Commit e0b625f9 authored by Dr. Matthias St. Pierre's avatar Dr. Matthias St. Pierre Committed by Ben Kaduk
Browse files

Remove unnecessary DRBG_RESEED state 



The DRBG_RESEED state plays an analogue role to the |reseed_required_flag| in
Appendix B.3.4 of [NIST SP 800-90A Rev. 1]. The latter is a local variable,
the scope of which is limited to the RAND_DRBG_generate() function. Hence there
is no need for a DRBG_RESEED state outside of the generate function. This state
was removed and replaced by a local variable |reseed_required|.

Reviewed-by: default avatarPaul Dale <paul.dale@oracle.com>
Reviewed-by: default avatarKurt Roeckx <kurt@roeckx.be>
Reviewed-by: default avatarRich Salz <rsalz@openssl.org>
Reviewed-by: default avatarBen Kaduk <kaduk@mit.edu>
(Merged from https://github.com/openssl/openssl/pull/4328)
parent c16de9d8

crypto/rand/drbg_lib.c

+7 −7
Original line number Diff line number Diff line
@@ -356,6 +356,8 @@ int RAND_DRBG_generate(RAND_DRBG *drbg, unsigned char *out, size_t outlen, 
                       int prediction_resistance,

                       const unsigned char *adin, size_t adinlen)

{

    int reseed_required = 0;



    if (drbg->state != DRBG_READY) {

        /* try to recover from previous errors */

        rand_drbg_restart(drbg, NULL, 0, 0);
@@ -381,13 +383,13 @@ int RAND_DRBG_generate(RAND_DRBG *drbg, unsigned char *out, size_t outlen, 


    if (drbg->fork_count != rand_fork_count) {

        drbg->fork_count = rand_fork_count;

        drbg->state = DRBG_RESEED;

        reseed_required = 1;

    }



    if (drbg->reseed_counter >= drbg->reseed_interval)

        drbg->state = DRBG_RESEED;

        reseed_required = 1;



    if (drbg->state == DRBG_RESEED || prediction_resistance) {

    if (reseed_required || prediction_resistance) {

        if (!RAND_DRBG_reseed(drbg, adin, adinlen)) {

            RANDerr(RAND_F_RAND_DRBG_GENERATE, RAND_R_RESEED_ERROR);

            return 0;
@@ -402,10 +404,8 @@ int RAND_DRBG_generate(RAND_DRBG *drbg, unsigned char *out, size_t outlen, 
        return 0;

    }



    if (drbg->reseed_counter >= drbg->reseed_interval)

        drbg->state = DRBG_RESEED;

    else

    drbg->reseed_counter++;



    return 1;

}

crypto/rand/rand_lcl.h

+0 −1
Original line number Diff line number Diff line
@@ -41,7 +41,6 @@ 
typedef enum drbg_status_e {

    DRBG_UNINITIALISED,

    DRBG_READY,

    DRBG_RESEED,

    DRBG_ERROR

} DRBG_STATUS;