aboutsummaryrefslogtreecommitdiffstats
path: root/crypto/drbg.c
diff options
context:
space:
mode:
Diffstat (limited to 'crypto/drbg.c')
-rw-r--r--crypto/drbg.c34
1 files changed, 13 insertions, 21 deletions
diff --git a/crypto/drbg.c b/crypto/drbg.c
index d748a1d..d8ff16e 100644
--- a/crypto/drbg.c
+++ b/crypto/drbg.c
@@ -98,7 +98,6 @@
*/
#include <crypto/drbg.h>
-#include <linux/string.h>
/***************************************************************
* Backend cipher definitions available to DRBG
@@ -223,15 +222,6 @@ static inline unsigned short drbg_sec_strength(drbg_flag_t flags)
* function. Thus, the function implicitly knows the size of the
* buffer.
*
- * The FIPS test can be called in an endless loop until it returns
- * true. Although the code looks like a potential for a deadlock, it
- * is not the case, because returning a false cannot mathematically
- * occur (except once when a reseed took place and the updated state
- * would is now set up such that the generation of new value returns
- * an identical one -- this is most unlikely and would happen only once).
- * Thus, if this function repeatedly returns false and thus would cause
- * a deadlock, the integrity of the entire kernel is lost.
- *
* @drbg DRBG handle
* @buf output buffer of random data to be checked
*
@@ -258,6 +248,8 @@ static bool drbg_fips_continuous_test(struct drbg_state *drbg,
return false;
}
ret = memcmp(drbg->prev, buf, drbg_blocklen(drbg));
+ if (!ret)
+ panic("DRBG continuous self test failed\n");
memcpy(drbg->prev, buf, drbg_blocklen(drbg));
/* the test shall pass when the two compared values are not equal */
return ret != 0;
@@ -498,9 +490,9 @@ static int drbg_ctr_df(struct drbg_state *drbg,
ret = 0;
out:
- memzero_explicit(iv, drbg_blocklen(drbg));
- memzero_explicit(temp, drbg_statelen(drbg));
- memzero_explicit(pad, drbg_blocklen(drbg));
+ memset(iv, 0, drbg_blocklen(drbg));
+ memset(temp, 0, drbg_statelen(drbg));
+ memset(pad, 0, drbg_blocklen(drbg));
return ret;
}
@@ -574,9 +566,9 @@ static int drbg_ctr_update(struct drbg_state *drbg, struct list_head *seed,
ret = 0;
out:
- memzero_explicit(temp, drbg_statelen(drbg) + drbg_blocklen(drbg));
+ memset(temp, 0, drbg_statelen(drbg) + drbg_blocklen(drbg));
if (2 != reseed)
- memzero_explicit(df_data, drbg_statelen(drbg));
+ memset(df_data, 0, drbg_statelen(drbg));
return ret;
}
@@ -634,7 +626,7 @@ static int drbg_ctr_generate(struct drbg_state *drbg,
len = ret;
out:
- memzero_explicit(drbg->scratchpad, drbg_blocklen(drbg));
+ memset(drbg->scratchpad, 0, drbg_blocklen(drbg));
return len;
}
@@ -872,7 +864,7 @@ static int drbg_hash_df(struct drbg_state *drbg,
}
out:
- memzero_explicit(tmp, drbg_blocklen(drbg));
+ memset(tmp, 0, drbg_blocklen(drbg));
return ret;
}
@@ -916,7 +908,7 @@ static int drbg_hash_update(struct drbg_state *drbg, struct list_head *seed,
ret = drbg_hash_df(drbg, drbg->C, drbg_statelen(drbg), &datalist2);
out:
- memzero_explicit(drbg->scratchpad, drbg_statelen(drbg));
+ memset(drbg->scratchpad, 0, drbg_statelen(drbg));
return ret;
}
@@ -951,7 +943,7 @@ static int drbg_hash_process_addtl(struct drbg_state *drbg,
drbg->scratchpad, drbg_blocklen(drbg));
out:
- memzero_explicit(drbg->scratchpad, drbg_blocklen(drbg));
+ memset(drbg->scratchpad, 0, drbg_blocklen(drbg));
return ret;
}
@@ -998,7 +990,7 @@ static int drbg_hash_hashgen(struct drbg_state *drbg,
}
out:
- memzero_explicit(drbg->scratchpad,
+ memset(drbg->scratchpad, 0,
(drbg_statelen(drbg) + drbg_blocklen(drbg)));
return len;
}
@@ -1047,7 +1039,7 @@ static int drbg_hash_generate(struct drbg_state *drbg,
drbg_add_buf(drbg->V, drbg_statelen(drbg), u.req, 8);
out:
- memzero_explicit(drbg->scratchpad, drbg_blocklen(drbg));
+ memset(drbg->scratchpad, 0, drbg_blocklen(drbg));
return len;
}

Privacy Policy