diff options
author | Bernd Edlinger <bernd.edlinger@hotmail.de> | 2019-07-20 11:22:46 +0200 |
---|---|---|
committer | Bernd Edlinger <bernd.edlinger@hotmail.de> | 2019-07-22 13:37:13 +0200 |
commit | 1372560f64c9a7cfad1979fa8c41bee335a04373 (patch) | |
tree | 0e36898357cc623e3d0904921d091ba2c4b38ff8 /crypto/include | |
parent | a8f1aabd4b44db668bca638c111598b2e0688cc4 (diff) |
Allocate DRBG additional data pool from non-secure memory
The additional data allocates 12K per DRBG instance in the
secure memory, which is not necessary. Also nonces are not
considered secret.
[extended tests]
Reviewed-by: Matthias St. Pierre <Matthias.St.Pierre@ncp-e.com>
Reviewed-by: Paul Dale <paul.dale@oracle.com>
(Merged from https://github.com/openssl/openssl/pull/9423)
Diffstat (limited to 'crypto/include')
-rw-r--r-- | crypto/include/internal/rand_int.h | 3 |
1 files changed, 2 insertions, 1 deletions
diff --git a/crypto/include/internal/rand_int.h b/crypto/include/internal/rand_int.h index d964a1d407..c5d0c20551 100644 --- a/crypto/include/internal/rand_int.h +++ b/crypto/include/internal/rand_int.h @@ -58,7 +58,8 @@ void rand_crngt_cleanup_entropy(RAND_DRBG *drbg, /* * RAND_POOL functions */ -RAND_POOL *rand_pool_new(int entropy_requested, size_t min_len, size_t max_len); +RAND_POOL *rand_pool_new(int entropy_requested, int secure, + size_t min_len, size_t max_len); RAND_POOL *rand_pool_attach(const unsigned char *buffer, size_t len, size_t entropy); void rand_pool_free(RAND_POOL *pool); |