ACME: zeroize buffers with private keys after use.

bavshin-f5 · bavshin-f5 · commit 165652e525f7 · 2025-07-28T21:12:37.000-07:00
We trust the SSL library to securely clear the EVP_PKEY objects, but
all the places where we may store a PEM data should be cleared by us.
diff --git a/Cargo.lock b/Cargo.lock
diff --git a/Cargo.toml b/Cargo.toml
@@ -17,6 +17,7 @@ openssl-foreign-types = { package = "foreign-types", version = "0.3" }
 openssl-sys = { version = "0.9.109", features = ["bindgen"] }
 siphasher = { version = "1.0.1", default-features = false }
 thiserror = { version = "2.0.12", default-features = false }
+zeroize = "1.8.1"
 
 [dependencies.nginx-sys]
 git = "https://github.com/nginx/ngx-rust"
diff --git a/src/conf/issuer.rs b/src/conf/issuer.rs
@@ -16,6 +16,7 @@ use ngx::ngx_log_debug;
 use ngx::sync::RwLock;
 use openssl::pkey::{PKey, Private};
 use thiserror::Error;
+use zeroize::Zeroizing;
 
 use super::ext::NgxConfExt;
 use super::order::CertificateOrder;
@@ -256,7 +257,7 @@ impl Issuer {
                 }
             }
 
-            if let Ok(buf) = pkey.private_key_to_pem_pkcs8() {
+            if let Ok(buf) = pkey.private_key_to_pem_pkcs8().map(Zeroizing::new) {
                 // Ignore write errors.
                 let _ = state_dir.write(&path, &buf);
             }
@@ -349,7 +350,8 @@ impl StateDir {
         }
 
         let mut cert = CertificateContextInner::new_in(cf.pool());
-        cert.set(&chain, &pkey.private_key_to_pem_pkcs8()?, valid)?;
+        let pkey = Zeroizing::new(pkey.private_key_to_pem_pkcs8()?);
+        cert.set(&chain, &pkey, valid)?;
 
         Ok(cert)
     }
diff --git a/src/state/certificate.rs b/src/state/certificate.rs
@@ -4,6 +4,7 @@ use ngx::allocator::{AllocError, Allocator, TryCloneIn};
 use ngx::collections::Vec;
 use ngx::core::{Pool, SlabPool};
 use ngx::sync::RwLock;
+use zeroize::Zeroize;
 
 use crate::time::{jitter, Time, TimeRange};
 
@@ -116,6 +117,10 @@ where
                 .try_reserve_exact(PREFIX.len() + pkey.len())
                 .map_err(|_| AllocError)?;
 
+            // Zeroize is not implemented for allocator-api2 types.
+            self.chain.as_mut_slice().zeroize();
+            self.pkey.as_mut_slice().zeroize();
+
             self.chain = new_chain;
             self.pkey = new_pkey;
         }
@@ -179,3 +184,14 @@ where
         Time::now() >= self.next
     }
 }
+
+impl<A> Drop for CertificateContextInner<A>
+where
+    A: Allocator + Clone,
+{
+    fn drop(&mut self) {
+        // Zeroize is not implemented for allocator-api2 types.
+        self.chain.as_mut_slice().zeroize();
+        self.pkey.as_mut_slice().zeroize();
+    }
+}

Original file line number	Diff line number	Diff line change
`@@ -16,6 +16,7 @@ use ngx::ngx_log_debug;`
`16`	`16`	`use ngx::sync::RwLock;`
`17`	`17`	`use openssl::pkey::{PKey, Private};`
`18`	`18`	`use thiserror::Error;`
	`19`	`+use zeroize::Zeroizing;`
`19`	`20`
`20`	`21`	`use super::ext::NgxConfExt;`
`21`	`22`	`use super::order::CertificateOrder;`
`@@ -256,7 +257,7 @@ impl Issuer {`
`256`	`257`	`}`
`257`	`258`	`}`
`258`	`259`
`259`		`- if let Ok(buf) = pkey.private_key_to_pem_pkcs8() {`
	`260`	`+ if let Ok(buf) = pkey.private_key_to_pem_pkcs8().map(Zeroizing::new) {`
`260`	`261`	`// Ignore write errors.`
`261`	`262`	`let _ = state_dir.write(&path, &buf);`
`262`	`263`	`}`
`@@ -349,7 +350,8 @@ impl StateDir {`
`349`	`350`	`}`
`350`	`351`
`351`	`352`	`let mut cert = CertificateContextInner::new_in(cf.pool());`
`352`		`- cert.set(&chain, &pkey.private_key_to_pem_pkcs8()?, valid)?;`
	`353`	`+ let pkey = Zeroizing::new(pkey.private_key_to_pem_pkcs8()?);`
	`354`	`+ cert.set(&chain, &pkey, valid)?;`
`353`	`355`
`354`	`356`	`Ok(cert)`
`355`	`357`	`}`