diff options
| author | Bernd Edlinger <bernd.edlinger@hotmail.de> | 2018-10-26 21:06:14 +0200 |
|---|---|---|
| committer | Bernd Edlinger <bernd.edlinger@hotmail.de> | 2018-10-29 12:11:57 +0100 |
| commit | f9e43929c46b38667f67e02765fe0f1c0d3061d6 (patch) | |
| tree | 2b021c32802b6882d469dcb10dca24534caf079f /crypto | |
| parent | 040a03470c7c5bf95fe8e6143db7bef357a22833 (diff) | |
Rework and simplify resource flow in drbg_add
Reviewed-by: Matthias St. Pierre <Matthias.St.Pierre@ncp-e.com>
Reviewed-by: Paul Dale <paul.dale@oracle.com>
(Merged from https://github.com/openssl/openssl/pull/7504)
Diffstat (limited to 'crypto')
| -rw-r--r-- | crypto/rand/drbg_lib.c | 19 | ||||
| -rw-r--r-- | crypto/rand/rand_lib.c | 11 |
2 files changed, 6 insertions, 24 deletions
diff --git a/crypto/rand/drbg_lib.c b/crypto/rand/drbg_lib.c index 796ab67fda..4a666040c8 100644 --- a/crypto/rand/drbg_lib.c +++ b/crypto/rand/drbg_lib.c @@ -415,15 +415,6 @@ int RAND_DRBG_instantiate(RAND_DRBG *drbg, drbg->cleanup_entropy(drbg, entropy, entropylen); if (nonce != NULL && drbg->cleanup_nonce != NULL) drbg->cleanup_nonce(drbg, nonce, noncelen); - if (drbg->pool != NULL) { - if (drbg->state == DRBG_READY) { - RANDerr(RAND_F_RAND_DRBG_INSTANTIATE, - RAND_R_ERROR_ENTROPY_POOL_WAS_IGNORED); - drbg->state = DRBG_ERROR; - } - rand_pool_free(drbg->pool); - drbg->pool = NULL; - } if (drbg->state == DRBG_READY) return 1; return 0; @@ -630,14 +621,8 @@ int rand_drbg_restart(RAND_DRBG *drbg, } } - /* check whether a given entropy pool was cleared properly during reseed */ - if (drbg->pool != NULL) { - drbg->state = DRBG_ERROR; - RANDerr(RAND_F_RAND_DRBG_RESTART, ERR_R_INTERNAL_ERROR); - rand_pool_free(drbg->pool); - drbg->pool = NULL; - return 0; - } + rand_pool_free(drbg->pool); + drbg->pool = NULL; return drbg->state == DRBG_READY; } diff --git a/crypto/rand/rand_lib.c b/crypto/rand/rand_lib.c index 440c19c287..555fea36d0 100644 --- a/crypto/rand/rand_lib.c +++ b/crypto/rand/rand_lib.c @@ -204,11 +204,8 @@ size_t rand_drbg_get_entropy(RAND_DRBG *drbg, } err: - /* we need to reset drbg->pool in the error case */ - if (ret == 0 && drbg->pool != NULL) - drbg->pool = NULL; - - rand_pool_free(pool); + if (drbg->pool == NULL) + rand_pool_free(pool); return ret; } @@ -221,8 +218,6 @@ void rand_drbg_cleanup_entropy(RAND_DRBG *drbg, { if (drbg->pool == NULL) OPENSSL_secure_clear_free(out, outlen); - else - drbg->pool = NULL; } @@ -547,6 +542,8 @@ unsigned char *rand_pool_detach(RAND_POOL *pool) { unsigned char *ret = pool->buffer; pool->buffer = NULL; + pool->len = 0; + pool->entropy = 0; return ret; } |