Skip to content
  1. Nov 05, 2018
  2. Nov 04, 2018
  3. Nov 02, 2018
  4. Nov 01, 2018
  5. Oct 31, 2018
  6. Oct 30, 2018
  7. Oct 29, 2018
  8. Oct 28, 2018
  9. Oct 27, 2018
    • Bernd Edlinger's avatar
      Fix data race in RAND_DRBG_generate · 1f985276
      Bernd Edlinger authored
      
      
      Fixes #7394
      
      Reviewed-by: default avatarPaul Dale <paul.dale@oracle.com>
      (Merged from https://github.com/openssl/openssl/pull/7399)
      
      (cherry picked from commit a83dc59a)
      1f985276
    • Dr. Matthias St. Pierre's avatar
      RAND_add()/RAND_seed(): fix failure on short input or low entropy · d597a9a8
      Dr. Matthias St. Pierre authored
      Commit 5b4cb385
      
       (#7382) introduced a bug which had the effect
      that RAND_add()/RAND_seed() failed for buffer sizes less than
      32 bytes. The reason was that now the added random data was used
      exlusively as entropy source for reseeding. When the random input
      was too short or contained not enough entropy, the DRBG failed
      without querying the available entropy sources.
      
      This commit makes drbg_add() act smarter: it checks the entropy
      requirements explicitely. If the random input fails this check,
      it won't be added as entropy input, but only as additional data.
      More precisely, the behaviour depends on whether an os entropy
      source was configured (which is the default on most os):
      
      - If an os entropy source is avaible then we declare the buffer
        content as additional data by setting randomness to zero and
        trigger a regular   reseeding.
      
      - If no os entropy source is available, a reseeding will fail
        inevitably. So drbg_add() uses a trick to mix the buffer contents
        into the DRBG state without forcing a reseeding: it generates a
        dummy random byte, using the buffer content as additional data.
      
      Related-to: #7449
      
      Reviewed-by: default avatarPaul Dale <paul.dale@oracle.com>
      (Merged from https://github.com/openssl/openssl/pull/7456)
      
      (cherry picked from commit 8817215d)
      d597a9a8
  10. Oct 26, 2018