#include "prov/rand_pool.h"
#include "prov/provider_ctx.h"
#include "prov/providercommonerr.h"
+#include "prov/providercommon.h"
/*
* Support framework for NIST SP 800-90A DRBG
void *parent = drbg->parent;
unsigned int r;
- *params = OSSL_PARAM_construct_uint(OSSL_DRBG_PARAM_RESEED_CTR, &r);
+ *params = OSSL_PARAM_construct_uint(OSSL_DRBG_PARAM_RESEED_COUNTER, &r);
if (!drbg_lock_parent(drbg)) {
ERR_raise(ERR_LIB_PROV, PROV_R_UNABLE_TO_LOCK_PARENT);
goto err;
}
/*
- * Implements the get_entropy() callback (see RAND_DRBG_set_callbacks())
+ * Implements the get_entropy() callback
*
* If the DRBG has a parent, then the required amount of entropy input
- * is fetched using the parent's RAND_DRBG_generate().
+ * is fetched using the parent's PROV_DRBG_generate().
*
* Otherwise, the entropy is polled from the system entropy sources
* using prov_pool_acquire_entropy().
if (buffer != NULL) {
size_t bytes = 0;
+ if (drbg->parent_generate == NULL)
+ goto err;
/*
- * Get random data from parent. Include our address as additional input,
- * in order to provide some additional distinction between different
- * DRBG child instances.
* Our lock is already held, but we need to lock our parent before
* generating bits from it. (Note: taking the lock will be a no-op
* if locking if drbg->parent->lock == NULL.)
*/
- if (drbg->parent_generate == NULL)
- goto err;
drbg_lock_parent(drbg);
+ /*
+ * Get random data from parent. Include our DRBG address as
+ * additional input, in order to provide a distinction between
+ * different DRBG child instances.
+ *
+ * Note: using the sizeof() operator on a pointer triggers
+ * a warning in some static code analyzers, but it's
+ * intentional and correct here.
+ */
if (drbg->parent_generate(drbg->parent, buffer, bytes_needed,
drbg->strength, prediction_resistance,
(unsigned char *)&drbg,
}
/*
- * Implements the cleanup_entropy() callback (see RAND_DRBG_set_callbacks())
+ * Implements the cleanup_entropy() callback
*
*/
static void prov_drbg_cleanup_entropy(PROV_DRBG *drbg,
unsigned char *out, size_t outlen)
{
- OSSL_PARAM params[3], *p = params;
-
- if (drbg->get_entropy_fn != NULL) {
- if (drbg->cleanup_entropy_fn != NULL) {
- *p++ = OSSL_PARAM_construct_size_t(OSSL_DRBG_PARAM_SIZE,
- &outlen);
- *p++ = OSSL_PARAM_construct_octet_ptr(OSSL_DRBG_PARAM_RANDOM_DATA,
- (void **)&out, 0);
- *p = OSSL_PARAM_construct_end();
-
- drbg->cleanup_entropy_fn(params, drbg->callback_arg);
- }
- } else if (drbg->seed_pool == NULL) {
+ if (drbg->seed_pool == NULL) {
OPENSSL_secure_clear_free(out, outlen);
}
}
size_t min_len, size_t max_len,
int prediction_resistance)
{
- if (drbg->get_entropy_fn != NULL) {
- OSSL_PARAM params[6], *p = params;
- OSSL_PARAM out[2] = { OSSL_PARAM_END, OSSL_PARAM_END };
-
- *p++ = OSSL_PARAM_construct_int(OSSL_DRBG_PARAM_ENTROPY_REQUIRED,
- &entropy);
- *p++ = OSSL_PARAM_construct_int(OSSL_DRBG_PARAM_PREDICTION_RESISTANCE,
- &prediction_resistance);
- *p++ = OSSL_PARAM_construct_size_t(OSSL_DRBG_PARAM_MIN_LENGTH,
- &min_len);
- *p++ = OSSL_PARAM_construct_size_t(OSSL_DRBG_PARAM_MAX_LENGTH,
- &max_len);
- *p = OSSL_PARAM_construct_end();
- *out = OSSL_PARAM_construct_octet_ptr(OSSL_DRBG_PARAM_RANDOM_DATA,
- (void **)pout, 0);
