Loading fips/rand/fips_drbg_lib.c +19 −2 Original line number Diff line number Diff line Loading @@ -114,7 +114,7 @@ void FIPS_drbg_free(DRBG_CTX *dctx) { if (dctx->uninstantiate) dctx->uninstantiate(dctx); OPENSSL_cleanse(dctx, sizeof(DRBG_CTX)); OPENSSL_cleanse(&dctx->d, sizeof(dctx->d)); OPENSSL_free(dctx); } Loading Loading @@ -403,7 +403,8 @@ int FIPS_drbg_uninstantiate(DRBG_CTX *dctx) /* Although we'd like to cleanse here we can't because we have to * test the uninstantiate really zeroes the data. */ memset(dctx, 0, sizeof(DRBG_CTX)); memset(&dctx->d, 0, sizeof(dctx->d)); dctx->status = DRBG_STATUS_UNINITIALISED; /* If method has problems uninstantiating, return error */ return rv; } Loading @@ -425,6 +426,22 @@ int FIPS_drbg_set_callbacks(DRBG_CTX *dctx, return 1; } int FIPS_drbg_set_rand_callbacks(DRBG_CTX *dctx, size_t (*get_adin)(DRBG_CTX *ctx, unsigned char **pout), void (*cleanup_adin)(DRBG_CTX *ctx, unsigned char *out, size_t olen), int (*rand_seed_cb)(DRBG_CTX *ctx, const void *buf, int num), int (*rand_add_cb)(DRBG_CTX *ctx, const void *buf, int num, double entropy)) { if (dctx->status != DRBG_STATUS_UNINITIALISED) return 0; dctx->get_adin = get_adin; dctx->cleanup_adin = cleanup_adin; dctx->rand_seed_cb = rand_seed_cb; dctx->rand_add_cb = rand_add_cb; return 1; } void *FIPS_drbg_get_app_data(DRBG_CTX *dctx) { return dctx->app_data; Loading fips/rand/fips_drbg_selftest.c +3 −3 Original line number Diff line number Diff line Loading @@ -954,11 +954,11 @@ static int fips_drbg_health_check(DRBG_CTX *dctx, DRBG_SELFTEST_DATA *td) } FIPS_drbg_uninstantiate(dctx); p = (unsigned char *)dctx; p = (unsigned char *)&dctx->d; /* Standard says we have to check uninstantiate really zeroes * the data... */ for (i = 0; i < sizeof(DRBG_CTX); i++) for (i = 0; i < sizeof(dctx->d); i++) { if (*p != 0) { Loading fips/rand/fips_rand.h +7 −0 Original line number Diff line number Diff line Loading @@ -97,6 +97,13 @@ int FIPS_drbg_set_callbacks(DRBG_CTX *dctx, int entropy, size_t min_len, size_t max_len), void (*cleanup_nonce)(DRBG_CTX *ctx, unsigned char *out, size_t olen)); int FIPS_drbg_set_rand_callbacks(DRBG_CTX *dctx, size_t (*get_adin)(DRBG_CTX *ctx, unsigned char **pout), void (*cleanup_adin)(DRBG_CTX *ctx, unsigned char *out, size_t olen), int (*rand_seed_cb)(DRBG_CTX *ctx, const void *buf, int num), int (*rand_add_cb)(DRBG_CTX *ctx, const void *buf, int num, double entropy)); void *FIPS_drbg_get_app_data(DRBG_CTX *ctx); void FIPS_drbg_set_app_data(DRBG_CTX *ctx, void *app_data); size_t FIPS_drbg_get_blocklength(DRBG_CTX *dctx); Loading Loading
fips/rand/fips_drbg_lib.c +19 −2 Original line number Diff line number Diff line Loading @@ -114,7 +114,7 @@ void FIPS_drbg_free(DRBG_CTX *dctx) { if (dctx->uninstantiate) dctx->uninstantiate(dctx); OPENSSL_cleanse(dctx, sizeof(DRBG_CTX)); OPENSSL_cleanse(&dctx->d, sizeof(dctx->d)); OPENSSL_free(dctx); } Loading Loading @@ -403,7 +403,8 @@ int FIPS_drbg_uninstantiate(DRBG_CTX *dctx) /* Although we'd like to cleanse here we can't because we have to * test the uninstantiate really zeroes the data. */ memset(dctx, 0, sizeof(DRBG_CTX)); memset(&dctx->d, 0, sizeof(dctx->d)); dctx->status = DRBG_STATUS_UNINITIALISED; /* If method has problems uninstantiating, return error */ return rv; } Loading @@ -425,6 +426,22 @@ int FIPS_drbg_set_callbacks(DRBG_CTX *dctx, return 1; } int FIPS_drbg_set_rand_callbacks(DRBG_CTX *dctx, size_t (*get_adin)(DRBG_CTX *ctx, unsigned char **pout), void (*cleanup_adin)(DRBG_CTX *ctx, unsigned char *out, size_t olen), int (*rand_seed_cb)(DRBG_CTX *ctx, const void *buf, int num), int (*rand_add_cb)(DRBG_CTX *ctx, const void *buf, int num, double entropy)) { if (dctx->status != DRBG_STATUS_UNINITIALISED) return 0; dctx->get_adin = get_adin; dctx->cleanup_adin = cleanup_adin; dctx->rand_seed_cb = rand_seed_cb; dctx->rand_add_cb = rand_add_cb; return 1; } void *FIPS_drbg_get_app_data(DRBG_CTX *dctx) { return dctx->app_data; Loading
fips/rand/fips_drbg_selftest.c +3 −3 Original line number Diff line number Diff line Loading @@ -954,11 +954,11 @@ static int fips_drbg_health_check(DRBG_CTX *dctx, DRBG_SELFTEST_DATA *td) } FIPS_drbg_uninstantiate(dctx); p = (unsigned char *)dctx; p = (unsigned char *)&dctx->d; /* Standard says we have to check uninstantiate really zeroes * the data... */ for (i = 0; i < sizeof(DRBG_CTX); i++) for (i = 0; i < sizeof(dctx->d); i++) { if (*p != 0) { Loading
fips/rand/fips_rand.h +7 −0 Original line number Diff line number Diff line Loading @@ -97,6 +97,13 @@ int FIPS_drbg_set_callbacks(DRBG_CTX *dctx, int entropy, size_t min_len, size_t max_len), void (*cleanup_nonce)(DRBG_CTX *ctx, unsigned char *out, size_t olen)); int FIPS_drbg_set_rand_callbacks(DRBG_CTX *dctx, size_t (*get_adin)(DRBG_CTX *ctx, unsigned char **pout), void (*cleanup_adin)(DRBG_CTX *ctx, unsigned char *out, size_t olen), int (*rand_seed_cb)(DRBG_CTX *ctx, const void *buf, int num), int (*rand_add_cb)(DRBG_CTX *ctx, const void *buf, int num, double entropy)); void *FIPS_drbg_get_app_data(DRBG_CTX *ctx); void FIPS_drbg_set_app_data(DRBG_CTX *ctx, void *app_data); size_t FIPS_drbg_get_blocklength(DRBG_CTX *dctx); Loading
