Browse Source

Check that the DRBG's internal state has been zeroized after uninstantiation

Reviewed-by: Paul Dale <paul.dale@oracle.com>
(Merged from https://github.com/openssl/openssl/pull/11111)
master
Dr. Matthias St. Pierre 2 years ago
parent
commit
e70452155e
1 changed files with 5 additions and 13 deletions
  1. +5
    -13
      providers/fips/self_test_kats.c

+ 5
- 13
providers/fips/self_test_kats.c View File

@ -234,6 +234,7 @@ static int self_test_drbg(const ST_KAT_DRBG *t, OSSL_ST_EVENT *event,
OSSL_PARAM drbg_params[3] = {
OSSL_PARAM_END, OSSL_PARAM_END, OSSL_PARAM_END
};
static const unsigned char zero[sizeof(drbg->data)] = { 0 };
SELF_TEST_EVENT_onbegin(event, OSSL_SELF_TEST_TYPE_DRBG, t->desc);
@ -287,20 +288,11 @@ static int self_test_drbg(const ST_KAT_DRBG *t, OSSL_ST_EVENT *event,
if (!RAND_DRBG_uninstantiate(drbg))
goto err;
/*
* TODO(3.0) : Check that the DRBG data has been zeroed after
* RAND_DRBG_uninstantiate. Its a bit hard currently to do this when
* the drbg->data is reinitialized by this call..
* Check that the DRBG data has been zeroized after RAND_DRBG_uninstantiate.
*/
#if 0
{
size_t i, sz = sizeof(drbg->data);
unsigned char *p = (unsigned char *)&drbg->data;
for (i = 0; i < sz; ++i)
if (*p++ != 0)
goto err;
}
#endif
if (memcmp((unsigned char *)&drbg->data, zero, sizeof(drbg->data)) != 0)
goto err;
ret = 1;
err:
RAND_DRBG_free(drbg);


Loading…
Cancel
Save