diff options
author | Matthias St. Pierre <matthias.st.pierre@ncp-e.com> | 2023-10-16 23:48:03 +0200 |
---|---|---|
committer | Matt Caswell <matt@openssl.org> | 2023-10-20 09:48:34 +0100 |
commit | 5516d20226c496c2b22fa741698b4d48dad0428f (patch) | |
tree | d257c2536b7eb711cdc47fbd9d0495507bdde172 /providers/common | |
parent | 098f27f9ef8be2a418f76896ee3c824e8709fcf7 (diff) | |
download | openssl-5516d20226c496c2b22fa741698b4d48dad0428f.tar.gz |
rand: add callbacks to cleanup the user entropy resp. nonce
The `get_user_{entropy,nonce}` callbacks were add recently to the
dispatch table in commit 4cde7585ce8e. Instead of adding corresponding
`cleanup_user_{entropy,nonce}` callbacks, the `cleanup_{entropy,nonce}`
callbacks were reused. This can cause a problem in the case where the
seed source is replaced by a provider: the buffer gets allocated by
the provider but cleared by the core.
Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/22423)
Diffstat (limited to 'providers/common')
-rw-r--r-- | providers/common/provider_seeding.c | 24 |
1 files changed, 20 insertions, 4 deletions
diff --git a/providers/common/provider_seeding.c b/providers/common/provider_seeding.c index c7b2ea6da6..544344f30a 100644 --- a/providers/common/provider_seeding.c +++ b/providers/common/provider_seeding.c @@ -14,9 +14,11 @@ static OSSL_FUNC_get_entropy_fn *c_get_entropy = NULL; static OSSL_FUNC_get_user_entropy_fn *c_get_user_entropy = NULL; static OSSL_FUNC_cleanup_entropy_fn *c_cleanup_entropy = NULL; +static OSSL_FUNC_cleanup_user_entropy_fn *c_cleanup_user_entropy = NULL; static OSSL_FUNC_get_nonce_fn *c_get_nonce = NULL; static OSSL_FUNC_get_user_nonce_fn *c_get_user_nonce = NULL; static OSSL_FUNC_cleanup_nonce_fn *c_cleanup_nonce = NULL; +static OSSL_FUNC_cleanup_user_nonce_fn *c_cleanup_user_nonce = NULL; #ifdef FIPS_MODULE /* @@ -56,6 +58,9 @@ int ossl_prov_seeding_from_dispatch(const OSSL_DISPATCH *fns) case OSSL_FUNC_CLEANUP_ENTROPY: set_func(c_cleanup_entropy, OSSL_FUNC_cleanup_entropy(fns)); break; + case OSSL_FUNC_CLEANUP_USER_ENTROPY: + set_func(c_cleanup_user_entropy, OSSL_FUNC_cleanup_user_entropy(fns)); + break; case OSSL_FUNC_GET_NONCE: set_func(c_get_nonce, OSSL_FUNC_get_nonce(fns)); break; @@ -65,6 +70,9 @@ int ossl_prov_seeding_from_dispatch(const OSSL_DISPATCH *fns) case OSSL_FUNC_CLEANUP_NONCE: set_func(c_cleanup_nonce, OSSL_FUNC_cleanup_nonce(fns)); break; + case OSSL_FUNC_CLEANUP_USER_NONCE: + set_func(c_cleanup_user_nonce, OSSL_FUNC_cleanup_user_nonce(fns)); + break; } #undef set_func } @@ -86,8 +94,12 @@ size_t ossl_prov_get_entropy(PROV_CTX *prov_ctx, unsigned char **pout, void ossl_prov_cleanup_entropy(PROV_CTX *prov_ctx, unsigned char *buf, size_t len) { - if (c_cleanup_entropy != NULL) - c_cleanup_entropy(CORE_HANDLE(prov_ctx), buf, len); + const OSSL_CORE_HANDLE *handle = CORE_HANDLE(prov_ctx); + + if (c_cleanup_user_entropy != NULL) + c_cleanup_user_entropy(handle, buf, len); + else if (c_cleanup_entropy != NULL) + c_cleanup_entropy(handle, buf, len); } size_t ossl_prov_get_nonce(PROV_CTX *prov_ctx, unsigned char **pout, @@ -105,6 +117,10 @@ size_t ossl_prov_get_nonce(PROV_CTX *prov_ctx, unsigned char **pout, void ossl_prov_cleanup_nonce(PROV_CTX *prov_ctx, unsigned char *buf, size_t len) { - if (c_cleanup_nonce != NULL) - c_cleanup_nonce(CORE_HANDLE(prov_ctx), buf, len); + const OSSL_CORE_HANDLE *handle = CORE_HANDLE(prov_ctx); + + if (c_cleanup_user_nonce != NULL) + c_cleanup_user_nonce(handle, buf, len); + else if (c_cleanup_nonce != NULL) + c_cleanup_nonce(handle, buf, len); } |