diff options
author | Dr. Matthias St. Pierre <Matthias.St.Pierre@ncp-e.com> | 2017-08-25 23:26:53 +0200 |
---|---|---|
committer | Rich Salz <rsalz@openssl.org> | 2017-08-28 08:58:50 -0400 |
commit | 6969a3f49ae63c8a4fd543a121511a1f0eb64a5e (patch) | |
tree | 393a17111adc9be58b266cedc9ee9bbf87efdd99 /include | |
parent | 4871fa49cdd0d4473b6a815fc01fbde3e6ced339 (diff) |
DRBG: Remove 'randomness' buffer from 'RAND_DRBG'
The DRBG callbacks 'get_entropy()' and 'cleanup_entropy()' are designed
in such a way that the randomness buffer does not have to be allocated
by the calling function. It receives the address of a dynamically
allocated buffer from get_entropy() and returns this address to
cleanup_entropy(), where it is freed. If these two calls are properly
paired, the address can be stored in a stack local variable of the
calling function, so there is no need for having a 'randomness' member
(and a 'filled' member) in 'RAND_DRBG'.
Reviewed-by: Paul Dale <paul.dale@oracle.com>
Reviewed-by: Rich Salz <rsalz@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/4266)
Diffstat (limited to 'include')
-rw-r--r-- | include/internal/rand.h | 5 |
1 files changed, 3 insertions, 2 deletions
diff --git a/include/internal/rand.h b/include/internal/rand.h index 4e30e38aa1..444c806475 100644 --- a/include/internal/rand.h +++ b/include/internal/rand.h @@ -50,11 +50,12 @@ typedef size_t (*RAND_DRBG_get_entropy_fn)(RAND_DRBG *ctx, int entropy, size_t min_len, size_t max_len); typedef void (*RAND_DRBG_cleanup_entropy_fn)(RAND_DRBG *ctx, - unsigned char *out); + unsigned char *out, size_t outlen); typedef size_t (*RAND_DRBG_get_nonce_fn)(RAND_DRBG *ctx, unsigned char **pout, int entropy, size_t min_len, size_t max_len); -typedef void (*RAND_DRBG_cleanup_nonce_fn)(RAND_DRBG *ctx, unsigned char *out); +typedef void (*RAND_DRBG_cleanup_nonce_fn)(RAND_DRBG *ctx, + unsigned char *out, size_t outlen); int RAND_DRBG_set_callbacks(RAND_DRBG *dctx, RAND_DRBG_get_entropy_fn get_entropy, |