/*
- * Copyright 2011-2020 The OpenSSL Project Authors. All Rights Reserved.
+ * Copyright 2011-2021 The OpenSSL Project Authors. All Rights Reserved.
*
* Licensed under the Apache License 2.0 (the "License"). You may not use
* this file except in compliance with the License. You can obtain a copy
#include <openssl/err.h>
#include <openssl/rand.h>
#include <openssl/aes.h>
+#include <openssl/proverr.h>
#include "e_os.h" /* strcasecmp */
#include "crypto/modes.h"
#include "internal/thread_once.h"
#include "prov/implementations.h"
+#include "prov/providercommon.h"
#include "prov/provider_ctx.h"
-#include "prov/providercommonerr.h"
#include "drbg_local.h"
static OSSL_FUNC_rand_newctx_fn drbg_ctr_new_wrapper;
static int drbg_ctr_instantiate_wrapper(void *vdrbg, unsigned int strength,
int prediction_resistance,
const unsigned char *pstr,
- size_t pstr_len)
+ size_t pstr_len,
+ const OSSL_PARAM params[])
{
PROV_DRBG *drbg = (PROV_DRBG *)vdrbg;
- return PROV_DRBG_instantiate(drbg, strength, prediction_resistance,
- pstr, pstr_len);
+ if (!ossl_prov_is_running() || !drbg_ctr_set_ctx_params(drbg, params))
+ return 0;
+ return ossl_prov_drbg_instantiate(drbg, strength, prediction_resistance,
+ pstr, pstr_len);
}
static int drbg_ctr_reseed(PROV_DRBG *drbg,
{
PROV_DRBG *drbg = (PROV_DRBG *)vdrbg;
- return PROV_DRBG_reseed(drbg, prediction_resistance, ent, ent_len,
- adin, adin_len);
+ return ossl_prov_drbg_reseed(drbg, prediction_resistance, ent, ent_len,
+ adin, adin_len);
}
static void ctr96_inc(unsigned char *counter)
{
PROV_DRBG *drbg = (PROV_DRBG *)vdrbg;
- return PROV_DRBG_generate(drbg, out, outlen, strength,
- prediction_resistance, adin, adin_len);
+ return ossl_prov_drbg_generate(drbg, out, outlen, strength,
+ prediction_resistance, adin, adin_len);
}
static int drbg_ctr_uninstantiate(PROV_DRBG *drbg)
OPENSSL_cleanse(ctr->bltmp, sizeof(ctr->bltmp));
OPENSSL_cleanse(ctr->KX, sizeof(ctr->KX));
ctr->bltmp_pos = 0;
- return PROV_DRBG_uninstantiate(drbg);
+ return ossl_prov_drbg_uninstantiate(drbg);
}
static int drbg_ctr_uninstantiate_wrapper(void *vdrbg)
#ifdef FIPS_MODULE
if (!ctr->use_df) {
- PROVerr(0, RAND_R_DERIVATION_FUNCTION_MANDATORY_FOR_FIPS);
+ ERR_raise(ERR_LIB_PROV, RAND_R_DERIVATION_FUNCTION_MANDATORY_FOR_FIPS);
ctr->use_df = 1;
res = 0;
}
ERR_raise(ERR_LIB_PROV, PROV_R_MISSING_CIPHER);
return 0;
}
- ctr->keylen = keylen = EVP_CIPHER_key_length(ctr->cipher_ctr);
+ ctr->keylen = keylen = EVP_CIPHER_get_key_length(ctr->cipher_ctr);
if (ctr->ctx_ecb == NULL)
ctr->ctx_ecb = EVP_CIPHER_CTX_new();
if (ctr->ctx_ctr == NULL)
static void *drbg_ctr_new_wrapper(void *provctx, void *parent,
const OSSL_DISPATCH *parent_dispatch)
{
- return prov_rand_drbg_new(provctx, parent, parent_dispatch, &drbg_ctr_new,
+ return ossl_rand_drbg_new(provctx, parent, parent_dispatch, &drbg_ctr_new,
&drbg_ctr_instantiate, &drbg_ctr_uninstantiate,
&drbg_ctr_reseed, &drbg_ctr_generate);
}
OPENSSL_secure_clear_free(ctr, sizeof(*ctr));
}
- prov_rand_drbg_free(drbg);
+ ossl_rand_drbg_free(drbg);
}
static int drbg_ctr_get_ctx_params(void *vdrbg, OSSL_PARAM params[])
{
PROV_DRBG *drbg = (PROV_DRBG *)vdrbg;
+ PROV_DRBG_CTR *ctr = (PROV_DRBG_CTR *)drbg->data;
+ OSSL_PARAM *p;
- return drbg_get_ctx_params(drbg, params);
+ p = OSSL_PARAM_locate(params, OSSL_DRBG_PARAM_USE_DF);
+ if (p != NULL && !OSSL_PARAM_set_int(p, ctr->use_df))
+ return 0;
+
+ p = OSSL_PARAM_locate(params, OSSL_DRBG_PARAM_CIPHER);
+ if (p != NULL) {
+ if (ctr->cipher_ctr == NULL
+ || !OSSL_PARAM_set_utf8_string(p,
+ EVP_CIPHER_get0_name(ctr->cipher_ctr)))
+ return 0;
+ }
+
+ return ossl_drbg_get_ctx_params(drbg, params);
}
-static const OSSL_PARAM *drbg_ctr_gettable_ctx_params(void)
