From a27cb956c02220c502449176a8834b1d9643ac23 Mon Sep 17 00:00:00 2001 From: "Dr. Matthias St. Pierre" Date: Mon, 20 Jul 2020 23:21:37 +0200 Subject: [PATCH] Fix: uninstantiation breaks the RAND_DRBG callback mechanism The RAND_DRBG callbacks are wrappers around the EVP_RAND callbacks. During uninstantiation, the EVP_RAND callbacks got lost while the RAND_DRBG callbacks remained, because RAND_DRBG_uninstantiate() calls RAND_DRBG_set(), which recreates the EVP_RAND object. This was causing drbgtest failures. This commit fixes the problem by adding code to RAND_DRBG_set() for saving and restoring the EVP_RAND callbacks. Reviewed-by: Paul Dale (Merged from https://github.com/openssl/openssl/pull/11195) --- crypto/rand/drbg_lib.c | 13 +++++++++++++ 1 file changed, 13 insertions(+) diff --git a/crypto/rand/drbg_lib.c b/crypto/rand/drbg_lib.c index 4b5d832df2..d2566920cd 100644 --- a/crypto/rand/drbg_lib.c +++ b/crypto/rand/drbg_lib.c @@ -296,6 +296,11 @@ int RAND_DRBG_set(RAND_DRBG *drbg, int type, unsigned int flags) EVP_RAND_CTX *pctx; int use_df; + RAND_DRBG_get_entropy_fn get_entropy = drbg->get_entropy; + RAND_DRBG_cleanup_entropy_fn cleanup_entropy = drbg->cleanup_entropy; + RAND_DRBG_get_nonce_fn get_nonce = drbg->get_nonce; + RAND_DRBG_cleanup_nonce_fn cleanup_nonce = drbg->cleanup_nonce; + if (type == 0 && flags == 0) { type = rand_drbg_type[RAND_DRBG_TYPE_PRIMARY]; flags = rand_drbg_flags[RAND_DRBG_TYPE_PRIMARY]; @@ -344,6 +349,14 @@ int RAND_DRBG_set(RAND_DRBG *drbg, int type, unsigned int flags) RANDerr(0, RAND_R_ERROR_INITIALISING_DRBG); goto err; } + + if (!RAND_DRBG_set_callbacks(drbg, + get_entropy, cleanup_entropy, + get_nonce, cleanup_nonce)) { + RANDerr(0, RAND_R_ERROR_INITIALISING_DRBG); + goto err; + } + return 1; err: EVP_RAND_CTX_free(drbg->rand); -- GitLab