@@ -15723,13 +15723,22 @@ int wolfSSL_RAND_write_file(const char* fname)
1572315723 return 0;
1572415724 }
1572515725
15726+ if (wc_LockMutex(&globalRNGMutex) != 0) {
15727+ WOLFSSL_MSG("Bad Lock Mutex rng");
15728+ WC_FREE_VAR_EX(buf, NULL, DYNAMIC_TYPE_TMP_BUFFER);
15729+ return 0;
15730+ }
15731+
1572615732 if (wc_RNG_GenerateBlock(&globalRNG, buf, (word32)bytes) != 0) {
15733+ wc_UnLockMutex(&globalRNGMutex);
1572715734 WOLFSSL_MSG("Error generating random buffer");
1572815735 bytes = 0;
1572915736 }
1573015737 else {
1573115738 XFILE f;
1573215739
15740+ wc_UnLockMutex(&globalRNGMutex);
15741+
1573315742 #ifdef WOLFSSL_CHECK_MEM_ZERO
1573415743 wc_MemZero_Add("wolfSSL_RAND_write_file buf", buf, bytes);
1573515744 #endif
@@ -15745,7 +15754,9 @@ int wolfSSL_RAND_write_file(const char* fname)
1574515754 XFCLOSE(f);
1574615755 }
1574715756 }
15748- ForceZero (buf , (word32 )bytes );
15757+ /* wipe the whole buffer, not just (word32)bytes: error paths set
15758+ * bytes = 0 but the buffer may still hold generated random data */
15759+ ForceZero(buf, 1024);
1574915760 #ifdef WOLFSSL_SMALL_STACK
1575015761 XFREE(buf, NULL, DYNAMIC_TYPE_TMP_BUFFER);
1575115762 #elif defined(WOLFSSL_CHECK_MEM_ZERO)
@@ -15879,21 +15890,30 @@ int wolfSSL_RAND_egd(const char* nm)
1587915890 WOLFSSL_MSG("Error with initializing global RNG structure");
1588015891 ret = WOLFSSL_FATAL_ERROR;
1588115892 }
15882- else if (wc_RNG_DRBG_Reseed (& globalRNG , (const byte * ) buf , bytes )
15883- != 0 ) {
15884- WOLFSSL_MSG ("Error with reseeding DRBG structure" );
15893+ else if (wc_LockMutex(&globalRNGMutex) != 0) {
15894+ WOLFSSL_MSG("Bad Lock Mutex rng");
1588515895 ret = WOLFSSL_FATAL_ERROR;
1588615896 }
15887- #ifdef SHOW_SECRETS
15888- else { /* print out entropy found only when no error occurred */
15889- word32 i ;
15890- printf ("EGD Entropy = " );
15891- for (i = 0 ; i < bytes ; i ++ ) {
15892- printf ("%02X" , buf [i ]);
15897+ else {
15898+ if (wc_RNG_DRBG_Reseed(&globalRNG, (const byte*) buf, bytes)
15899+ != 0) {
15900+ WOLFSSL_MSG("Error with reseeding DRBG structure");
15901+ ret = WOLFSSL_FATAL_ERROR;
15902+ }
15903+ wc_UnLockMutex(&globalRNGMutex);
15904+
15905+ #ifdef SHOW_SECRETS
15906+ /* print out entropy found only when no error occurred */
15907+ if (ret == WOLFSSL_SUCCESS) {
15908+ word32 i;
15909+ printf("EGD Entropy = ");
15910+ for (i = 0; i < bytes; i++) {
15911+ printf("%02X", buf[i]);
15912+ }
15913+ printf("\n");
1589315914 }
15894- printf ( "\n" );
15915+ #endif
1589515916 }
15896- #endif
1589715917 }
1589815918
1589915919 ForceZero(buf, bytes);
@@ -16121,18 +16141,21 @@ int wolfSSL_RAND_poll(void)
1612116141 WOLFSSL_MSG("Global RNG no Init");
1612216142 return WOLFSSL_FAILURE;
1612316143 }
16144+
16145+ /* lock intentionally covers wc_GenerateSeed as well, since it writes
16146+ * globalRNG.seed; do not narrow this scope or the seed write races */
16147+ if (wc_LockMutex(&globalRNGMutex) != 0) {
16148+ WOLFSSL_MSG("Bad Lock Mutex rng");
16149+ return WOLFSSL_FAILURE;
16150+ }
16151+
1612416152 ret = wc_GenerateSeed(&globalRNG.seed, entropy, entropy_sz);
1612516153 if (ret != 0) {
16126- WOLFSSL_MSG ("Bad wc_RNG_GenerateBlock " );
16154+ WOLFSSL_MSG("Bad wc_GenerateSeed ");
1612716155 ret = WOLFSSL_FAILURE;
1612816156 }
1612916157 else {
1613016158#ifdef HAVE_HASHDRBG
16131- if (wc_LockMutex (& globalRNGMutex ) != 0 ) {
16132- WOLFSSL_MSG ("Bad Lock Mutex rng" );
16133- return ret ;
16134- }
16135-
1613616159 ret = wc_RNG_DRBG_Reseed(&globalRNG, entropy, entropy_sz);
1613716160 if (ret != 0) {
1613816161 WOLFSSL_MSG("Error reseeding DRBG");
@@ -16141,7 +16164,6 @@ int wolfSSL_RAND_poll(void)
1614116164 else {
1614216165 ret = WOLFSSL_SUCCESS;
1614316166 }
16144- wc_UnLockMutex (& globalRNGMutex );
1614516167#elif defined(HAVE_INTEL_RDRAND)
1614616168 WOLFSSL_MSG("Not polling with RAND_poll, RDRAND used without "
1614716169 "HAVE_HASHDRBG");
@@ -16152,6 +16174,8 @@ int wolfSSL_RAND_poll(void)
1615216174#endif
1615316175 }
1615416176
16177+ wc_UnLockMutex(&globalRNGMutex);
16178+
1615516179 return ret;
1615616180}
1615716181
0 commit comments