Allocate DRBG additional data pool from non-secure memory

The additional data allocates 12K per DRBG instance in the secure memory, which is not necessary. Also nonces are not considered secret. [extended tests] Reviewed-by: Matthias St. Pierre <Matthias.St.Pierre@ncp-e.com> Reviewed-by: Paul Dale <paul.dale@oracle.com> (Merged from https://github.com/openssl/openssl/pull/9423)
author: Bernd Edlinger <bernd.edlinger@hotmail.de> 2019-07-20 11:22:46 +0200
committer: Bernd Edlinger <bernd.edlinger@hotmail.de> 2019-07-22 13:37:13 +0200
commit: 1372560f64c9a7cfad1979fa8c41bee335a04373 (patch)
tree: 0e36898357cc623e3d0904921d091ba2c4b38ff8 /crypto/rand/rand_lcl.h
parent: x509: publish X509_PUBKEY_dup (diff)
download: openssl-1372560f64c9a7cfad1979fa8c41bee335a04373.tar.xz
openssl-1372560f64c9a7cfad1979fa8c41bee335a04373.zip
1 files changed, 1 insertions, 0 deletions
diff --git a/crypto/rand/rand_lcl.h b/crypto/rand/rand_lcl.h
index 416237ace7..1a77c89a55 100644
--- a/crypto/rand/rand_lcl.h
+++ b/crypto/rand/rand_lcl.h
@@ -180,6 +180,7 @@ struct rand_pool_st {
     size_t len; /* current number of random bytes contained in the pool */
 
     int attached;  /* true pool was attached to existing buffer */
+    int secure;    /* 1: allocated on the secure heap, 0: otherwise */
 
     size_t min_len; /* minimum number of random bytes requested */
     size_t max_len; /* maximum number of random bytes (allocated buffer size) */
author	Bernd Edlinger <bernd.edlinger@hotmail.de>	2019-07-20 11:22:46 +0200
committer	Bernd Edlinger <bernd.edlinger@hotmail.de>	2019-07-22 13:37:13 +0200
commit	1372560f64c9a7cfad1979fa8c41bee335a04373 (patch)
tree	0e36898357cc623e3d0904921d091ba2c4b38ff8 /crypto/rand/rand_lcl.h
parent	x509: publish X509_PUBKEY_dup (diff)
download	openssl-1372560f64c9a7cfad1979fa8c41bee335a04373.tar.xz openssl-1372560f64c9a7cfad1979fa8c41bee335a04373.zip