+static const OSSL_PARAM *drbg_ctr_gettable_ctx_params(ossl_unused void *vctx,
+ ossl_unused void *provctx)
{
static const OSSL_PARAM known_gettable_ctx_params[] = {
- OSSL_PARAM_DRBG_GETABLE_CTX_COMMON,
+ OSSL_PARAM_utf8_string(OSSL_DRBG_PARAM_CIPHER, NULL, 0),
+ OSSL_PARAM_int(OSSL_DRBG_PARAM_USE_DF, NULL),
+ OSSL_PARAM_DRBG_GETTABLE_CTX_COMMON,
OSSL_PARAM_END
};
return known_gettable_ctx_params;
{
PROV_DRBG *ctx = (PROV_DRBG *)vctx;
PROV_DRBG_CTR *ctr = (PROV_DRBG_CTR *)ctx->data;
- OPENSSL_CTX *libctx = PROV_LIBRARY_CONTEXT_OF(ctx->provctx);
+ OSSL_LIB_CTX *libctx = PROV_LIBCTX_OF(ctx->provctx);
const OSSL_PARAM *p;
char *ecb;
const char *propquery = NULL;
if ((p = OSSL_PARAM_locate_const(params, OSSL_DRBG_PARAM_CIPHER)) != NULL) {
const char *base = (const char *)p->data;
+ size_t ctr_str_len = sizeof("CTR") - 1;
+ size_t ecb_str_len = sizeof("ECB") - 1;
if (p->data_type != OSSL_PARAM_UTF8_STRING
- || p->data_size < 3)
+ || p->data_size < ctr_str_len)
return 0;
- if (strcasecmp("CTR", base + p->data_size - sizeof("CTR")) != 0) {
+ if (strcasecmp("CTR", base + p->data_size - ctr_str_len) != 0) {
ERR_raise(ERR_LIB_PROV, PROV_R_REQUIRE_CTR_MODE_CIPHER);
return 0;
}
- if ((ecb = OPENSSL_strdup(base)) == NULL) {
+ if ((ecb = OPENSSL_strndup(base, p->data_size)) == NULL) {
ERR_raise(ERR_LIB_PROV, ERR_R_MALLOC_FAILURE);
return 0;
}
- strcpy(ecb + p->data_size - sizeof("ECB"), "ECB");
+ strcpy(ecb + p->data_size - ecb_str_len, "ECB");
EVP_CIPHER_free(ctr->cipher_ecb);
EVP_CIPHER_free(ctr->cipher_ctr);
ctr->cipher_ctr = EVP_CIPHER_fetch(libctx, base, propquery);
if (cipher_init && !drbg_ctr_init(ctx))
return 0;
- return drbg_set_ctx_params(ctx, params);
+ return ossl_drbg_set_ctx_params(ctx, params);
}
-static const OSSL_PARAM *drbg_ctr_settable_ctx_params(void)
+static const OSSL_PARAM *drbg_ctr_settable_ctx_params(ossl_unused void *vctx,
+ ossl_unused void *provctx)
{
static const OSSL_PARAM known_settable_ctx_params[] = {
OSSL_PARAM_utf8_string(OSSL_DRBG_PARAM_PROPERTIES, NULL, 0),
*/
OSSL_PARAM_int(OSSL_DRBG_PARAM_USE_DF, NULL),
#endif
- OSSL_PARAM_DRBG_SETABLE_CTX_COMMON,
+ OSSL_PARAM_DRBG_SETTABLE_CTX_COMMON,
OSSL_PARAM_END
};
return known_settable_ctx_params;
}
-const OSSL_DISPATCH drbg_ctr_functions[] = {
+const OSSL_DISPATCH ossl_drbg_ctr_functions[] = {
{ OSSL_FUNC_RAND_NEWCTX, (void(*)(void))drbg_ctr_new_wrapper },
{ OSSL_FUNC_RAND_FREECTX, (void(*)(void))drbg_ctr_free },
{ OSSL_FUNC_RAND_INSTANTIATE,
(void(*)(void))drbg_ctr_uninstantiate_wrapper },
{ OSSL_FUNC_RAND_GENERATE, (void(*)(void))drbg_ctr_generate_wrapper },
{ OSSL_FUNC_RAND_RESEED, (void(*)(void))drbg_ctr_reseed_wrapper },
- { OSSL_FUNC_RAND_ENABLE_LOCKING, (void(*)(void))drbg_enable_locking },
- { OSSL_FUNC_RAND_LOCK, (void(*)(void))drbg_lock },
- { OSSL_FUNC_RAND_UNLOCK, (void(*)(void))drbg_unlock },
+ { OSSL_FUNC_RAND_ENABLE_LOCKING, (void(*)(void))ossl_drbg_enable_locking },
+ { OSSL_FUNC_RAND_LOCK, (void(*)(void))ossl_drbg_lock },
+ { OSSL_FUNC_RAND_UNLOCK, (void(*)(void))ossl_drbg_unlock },
{ OSSL_FUNC_RAND_SETTABLE_CTX_PARAMS,
(void(*)(void))drbg_ctr_settable_ctx_params },
{ OSSL_FUNC_RAND_SET_CTX_PARAMS, (void(*)(void))drbg_ctr_set_ctx_params },
{ OSSL_FUNC_RAND_GETTABLE_CTX_PARAMS,
(void(*)(void))drbg_ctr_gettable_ctx_params },
{ OSSL_FUNC_RAND_GET_CTX_PARAMS, (void(*)(void))drbg_ctr_get_ctx_params },
- { OSSL_FUNC_RAND_SET_CALLBACKS, (void(*)(void))drbg_set_callbacks },
{ OSSL_FUNC_RAND_VERIFY_ZEROIZATION,
(void(*)(void))drbg_ctr_verify_zeroization },
+ { OSSL_FUNC_RAND_GET_SEED, (void(*)(void))ossl_drbg_get_seed },
+ { OSSL_FUNC_RAND_CLEAR_SEED, (void(*)(void))ossl_drbg_clear_seed },
{ 0, NULL }
};