drbg->parent = parent;
if (parent == NULL) {
+ drbg->get_entropy = rand_drbg_get_entropy;
+ drbg->cleanup_entropy = rand_drbg_cleanup_entropy;
+#ifndef RAND_DRBG_GET_RANDOM_NONCE
+ drbg->get_nonce = rand_drbg_get_nonce;
+ drbg->cleanup_nonce = rand_drbg_cleanup_nonce;
+#endif
+
drbg->reseed_interval = master_reseed_interval;
drbg->reseed_time_interval = master_reseed_time_interval;
} else {
+ drbg->get_entropy = rand_drbg_get_entropy;
+ drbg->cleanup_entropy = rand_drbg_cleanup_entropy;
+ /*
+ * Do not provide nonce callbacks, the child DRBGs will
+ * obtain their nonce using random bits from the parent.
+ */
+
drbg->reseed_interval = slave_reseed_interval;
drbg->reseed_time_interval = slave_reseed_time_interval;
}
rand_drbg_unlock(parent);
}
- if (!RAND_DRBG_set_callbacks(drbg, rand_drbg_get_entropy,
- rand_drbg_cleanup_entropy,
- NULL, NULL))
- goto err;
-
return drbg;
err:
goto end;
}
- if (drbg->meth == NULL)
- {
+ if (drbg->meth == NULL) {
RANDerr(RAND_F_RAND_DRBG_INSTANTIATE,
RAND_R_NO_DRBG_IMPLEMENTATION_SELECTED);
goto end;
*/
int RAND_DRBG_uninstantiate(RAND_DRBG *drbg)
{
- if (drbg->meth == NULL)
- {
+ if (drbg->meth == NULL) {
RANDerr(RAND_F_RAND_DRBG_UNINSTANTIATE,
RAND_R_NO_DRBG_IMPLEMENTATION_SELECTED);
return 0;
return 0;
}
- if (adin == NULL)
+ if (adin == NULL) {
adinlen = 0;
- else if (adinlen > drbg->max_adinlen) {
+ } else if (adinlen > drbg->max_adinlen) {
RANDerr(RAND_F_RAND_DRBG_RESEED, RAND_R_ADDITIONAL_INPUT_TOO_LONG);
return 0;
}
drbg->reseed_counter = 1;
/*
- * Ignore instantiation error so support just-in-time instantiation.
+ * Ignore instantiation error to support just-in-time instantiation.
*
* The state of the drbg will be checked in RAND_DRBG_generate() and
* an automatic recovery is attempted.
*/
- RAND_DRBG_instantiate(drbg,
- (const unsigned char *) ossl_pers_string,
- sizeof(ossl_pers_string) - 1);
+ (void)RAND_DRBG_instantiate(drbg,
+ (const unsigned char *) ossl_pers_string,
+ sizeof(ossl_pers_string) - 1);
return drbg;
err:
*/
DEFINE_RUN_ONCE_STATIC(do_rand_drbg_init)
{
- int ret = 1;
-
/*
* ensure that libcrypto is initialized, otherwise the
* DRBG locks are not cleaned up properly
if (!OPENSSL_init_crypto(0, NULL))
return 0;
- ossl_init_thread_start(OPENSSL_INIT_THREAD_RAND);
-
- master_drbg = drbg_setup(NULL);
+ if (!CRYPTO_THREAD_init_local(&private_drbg, NULL))
+ return 0;
- ret &= CRYPTO_THREAD_init_local(&private_drbg, NULL);
- ret &= CRYPTO_THREAD_init_local(&public_drbg, NULL);
+ if (!CRYPTO_THREAD_init_local(&public_drbg, NULL))
+ goto err1;
- if (master_drbg == NULL || ret == 0)
- return 0;
+ master_drbg = drbg_setup(NULL);
+ if (master_drbg == NULL)
+ goto err2;
return 1;
+
+err2:
+ CRYPTO_THREAD_cleanup_local(&public_drbg);
+err1:
+ CRYPTO_THREAD_cleanup_local(&private_drbg);
+ return 0;
}
/* Clean up the global DRBGs before exit */
RAND_DRBG *drbg;
drbg = CRYPTO_THREAD_get_local(&public_drbg);
+ CRYPTO_THREAD_set_local(&public_drbg, NULL);
RAND_DRBG_free(drbg);
drbg = CRYPTO_THREAD_get_local(&private_drbg);
+ CRYPTO_THREAD_set_local(&private_drbg, NULL);
RAND_DRBG_free(drbg);
}
drbg = CRYPTO_THREAD_get_local(&public_drbg);
if (drbg == NULL) {
- ossl_init_thread_start(OPENSSL_INIT_THREAD_RAND);
+ if (!ossl_init_thread_start(OPENSSL_INIT_THREAD_RAND))
+ return NULL;
drbg = drbg_setup(master_drbg);
CRYPTO_THREAD_set_local(&public_drbg, drbg);
}
drbg = CRYPTO_THREAD_get_local(&private_drbg);
if (drbg == NULL) {
- ossl_init_thread_start(OPENSSL_INIT_THREAD_RAND);
+ if (!ossl_init_thread_start(OPENSSL_INIT_THREAD_RAND))
+ return NULL;
drbg = drbg_setup(master_drbg);
CRYPTO_THREAD_set_local(&private_drbg, drbg);
}