-
- if (drbg->get_entropy_fn(params, out, drbg->callback_arg))
- return out->return_size;
- ERR_raise(ERR_LIB_PROV, PROV_R_UNABLE_TO_GET_ENTROPY);
- return 0;
- }
-
#ifdef FIPS_MODULE
if (drbg->parent == NULL)
return prov_crngt_get_entropy(drbg, pout, entropy, min_len, max_len,
PROV_DRBG_NONCE_GLOBAL *dngbl
= openssl_ctx_get_data(libctx, OPENSSL_CTX_DRBG_NONCE_INDEX,
&drbg_nonce_ossl_ctx_method);
- OSSL_PARAM params[5], *p = params;
- OSSL_PARAM out[2] = { OSSL_PARAM_END, OSSL_PARAM_END };
struct {
void *instance;
int count;
if (dngbl == NULL)
return 0;
- if (drbg->get_nonce_fn != NULL) {
- *p++ = OSSL_PARAM_construct_int(OSSL_DRBG_PARAM_ENTROPY_REQUIRED,
- &entropy);
- *p++ = OSSL_PARAM_construct_size_t(OSSL_DRBG_PARAM_MIN_LENGTH,
- &min_len);
- *p++ = OSSL_PARAM_construct_size_t(OSSL_DRBG_PARAM_MAX_LENGTH,
- &max_len);
- *p = OSSL_PARAM_construct_end();
- *out = OSSL_PARAM_construct_octet_ptr(OSSL_DRBG_PARAM_RANDOM_DATA,
- (void **)pout, 0);
-
- if (drbg->get_nonce_fn(params, out, drbg->callback_arg))
- return out->return_size;
- ERR_raise(ERR_LIB_PROV, PROV_R_UNABLE_TO_GET_NONCE);
- return 0;
- }
if (drbg->parent != NULL) {
if (drbg->parent_nonce != NULL) {
n = drbg->parent_nonce(drbg->parent, NULL, 0, drbg->min_noncelen,
static void prov_drbg_clear_nonce(PROV_DRBG *drbg, unsigned char *nonce,
size_t noncelen)
{
- OSSL_PARAM params[3], *p = params;
-
- if (drbg->get_nonce_fn != NULL) {
- if (drbg->cleanup_nonce_fn != NULL) {
- *p++ = OSSL_PARAM_construct_size_t(OSSL_DRBG_PARAM_SIZE,
- &noncelen);
- *p++ = OSSL_PARAM_construct_octet_ptr(OSSL_DRBG_PARAM_RANDOM_DATA,
- (void **)&nonce, 0);
- *p = OSSL_PARAM_construct_end();
-
- drbg->cleanup_nonce_fn(params, drbg->callback_arg);
- }
- } else {
- OPENSSL_clear_free(nonce, noncelen);
- }
+ OPENSSL_clear_free(nonce, noncelen);
}
#else
# define prov_drbg_clear_nonce(drbg, nonce, len) \
size_t noncelen = 0, entropylen = 0;
size_t min_entropy, min_entropylen, max_entropylen;
+ if (!ossl_prov_is_running())
+ return 0;
+
if (strength > drbg->strength) {
PROVerr(0, PROV_R_INSUFFICIENT_DRBG_STRENGTH);
goto end;
drbg->min_noncelen,
drbg->max_noncelen)) {
PROVerr(0, PROV_R_ERROR_RETRIEVING_NONCE);
- OPENSSL_free(nonce);
+ goto end;
}
#ifndef PROV_RAND_GET_RANDOM_NONCE
} else if (drbg->parent != NULL) {
}
drbg->state = EVP_RAND_STATE_READY;
- drbg->reseed_gen_counter = 1;
+ drbg->generate_counter = 1;
drbg->reseed_time = time(NULL);
tsan_store(&drbg->reseed_counter, drbg->reseed_next_counter);
unsigned char *entropy = NULL;
size_t entropylen = 0;
+ if (!ossl_prov_is_running())
+ return 0;
+
if (drbg->state != EVP_RAND_STATE_READY) {
/* try to recover from previous errors */
rand_drbg_restart(drbg);
}
if (ent != NULL) {
-#ifdef FIP_MODULE
+#ifdef FIPS_MODULE
/*
* NIST SP-800-90A mandates that entropy *shall not* be provided
* by the consuming application. Instead the data is added as additional
goto end;
drbg->state = EVP_RAND_STATE_READY;
- drbg->reseed_gen_counter = 1;
+ drbg->generate_counter = 1;
drbg->reseed_time = time(NULL);
tsan_store(&drbg->reseed_counter, drbg->reseed_next_counter);
if (drbg->parent != NULL)
int fork_id;
int reseed_required = 0;
+ if (!ossl_prov_is_running())
+ return 0;
+
