bd326f93d4
You can't reuse a CTR_DRBG context without free()ing it and re-init()ing it. This generally happened to work, but was never guaranteed. It could have failed with alternative implementations of the AES module because mbedtls_ctr_drbg_seed() calls mbedtls_aes_init() on a context which is already initialized if mbedtls_ctr_drbg_seed() hasn't been called before, plausibly causing a memory leak. Since the addition of mbedtls_ctr_drbg_set_nonce_len(), the second call to mbedtls_ctr_drbg_seed() uses a nonsensical value as the entropy nonce length. Calling free() and seed() with no intervening init fails when MBEDTLS_THREADING_C is enabled and all-bits-zero is not a valid mutex representation. |
||
|---|---|---|
| .. | ||
| mbedtls | ||
| psa | ||
| .gitignore | ||
| CMakeLists.txt | ||