Skip to content

T
Third Party Openssl

OpenHarmony / Third Party Openssl
接近 2 年 前同步成功

通知 12
Star 18
Fork 1
T
Third Party Openssl
提交 4c75ee85 编写于 作者: R Rich Salz
浏览文件
操作

Add range-checking to RAND_DRBG_set_reseed_interval 

As suggested by Kurt.
Reviewed-by: NBernd Edlinger <bernd.edlinger@hotmail.de>
(Merged from https://github.com/openssl/openssl/pull/3970)
上级 d76f646a
隐藏空白更改
内联 并排
Showing with 10 addition and 4 deletion
crypto/rand/drbg_lib.c
浏览文件 @ 4c75ee85
...@@ -328,11 +328,14 @@ int RAND_DRBG_set_callbacks(DRBG_CTX *dctx, ...@@ -328,11 +328,14 @@ int RAND_DRBG_set_callbacks(DRBG_CTX *dctx,
} }
/* /*
* Set the reseed internal. Used mainly for the KATs. * Set the reseed interval. Used mainly for the KATs.
*/ */
void RAND_DRBG_set_reseed_interval(DRBG_CTX *dctx, int interval) int RAND_DRBG_set_reseed_interval(DRBG_CTX *dctx, int interval)
{ {
if (interval < 0 || interval > MAX_RESEED)
return 0;
dctx->reseed_interval = interval; dctx->reseed_interval = interval;
return 1;
} }
/* /*
......
crypto/rand/drbg_rand.c
浏览文件 @ 4c75ee85
...@@ -372,7 +372,7 @@ int ctr_init(DRBG_CTX *dctx) ...@@ -372,7 +372,7 @@ int ctr_init(DRBG_CTX *dctx)
} }
dctx->max_request = 1 << 16; dctx->max_request = 1 << 16;
dctx->reseed_interval = 1 << 24; dctx->reseed_interval = MAX_RESEED;
return 1; return 1;
} }
......
crypto/rand/rand_lcl.h
浏览文件 @ 4c75ee85
...@@ -20,6 +20,9 @@ ...@@ -20,6 +20,9 @@
/* we require 256 bits of randomness */ /* we require 256 bits of randomness */
# define RANDOMNESS_NEEDED (256 / 8) # define RANDOMNESS_NEEDED (256 / 8)
/* Maximum count allowed in reseeding */
#define MAX_RESEED (1 << 24)
/* DRBG status values */ /* DRBG status values */
#define DRBG_STATUS_UNINITIALISED 0 #define DRBG_STATUS_UNINITIALISED 0
#define DRBG_STATUS_READY 1 #define DRBG_STATUS_READY 1
......
include/internal/rand.h
浏览文件 @ 4c75ee85
...@@ -35,7 +35,7 @@ int RAND_DRBG_set_callbacks(DRBG_CTX *dctx, ...@@ -35,7 +35,7 @@ int RAND_DRBG_set_callbacks(DRBG_CTX *dctx,
void (*cleanup_nonce)(DRBG_CTX *ctx, unsigned char *out, size_t olen) void (*cleanup_nonce)(DRBG_CTX *ctx, unsigned char *out, size_t olen)
); );
void RAND_DRBG_set_reseed_interval(DRBG_CTX *dctx, int interval); int RAND_DRBG_set_reseed_interval(DRBG_CTX *dctx, int interval);
#define RAND_DRBG_get_ex_new_index(l, p, newf, dupf, freef) \ #define RAND_DRBG_get_ex_new_index(l, p, newf, dupf, freef) \
CRYPTO_get_ex_new_index(CRYPTO_EX_INDEX_DRBG, l, p, newf, dupf, freef) CRYPTO_get_ex_new_index(CRYPTO_EX_INDEX_DRBG, l, p, newf, dupf, freef)
......
Markdown is supported
0% .
You are about to add 0 people to the discussion. Proceed with caution.
先完成此消息的编辑!
想要评论请 注册