random-drbg: do not use calloc for zero ctr
authorJussi Kivilinna <jussi.kivilinna@iki.fi>
Sun, 24 Mar 2019 08:23:34 +0000 (10:23 +0200)
committerJussi Kivilinna <jussi.kivilinna@iki.fi>
Sun, 24 Mar 2019 08:23:34 +0000 (10:23 +0200)
* random/random-drbg.c (DRBG_CTR_NULL_LEN): Move to 'constants'
section.
(drbg_state_s): Remove 'ctr_null' member.
(drbg_ctr_generate): Add 'drbg_ctr_null'.
(drbg_sym_fini, drbg_sym_init): Remove 'drbg->ctr_null' usage.
--

GnuPG-bug-id: 3878
Signed-off-by: Jussi Kivilinna <jussi.kivilinna@iki.fi>
random/random-drbg.c

index 7f66997..e0b4230 100644 (file)
 #define DRBG_DEFAULT_TYPE    DRBG_NOPR_HMACSHA256
 
 
+#define DRBG_CTR_NULL_LEN 128
+
 \f
 /******************************************************************
  * Common data structures
@@ -313,8 +315,6 @@ struct drbg_state_s
                                 * operation -- allocated during init */
   void *priv_data;             /* Cipher handle */
   gcry_cipher_hd_t ctr_handle; /* CTR mode cipher handle */
-#define DRBG_CTR_NULL_LEN 128
-  unsigned char *ctr_null;     /* CTR mode zero buffer */
   int seeded:1;                        /* DRBG fully seeded? */
   int pr:1;                    /* Prediction resistance enabled? */
   /* Taken from libgcrypt ANSI X9.31 DRNG: We need to keep track of the
@@ -951,6 +951,7 @@ drbg_ctr_generate (drbg_state_t drbg,
                    unsigned char *buf, unsigned int buflen,
                    drbg_string_t *addtl)
 {
+  static const unsigned char drbg_ctr_null[DRBG_CTR_NULL_LEN] = { 0, };
   gpg_err_code_t ret = 0;
 
   memset (drbg->scratchpad, 0, drbg_blocklen (drbg));
@@ -965,7 +966,7 @@ drbg_ctr_generate (drbg_state_t drbg,
     }
 
   /* 10.2.1.5.2 step 4.1 */
-  ret = drbg_sym_ctr (drbg, drbg->ctr_null, DRBG_CTR_NULL_LEN, buf, buflen);
+  ret = drbg_sym_ctr (drbg, drbg_ctr_null, sizeof(drbg_ctr_null), buf, buflen);
   if (ret)
     goto out;
 
@@ -2582,8 +2583,6 @@ drbg_sym_fini (drbg_state_t drbg)
     _gcry_cipher_close (hd);
   if (drbg->ctr_handle)
     _gcry_cipher_close (drbg->ctr_handle);
-  if (drbg->ctr_null)
-    free(drbg->ctr_null);
 }
 
 static gpg_err_code_t
@@ -2592,10 +2591,6 @@ drbg_sym_init (drbg_state_t drbg)
   gcry_cipher_hd_t hd;
   gpg_error_t err;
 
-  drbg->ctr_null = calloc(1, DRBG_CTR_NULL_LEN);
-  if (!drbg->ctr_null)
-    return GPG_ERR_ENOMEM;
-
   err = _gcry_cipher_open (&hd, drbg->core->backend_cipher,
                           GCRY_CIPHER_MODE_ECB, 0);
   if (err)