wbrawner/openssl
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

Rework and simplify resource flow in drbg_add

Browse source 
Reviewed-by: Matthias St. Pierre <Matthias.St.Pierre@ncp-e.com>
Reviewed-by: Paul Dale <paul.dale@oracle.com>
(Merged from https://github.com/openssl/openssl/pull/7504)

(cherry picked from commit f9e43929c4)
This commit is contained in:
Bernd Edlinger 2018-10-26 21:06:14 +02:00
parent c7a7ed3870
commit 6101850baf
2 changed files with 6 additions and 24 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

19
crypto/rand/drbg_lib.c
View file

@ -357,15 +357,6 @@ int RAND_DRBG_instantiate(RAND_DRBG *drbg,
drbg->cleanup_entropy(drbg, entropy, entropylen);
if (nonce != NULL && drbg->cleanup_nonce != NULL)
drbg->cleanup_nonce(drbg, nonce, noncelen);
if (drbg->pool != NULL) {
if (drbg->state == DRBG_READY) {
RANDerr(RAND_F_RAND_DRBG_INSTANTIATE,
RAND_R_ERROR_ENTROPY_POOL_WAS_IGNORED);
drbg->state = DRBG_ERROR;
}
rand_pool_free(drbg->pool);
drbg->pool = NULL;
}
if (drbg->state == DRBG_READY)
return 1;
return 0;
@ -555,14 +546,8 @@ int rand_drbg_restart(RAND_DRBG *drbg,
}
}
/* check whether a given entropy pool was cleared properly during reseed */
if (drbg->pool != NULL) {
drbg->state = DRBG_ERROR;
RANDerr(RAND_F_RAND_DRBG_RESTART, ERR_R_INTERNAL_ERROR);
rand_pool_free(drbg->pool);
drbg->pool = NULL;
return 0;
}
rand_pool_free(drbg->pool);
drbg->pool = NULL;
return drbg->state == DRBG_READY;
}

11
crypto/rand/rand_lib.c
View file

@ -204,11 +204,8 @@ size_t rand_drbg_get_entropy(RAND_DRBG *drbg,
}
err:
/* we need to reset drbg->pool in the error case */
if (ret == 0 && drbg->pool != NULL)
drbg->pool = NULL;
rand_pool_free(pool);
if (drbg->pool == NULL)
rand_pool_free(pool);
return ret;
}
@ -221,8 +218,6 @@ void rand_drbg_cleanup_entropy(RAND_DRBG *drbg,
{
if (drbg->pool == NULL)
OPENSSL_secure_clear_free(out, outlen);
else
drbg->pool = NULL;
}
@ -547,6 +542,8 @@ unsigned char *rand_pool_detach(RAND_POOL *pool)
{
unsigned char *ret = pool->buffer;
pool->buffer = NULL;
pool->len = 0;
pool->entropy = 0;
return ret;
}