if (drbg->state != EVP_RAND_STATE_READY) {
/* try to recover from previous errors */
rand_drbg_restart(drbg);
}
if (drbg->reseed_interval > 0) {
- if (drbg->reseed_gen_counter > drbg->reseed_interval)
+ if (drbg->generate_counter >= drbg->reseed_interval)
reseed_required = 1;
}
if (drbg->reseed_time_interval > 0) {
return 0;
}
- drbg->reseed_gen_counter++;
+ drbg->generate_counter++;
return 1;
}
int (*generate)(PROV_DRBG *, unsigned char *out, size_t outlen,
const unsigned char *adin, size_t adin_len))
{
- PROV_DRBG *drbg = OPENSSL_zalloc(sizeof(*drbg));
+ PROV_DRBG *drbg;
unsigned int p_str;
const OSSL_DISPATCH *pfunc;
+ if (!ossl_prov_is_running())
+ return NULL;
+
+ drbg = OPENSSL_zalloc(sizeof(*drbg));
if (drbg == NULL) {
ERR_raise(ERR_LIB_PROV, ERR_R_MALLOC_FAILURE);
return NULL;
/* Extract parent's functions */
drbg->parent = parent;
if ((pfunc = find_call(p_dispatch, OSSL_FUNC_RAND_ENABLE_LOCKING)) != NULL)
- drbg->parent_enable_locking = OSSL_get_OP_rand_enable_locking(pfunc);
+ drbg->parent_enable_locking = OSSL_FUNC_rand_enable_locking(pfunc);
if ((pfunc = find_call(p_dispatch, OSSL_FUNC_RAND_LOCK)) != NULL)
- drbg->parent_lock = OSSL_get_OP_rand_lock(pfunc);
+ drbg->parent_lock = OSSL_FUNC_rand_lock(pfunc);
if ((pfunc = find_call(p_dispatch, OSSL_FUNC_RAND_UNLOCK)) != NULL)
- drbg->parent_unlock = OSSL_get_OP_rand_unlock(pfunc);
+ drbg->parent_unlock = OSSL_FUNC_rand_unlock(pfunc);
if ((pfunc = find_call(p_dispatch, OSSL_FUNC_RAND_GET_CTX_PARAMS)) != NULL)
- drbg->parent_get_ctx_params = OSSL_get_OP_rand_get_ctx_params(pfunc);
+ drbg->parent_get_ctx_params = OSSL_FUNC_rand_get_ctx_params(pfunc);
if ((pfunc = find_call(p_dispatch, OSSL_FUNC_RAND_GENERATE)) != NULL)
- drbg->parent_generate = OSSL_get_OP_rand_generate(pfunc);
+ drbg->parent_generate = OSSL_FUNC_rand_generate(pfunc);
if ((pfunc = find_call(p_dispatch, OSSL_FUNC_RAND_NONCE)) != NULL)
- drbg->parent_nonce = OSSL_get_OP_rand_nonce(pfunc);
+ drbg->parent_nonce = OSSL_FUNC_rand_nonce(pfunc);
/* Set some default maximums up */
drbg->max_entropylen = DRBG_MAX_LENGTH;
drbg->max_noncelen = DRBG_MAX_LENGTH;
drbg->max_perslen = DRBG_MAX_LENGTH;
drbg->max_adinlen = DRBG_MAX_LENGTH;
- drbg->reseed_gen_counter = 1;
+ drbg->generate_counter = 1;
drbg->reseed_counter = 1;
drbg->reseed_interval = RESEED_INTERVAL;
drbg->reseed_time_interval = TIME_INTERVAL;
if (p != NULL && !OSSL_PARAM_set_time_t(p, drbg->reseed_time_interval))
return 0;
- p = OSSL_PARAM_locate(params, OSSL_DRBG_PARAM_RESEED_CTR);
+ p = OSSL_PARAM_locate(params, OSSL_DRBG_PARAM_RESEED_COUNTER);
if (p != NULL
&& !OSSL_PARAM_set_uint(p, tsan_load(&drbg->reseed_counter)))
return 0;
return 0;
return 1;
}
-
-int drbg_set_callbacks(void *vctx, OSSL_INOUT_CALLBACK *get_entropy_fn,
- OSSL_CALLBACK *cleanup_entropy_fn,
- OSSL_INOUT_CALLBACK *get_nonce_fn,
- OSSL_CALLBACK *cleanup_nonce_fn, void *arg)
-{
- PROV_DRBG *drbg = vctx;
-
- if (drbg->state != EVP_RAND_STATE_UNINITIALISED
- || drbg->parent != NULL)
- return 0;
-
- drbg->get_entropy_fn = get_entropy_fn;
- drbg->cleanup_entropy_fn = cleanup_entropy_fn;
- drbg->get_nonce_fn = get_nonce_fn;
- drbg->cleanup_nonce_fn = cleanup_nonce_fn;
- drbg->callback_arg = arg;
- return 1;
-}
projects / openssl.git / blobdiff