/mem.c              | 12 ++++++++++++
 include/openssl/bn.h      |  3 +++
 include/openssl/mem.h     | 15 +++++++++++++++
 4 files changed, 32 insertions(+)

diff --git a/crypto/fipsmodule/bn/bn.c b/crypto/fipsmodule/bn/bn.c
index 006e3eb7a..f2e3b7b13 100644
--- a/crypto/fipsmodule/bn/bn.c
+++ b/crypto/fipsmodule/bn/bn.c
@@ -81,6 +81,8 @@ BIGNUM *BN_new(void) {
   return bn;
 }
 
+BIGNUM *BN_secure_new(void) { return BN_new(); }
+
 void BN_init(BIGNUM *bn) {
   OPENSSL_memset(bn, 0, sizeof(BIGNUM));
 }
diff --git a/crypto/mem.c b/crypto/mem.c
index c90bb162b..af2031846 100644
--- a/crypto/mem.c
+++ b/crypto/mem.c
@@ -243,6 +243,18 @@ void OPENSSL_clear_free(void *ptr, size_t unused) {
   OPENSSL_free(ptr);
 }
 
+int CRYPTO_secure_malloc_init(size_t size, size_t min_size) { return 0; }
+
+int CRYPTO_secure_malloc_initialized(void) { return 0; }
+
+size_t CRYPTO_secure_used(void) { return 0; }
+
+void *OPENSSL_secure_malloc(size_t size) { return OPENSSL_malloc(size); }
+
+void OPENSSL_secure_clear_free(void *ptr, size_t len) {
+  OPENSSL_clear_free(ptr, len);
+}
+
 int CRYPTO_memcmp(const void *in_a, const void *in_b, size_t len) {
   const uint8_t *a = in_a;
   const uint8_t *b = in_b;
diff --git a/include/openssl/bn.h b/include/openssl/bn.h
index 9abccaffc..3a721fe73 100644
--- a/include/openssl/bn.h
+++ b/include/openssl/bn.h
@@ -967,6 +967,9 @@ OPENSSL_EXPORT int BN_bn2binpad(const BIGNUM *in, uint8_t *out, int len);
 // conservative.)
 #define BN_prime_checks BN_prime_checks_for_validation
 
+// BN_secure_new calls |BN_new|.
+OPENSSL_EXPORT BIGNUM *BN_secure_new(void);
+
 
 // Private functions
 
diff --git a/include/openssl/mem.h b/include/openssl/mem.h
index 476299ae0..f07698db2 100644
--- a/include/openssl/mem.h
+++ b/include/openssl/mem.h
@@ -164,6 +164,21 @@ OPENSSL_EXPORT void CRYPTO_free(void *ptr, const char *file, int line);
 // allocations on free, but we define |OPENSSL_clear_free| for compatibility.
 OPENSSL_EXPORT void OPENSSL_clear_free(void *ptr, size_t len);
 
+// CRYPTO_secure_malloc_init returns zero.
+OPENSSL_EXPORT int CRYPTO_secure_malloc_init(size_t size, size_t min_size);
+
+// CRYPTO_secure_malloc_initialized returns zero.
+OPENSSL_EXPORT int CRYPTO_secure_malloc_initialized(void);
+
+// CRYPTO_secure_used returns zero.
+OPENSSL_EXPORT size_t CRYPTO_secure_used(void);
+
+// OPENSSL_secure_malloc calls |OPENSSL_malloc|.
+OPENSSL_EXPORT void *OPENSSL_secure_malloc(size_t size);
+
+// OPENSSL_secure_clear_free calls |OPENSSL_clear_free|.
+OPENSSL_EXPORT void OPENSSL_secure_clear_free(void *ptr, size_t len);
+
 
 #if defined(__cplusplus)
 }  // extern C