Only zeroise sensitive parts of DRBG context, so the type and flags

[oweals/openssl.git] / fips / rand / fips_drbg_lib.c

diff --git a/fips/rand/fips_drbg_lib.c b/fips/rand/fips_drbg_lib.c
index 61caca79e601be38831c542c10e43d1cb753426e..5564538540ef6d324896831b1b9cb50dfaa64a11 100644 (file)
--- a/fips/rand/fips_drbg_lib.c
+++ b/fips/rand/fips_drbg_lib.c
@@ -114,7 +114,7 @@ void FIPS_drbg_free(DRBG_CTX *dctx)
        {
        if (dctx->uninstantiate)
                dctx->uninstantiate(dctx);
-       OPENSSL_cleanse(dctx, sizeof(DRBG_CTX));
+       OPENSSL_cleanse(&dctx->d, sizeof(dctx->d));
        OPENSSL_free(dctx);
        }
 
@@ -403,7 +403,8 @@ int FIPS_drbg_uninstantiate(DRBG_CTX *dctx)
        /* Although we'd like to cleanse here we can't because we have to
         * test the uninstantiate really zeroes the data.
         */
-       memset(dctx, 0, sizeof(DRBG_CTX));
+       memset(&dctx->d, 0, sizeof(dctx->d));
+       dctx->status = DRBG_STATUS_UNINITIALISED;
        /* If method has problems uninstantiating, return error */
        return rv;
        }
@@ -425,6 +426,22 @@ int FIPS_drbg_set_callbacks(DRBG_CTX *dctx,
        return 1;
        }
 
+int FIPS_drbg_set_rand_callbacks(DRBG_CTX *dctx,
+       size_t (*get_adin)(DRBG_CTX *ctx, unsigned char **pout),
+       void (*cleanup_adin)(DRBG_CTX *ctx, unsigned char *out, size_t olen),
+       int (*rand_seed_cb)(DRBG_CTX *ctx, const void *buf, int num),
+       int (*rand_add_cb)(DRBG_CTX *ctx,
+                               const void *buf, int num, double entropy))
+       {
+       if (dctx->status != DRBG_STATUS_UNINITIALISED)
+               return 0;
+       dctx->get_adin = get_adin;
+       dctx->cleanup_adin = cleanup_adin;
+       dctx->rand_seed_cb = rand_seed_cb;
+       dctx->rand_add_cb = rand_add_cb;
+       return 1;
+       }
+
 void *FIPS_drbg_get_app_data(DRBG_CTX *dctx)
        {
        return dctx->app_data;