[openssl/openssl] 16d9c8: rand: add callbacks to cleanup the user entropy re...

Matthias St. Pierre noreply at github.com
Fri Oct 20 08:58:15 UTC 2023


  Branch: refs/heads/openssl-3.1
  Home:   https://github.com/openssl/openssl
  Commit: 16d9c8ae645e0ae439a5a49431b2c3b415bab7c9
      https://github.com/openssl/openssl/commit/16d9c8ae645e0ae439a5a49431b2c3b415bab7c9
  Author: Matthias St. Pierre <matthias.st.pierre at ncp-e.com>
  Date:   2023-10-20 (Fri, 20 Oct 2023)

  Changed paths:
    M crypto/provider_core.c
    M crypto/rand/prov_seed.c
    M doc/internal/man3/ossl_rand_get_entropy.pod
    M doc/man7/provider-base.pod
    M include/crypto/rand.h
    M include/openssl/core_dispatch.h
    M providers/common/provider_seeding.c

  Log Message:
  -----------
  rand: add callbacks to cleanup the user entropy resp. nonce

The `get_user_{entropy,nonce}` callbacks were add recently to the
dispatch table in commit 4cde7585ce8e. Instead of adding corresponding
`cleanup_user_{entropy,nonce}` callbacks, the `cleanup_{entropy,nonce}`
callbacks were reused. This can cause a problem in the case where the
seed source is replaced by a provider: the buffer gets allocated by
the provider but cleared by the core.

Reviewed-by: Tomas Mraz <tomas at openssl.org>
Reviewed-by: Matt Caswell <matt at openssl.org>
(Merged from https://github.com/openssl/openssl/pull/22423)

(cherry picked from commit 5516d20226c496c2b22fa741698b4d48dad0428f)




More information about the openssl-commits mailing list