diff options
| author | Matthias St. Pierre <matthias.st.pierre@ncp-e.com> | 2023-10-16 23:48:03 +0200 |
|---|---|---|
| committer | Matt Caswell <matt@openssl.org> | 2023-10-20 09:48:34 +0100 |
| commit | 5516d20226c496c2b22fa741698b4d48dad0428f (patch) | |
| tree | d257c2536b7eb711cdc47fbd9d0495507bdde172 /include | |
| parent | 098f27f9ef8be2a418f76896ee3c824e8709fcf7 (diff) | |
rand: add callbacks to cleanup the user entropy resp. nonce
The `get_user_{entropy,nonce}` callbacks were add recently to the
dispatch table in commit 4cde7585ce8e. Instead of adding corresponding
`cleanup_user_{entropy,nonce}` callbacks, the `cleanup_{entropy,nonce}`
callbacks were reused. This can cause a problem in the case where the
seed source is replaced by a provider: the buffer gets allocated by
the provider but cleared by the core.
Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/22423)
Diffstat (limited to 'include')
| -rw-r--r-- | include/crypto/rand.h | 4 | ||||
| -rw-r--r-- | include/openssl/core_dispatch.h | 6 |
2 files changed, 10 insertions, 0 deletions
diff --git a/include/crypto/rand.h b/include/crypto/rand.h index 5841cccaa6..215b3b7af3 100644 --- a/include/crypto/rand.h +++ b/include/crypto/rand.h @@ -116,6 +116,8 @@ size_t ossl_rand_get_user_entropy(OSSL_LIB_CTX *ctx, size_t min_len, size_t max_len); void ossl_rand_cleanup_entropy(OSSL_LIB_CTX *ctx, unsigned char *buf, size_t len); +void ossl_rand_cleanup_user_entropy(OSSL_LIB_CTX *ctx, + unsigned char *buf, size_t len); size_t ossl_rand_get_nonce(OSSL_LIB_CTX *ctx, unsigned char **pout, size_t min_len, size_t max_len, const void *salt, size_t salt_len); @@ -124,6 +126,8 @@ size_t ossl_rand_get_user_nonce(OSSL_LIB_CTX *ctx, unsigned char **pout, const void *salt, size_t salt_len); void ossl_rand_cleanup_nonce(OSSL_LIB_CTX *ctx, unsigned char *buf, size_t len); +void ossl_rand_cleanup_user_nonce(OSSL_LIB_CTX *ctx, + unsigned char *buf, size_t len); /* * Get seeding material from the operating system sources. diff --git a/include/openssl/core_dispatch.h b/include/openssl/core_dispatch.h index 6c952f18aa..9b03f20c3b 100644 --- a/include/openssl/core_dispatch.h +++ b/include/openssl/core_dispatch.h @@ -177,6 +177,8 @@ OSSL_CORE_MAKE_FUNC(int, BIO_ctrl, (OSSL_CORE_BIO *bio, int cmd, long num, void *ptr)) /* New seeding functions prototypes with the 101-104 series */ +#define OSSL_FUNC_CLEANUP_USER_ENTROPY 96 +#define OSSL_FUNC_CLEANUP_USER_NONCE 97 #define OSSL_FUNC_GET_USER_ENTROPY 98 #define OSSL_FUNC_GET_USER_NONCE 99 @@ -197,6 +199,8 @@ OSSL_CORE_MAKE_FUNC(size_t, get_user_entropy, (const OSSL_CORE_HANDLE *handle, size_t min_len, size_t max_len)) OSSL_CORE_MAKE_FUNC(void, cleanup_entropy, (const OSSL_CORE_HANDLE *handle, unsigned char *buf, size_t len)) +OSSL_CORE_MAKE_FUNC(void, cleanup_user_entropy, (const OSSL_CORE_HANDLE *handle, + unsigned char *buf, size_t len)) OSSL_CORE_MAKE_FUNC(size_t, get_nonce, (const OSSL_CORE_HANDLE *handle, unsigned char **pout, size_t min_len, size_t max_len, const void *salt, @@ -207,6 +211,8 @@ OSSL_CORE_MAKE_FUNC(size_t, get_user_nonce, (const OSSL_CORE_HANDLE *handle, size_t salt_len)) OSSL_CORE_MAKE_FUNC(void, cleanup_nonce, (const OSSL_CORE_HANDLE *handle, unsigned char *buf, size_t len)) +OSSL_CORE_MAKE_FUNC(void, cleanup_user_nonce, (const OSSL_CORE_HANDLE *handle, + unsigned char *buf, size_t len)) /* Functions to access the core's providers */ #define OSSL_FUNC_PROVIDER_REGISTER_CHILD_CB 105 |