Make rand_pool buffers more dynamic in their sizing.

The rand pool support allocates maximal sized buffers -- this is typically 12288 bytes in size. These pools are allocated in secure memory which is a scarse resource. They are also allocated per DRBG of which there are up to two per thread. This change allocates 64 byte pools and grows them dynamically if required. 64 is chosen to be sufficiently large so that pools do not normally need to grow. Reviewed-by: Bernd Edlinger <bernd.edlinger@hotmail.de> (Merged from https://github.com/openssl/openssl/pull/9428) (cherry picked from commit a6a66e4511eec0f4ecc2943117a42b3723eb2222)
author: Pauli <paul.dale@oracle.com> 2019-07-23 18:07:19 +1000
committer: Pauli <paul.dale@oracle.com> 2019-07-23 23:30:12 +1000
commit: b4b42d441d350b48449ea93aaa035152123f70ae (patch)
tree: 05b66afd9b998f24aa6d048eb2e087ca5b7dc4df /CHANGES
parent: e8d866dcb170dbe22dcda418cd5df655f67dbc0b (diff)
1 files changed, 3 insertions, 0 deletions
diff --git a/CHANGES b/CHANGES
index 47ea8e0978..de9c7c1f4b 100644
--- a/CHANGES
+++ b/CHANGES
@@ -15,6 +15,9 @@
      private key for those. This avoids leaking bit 0 of the private key.
      [Bernd Edlinger]
 
+  *) Significantly reduce secure memory usage by the randomness pools.
+     [Paul Dale]
+
   *) Revert the DEVRANDOM_WAIT feature for Linux systems
 
      The DEVRANDOM_WAIT feature added a select() call to wait for the
author	Pauli <paul.dale@oracle.com>	2019-07-23 18:07:19 +1000
committer	Pauli <paul.dale@oracle.com>	2019-07-23 23:30:12 +1000
commit	b4b42d441d350b48449ea93aaa035152123f70ae (patch)
tree	05b66afd9b998f24aa6d048eb2e087ca5b7dc4df /CHANGES
parent	e8d866dcb170dbe22dcda418cd5df655f67dbc0b (diff)