random: Not use secure memory for DRBG instance.

* random/random-drbg.c (drbg_instance): New at BSS. (_drbg_init_internal): Don't allocate at secure memory. (_gcry_rngdrbg_close_fds): Follow the change. -- GnuPG-bug-id: 5933 Signed-off-by: NIIBE Yutaka <gniibe@fsij.org>
author: NIIBE Yutaka <gniibe@fsij.org> 2022-04-21 10:18:03 +0900
committer: NIIBE Yutaka <gniibe@fsij.org> 2022-04-21 10:18:03 +0900
commit: f436bf4451cb2ad0a1f56aa843bf79a58878022f (patch)
tree: d9427955cec7eaacb27f8f11ca92d8a8586bd48f /random
parent: cd30ed3c0d715aa0c58a32a29cfb1476163a5b94 (diff)
download: libgcrypt-f436bf4451cb2ad0a1f56aa843bf79a58878022f.tar.gz
1 files changed, 4 insertions, 4 deletions
diff --git a/random/random-drbg.c b/random/random-drbg.c
index 5a46fd92..f1cfe286 100644
--- a/random/random-drbg.c
+++ b/random/random-drbg.c
@@ -341,6 +341,9 @@ enum drbg_prefixes
  * Global variables
  ***************************************************************/
 
+/* The instance of the DRBG, to be refereed by drbg_state.  */
+static struct drbg_state_s drbg_instance;
+
 /* Global state variable holding the current instance of the DRBG.  */
 static drbg_state_t drbg_state;
 
@@ -1783,9 +1786,7 @@ _drbg_init_internal (u32 flags, drbg_string_t *pers)
     }
   else
     {
-      drbg_state = xtrycalloc_secure (1, sizeof *drbg_state);
-      if (!drbg_state)
-	return gpg_err_code_from_syserror ();
+      drbg_state = &drbg_instance;
     }
   if (flags & DRBG_PREDICTION_RESIST)
     pr = 1;
@@ -1879,7 +1880,6 @@ _gcry_rngdrbg_close_fds (void)
   if (drbg_state)
     {
       drbg_uninstantiate (drbg_state);
-      xfree (drbg_state);
       drbg_state = NULL;
     }
   drbg_unlock ();
author	NIIBE Yutaka <gniibe@fsij.org>	2022-04-21 10:18:03 +0900
committer	NIIBE Yutaka <gniibe@fsij.org>	2022-04-21 10:18:03 +0900
commit	f436bf4451cb2ad0a1f56aa843bf79a58878022f (patch)
tree	d9427955cec7eaacb27f8f11ca92d8a8586bd48f /random
parent	cd30ed3c0d715aa0c58a32a29cfb1476163a5b94 (diff)
download	libgcrypt-f436bf4451cb2ad0a1f56aa843bf79a58878022f.tar.gz