Test: link drbgtest statically against libcrypto

and remove duplicate rand_drbg_seedlen() implementation again.

Reviewed-by: Richard Levitte <levitte@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/7462)

diff --git a/crypto/rand/drbg_lib.c b/crypto/rand/drbg_lib.c
index d398b4248b561884cc9293639e8982e00cd4ae22..16756d911b6d2c3a0a4587bafd275dbdc6c4d988 100644 (file)
--- a/crypto/rand/drbg_lib.c
+++ b/crypto/rand/drbg_lib.c
@@ -1045,12 +1045,8 @@ static int drbg_bytes(unsigned char *out, int count)
  * Calculates the minimum length of a full entropy buffer
  * which is necessary to seed (i.e. instantiate) the DRBG
  * successfully.
- *
- * NOTE: There is a copy of this function in drbgtest.c.
- *       If you change anything here, you need to update
- *       the copy accordingly.
  */
-static size_t rand_drbg_seedlen(RAND_DRBG *drbg)
+size_t rand_drbg_seedlen(RAND_DRBG *drbg)
 {
     /*
      * If no os entropy source is available then RAND_seed(buffer, bufsize)

diff --git a/crypto/rand/rand_lcl.h b/crypto/rand/rand_lcl.h
index 33b367c08becb2311fc00d30015bba85f74a2932..3ec7189d7d4e292238a874987b0d27c863dec361 100644 (file)
--- a/crypto/rand/rand_lcl.h
+++ b/crypto/rand/rand_lcl.h
@@ -309,7 +309,7 @@ extern int rand_fork_count;
 /* DRBG helpers */
 int rand_drbg_restart(RAND_DRBG *drbg,
                       const unsigned char *buffer, size_t len, size_t entropy);
-
+size_t rand_drbg_seedlen(RAND_DRBG *drbg);
 /* locking api */
 int rand_drbg_lock(RAND_DRBG *drbg);
 int rand_drbg_unlock(RAND_DRBG *drbg);

diff --git a/test/build.info b/test/build.info
index d2acbeda2009da2672c93f9c6b07a4e83d0c00aa..0227212dead572560e1def1db4a9d18877202d8f 100644 (file)
--- a/test/build.info
+++ b/test/build.info
@@ -342,7 +342,7 @@ INCLUDE_MAIN___test_libtestutil_OLB = /INCLUDE=main
 
   SOURCE[drbgtest]=drbgtest.c
   INCLUDE[drbgtest]=../include
-  DEPEND[drbgtest]=../libcrypto libtestutil.a
+  DEPEND[drbgtest]=../libcrypto.a libtestutil.a
 
   SOURCE[drbg_cavs_test]=drbg_cavs_test.c drbg_cavs_data_ctr.c \
                          drbg_cavs_data_hash.c drbg_cavs_data_hmac.c

diff --git a/test/drbgtest.c b/test/drbgtest.c
index c285c75229d4ea6dda9a2e87d850bead70b4a3b3..1aef1fe41a78fb97a297c35764980f2417e3ba2d 100644 (file)
--- a/test/drbgtest.c
+++ b/test/drbgtest.c
@@ -901,46 +901,6 @@ static int test_multi_thread(void)
 }
 #endif
 
-#ifdef OPENSSL_RAND_SEED_NONE
-/*
- * Calculates the minimum buffer length which needs to be
- * provided to RAND_seed() in order to successfully
- * instantiate the DRBG.
- *
- * Copied from rand_drbg_seedlen() in rand_drbg.c
- */
-static size_t rand_drbg_seedlen(RAND_DRBG *drbg)
-{
-    /*
-     * If no os entropy source is available then RAND_seed(buffer, bufsize)
-     * is expected to succeed if and only if the buffer length satisfies
-     * the following requirements, which follow from the calculations
-     * in RAND_DRBG_instantiate().
-     */
-    size_t min_entropy = drbg->strength;
-    size_t min_entropylen = drbg->min_entropylen;
-
-    /*
-     * Extra entropy for the random nonce in the absence of a
-     * get_nonce callback, see comment in RAND_DRBG_instantiate().
-     */
-    if (drbg->min_noncelen > 0 && drbg->get_nonce == NULL) {
-        min_entropy += drbg->strength / 2;
-        min_entropylen += drbg->min_noncelen;
-    }
-
-    /*
-     * Convert entropy requirement from bits to bytes
-     * (dividing by 8 without rounding upwards, because
-     * all entropy requirements are divisible by 8).
-     */
-    min_entropy >>= 3;
-
-    /* Return a value that satisfies both requirements */
-    return min_entropy > min_entropylen ? min_entropy : min_entropylen;
-}
-#endif /*OPENSSL_RAND_SEED_NONE*/
-
 /*
  * Test that instantiation with RAND_seed() works as expected
  *