Rework and simplify resource flow in drbg_add (6101850b) · Commits · CYBER - Cyber Security / TS 103 523 MSP / ETS / ETS OpenSSL

crypto/rand/drbg_lib.c

+2 −17

Original line number	Diff line number	Diff line
		@@ -357,15 +357,6 @@ int RAND_DRBG_instantiate(RAND_DRBG *drbg,
		drbg->cleanup_entropy(drbg, entropy, entropylen);
		if (nonce != NULL && drbg->cleanup_nonce != NULL)
		drbg->cleanup_nonce(drbg, nonce, noncelen);
		if (drbg->pool != NULL) {
		if (drbg->state == DRBG_READY) {
		RANDerr(RAND_F_RAND_DRBG_INSTANTIATE,
		RAND_R_ERROR_ENTROPY_POOL_WAS_IGNORED);
		drbg->state = DRBG_ERROR;
		}
		rand_pool_free(drbg->pool);
		drbg->pool = NULL;
		}
		if (drbg->state == DRBG_READY)
		return 1;
		return 0;
		@@ -555,14 +546,8 @@ int rand_drbg_restart(RAND_DRBG *drbg,
		}
		}

		/* check whether a given entropy pool was cleared properly during reseed */
		if (drbg->pool != NULL) {
		drbg->state = DRBG_ERROR;
		RANDerr(RAND_F_RAND_DRBG_RESTART, ERR_R_INTERNAL_ERROR);
		rand_pool_free(drbg->pool);
		drbg->pool = NULL;
		return 0;
		}

		return drbg->state == DRBG_READY;
		}

+4 −7

Original line number	Diff line number	Diff line
		@@ -204,10 +204,7 @@ size_t rand_drbg_get_entropy(RAND_DRBG *drbg,
		}

		err:
		/* we need to reset drbg->pool in the error case */
		if (ret == 0 && drbg->pool != NULL)
		drbg->pool = NULL;

		if (drbg->pool == NULL)
		rand_pool_free(pool);
		return ret;
		}
		@@ -221,8 +218,6 @@ void rand_drbg_cleanup_entropy(RAND_DRBG *drbg,
		{
		if (drbg->pool == NULL)
		OPENSSL_secure_clear_free(out, outlen);
		else
		drbg->pool = NULL;
		}


		@@ -547,6 +542,8 @@ unsigned char rand_pool_detach(RAND_POOL pool)
		{
		unsigned char *ret = pool->buffer;
		pool->buffer = NULL;
		pool->len = 0;
		pool->entropy = 0;
		return ret;
		}