diff options
author | Jussi Kivilinna <jussi.kivilinna@iki.fi> | 2019-03-24 10:23:34 +0200 |
---|---|---|
committer | Jussi Kivilinna <jussi.kivilinna@iki.fi> | 2019-03-24 10:23:34 +0200 |
commit | 5a20151213c2e496513c541c36e4ebd086b20be9 (patch) | |
tree | a284da33dcbfe241d1d78526409e4102205be588 /random/random-drbg.c | |
parent | 2445cf7431fab921f6c1870da7084ee698992064 (diff) | |
download | libgcrypt-5a20151213c2e496513c541c36e4ebd086b20be9.tar.gz |
random-drbg: do not use calloc for zero ctr
* random/random-drbg.c (DRBG_CTR_NULL_LEN): Move to 'constants'
section.
(drbg_state_s): Remove 'ctr_null' member.
(drbg_ctr_generate): Add 'drbg_ctr_null'.
(drbg_sym_fini, drbg_sym_init): Remove 'drbg->ctr_null' usage.
--
GnuPG-bug-id: 3878
Signed-off-by: Jussi Kivilinna <jussi.kivilinna@iki.fi>
Diffstat (limited to 'random/random-drbg.c')
-rw-r--r-- | random/random-drbg.c | 13 |
1 files changed, 4 insertions, 9 deletions
diff --git a/random/random-drbg.c b/random/random-drbg.c index 7f66997b..e0b4230e 100644 --- a/random/random-drbg.c +++ b/random/random-drbg.c @@ -235,6 +235,8 @@ #define DRBG_DEFAULT_TYPE DRBG_NOPR_HMACSHA256 +#define DRBG_CTR_NULL_LEN 128 + /****************************************************************** * Common data structures @@ -313,8 +315,6 @@ struct drbg_state_s * operation -- allocated during init */ void *priv_data; /* Cipher handle */ gcry_cipher_hd_t ctr_handle; /* CTR mode cipher handle */ -#define DRBG_CTR_NULL_LEN 128 - unsigned char *ctr_null; /* CTR mode zero buffer */ int seeded:1; /* DRBG fully seeded? */ int pr:1; /* Prediction resistance enabled? */ /* Taken from libgcrypt ANSI X9.31 DRNG: We need to keep track of the @@ -951,6 +951,7 @@ drbg_ctr_generate (drbg_state_t drbg, unsigned char *buf, unsigned int buflen, drbg_string_t *addtl) { + static const unsigned char drbg_ctr_null[DRBG_CTR_NULL_LEN] = { 0, }; gpg_err_code_t ret = 0; memset (drbg->scratchpad, 0, drbg_blocklen (drbg)); @@ -965,7 +966,7 @@ drbg_ctr_generate (drbg_state_t drbg, } /* 10.2.1.5.2 step 4.1 */ - ret = drbg_sym_ctr (drbg, drbg->ctr_null, DRBG_CTR_NULL_LEN, buf, buflen); + ret = drbg_sym_ctr (drbg, drbg_ctr_null, sizeof(drbg_ctr_null), buf, buflen); if (ret) goto out; @@ -2582,8 +2583,6 @@ drbg_sym_fini (drbg_state_t drbg) _gcry_cipher_close (hd); if (drbg->ctr_handle) _gcry_cipher_close (drbg->ctr_handle); - if (drbg->ctr_null) - free(drbg->ctr_null); } static gpg_err_code_t @@ -2592,10 +2591,6 @@ drbg_sym_init (drbg_state_t drbg) gcry_cipher_hd_t hd; gpg_error_t err; - drbg->ctr_null = calloc(1, DRBG_CTR_NULL_LEN); - if (!drbg->ctr_null) - return GPG_ERR_ENOMEM; - err = _gcry_cipher_open (&hd, drbg->core->backend_cipher, GCRY_CIPHER_MODE_ECB, 0); if (err) |