Commit fff0366b authored by Paul Bakker's avatar Paul Bakker
Browse files

Add ctr_drbg_free()

parent 14e8be4d
......@@ -130,6 +130,13 @@ int ctr_drbg_init( ctr_drbg_context *ctx,
const unsigned char *custom,
size_t len );
/**
* \brief Clear CTR_CRBG context data
*
* \param ctx CTR_DRBG context to clear
*/
void ctr_drbg_free( ctr_drbg_context *ctx );
/**
* \brief Enable / disable prediction resistance (Default: Off)
*
......
......@@ -48,6 +48,11 @@
#define polarssl_printf printf
#endif
/* Implementation that should never be optimized out by the compiler */
static void polarssl_zeroize( void *v, size_t n ) {
volatile unsigned char *p = v; while( n-- ) *p++ = 0;
}
/*
* Non-public function wrapped by ctr_crbg_init(). Necessary to allow NIST
* tests to succeed (which require known length fixed entropy)
......@@ -95,6 +100,15 @@ int ctr_drbg_init( ctr_drbg_context *ctx,
CTR_DRBG_ENTROPY_LEN ) );
}
void ctr_drbg_free( ctr_drbg_context *ctx )
{
if( ctx == NULL )
return;
aes_free( &ctx->aes_ctx );
polarssl_zeroize( ctx, sizeof( ctr_drbg_context ) );
}
void ctr_drbg_set_prediction_resistance( ctr_drbg_context *ctx, int resistance )
{
ctx->prediction_resistance = resistance;
......
Markdown is supported
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment