RAND_DRBG *RAND_DRBG_new(int type, unsigned int flags, RAND_DRBG *parent)
{
RAND_DRBG *drbg = OPENSSL_zalloc(sizeof(*drbg));
- unsigned char *ucp = OPENSSL_zalloc(RANDOMNESS_NEEDED);
- if (drbg == NULL || ucp == NULL) {
+ if (drbg == NULL) {
RANDerr(RAND_F_RAND_DRBG_NEW, ERR_R_MALLOC_FAILURE);
goto err;
}
drbg->size = RANDOMNESS_NEEDED;
- drbg->randomness = ucp;
-
+ drbg->fork_count = rand_fork_count;
drbg->parent = parent;
if (RAND_DRBG_set(drbg, type, flags) < 0)
goto err;
if (parent != NULL) {
+ if (parent->state == DRBG_UNINITIALISED
+ && RAND_DRBG_instantiate(parent, NULL, 0) == 0)
+ goto err;
if (!RAND_DRBG_set_callbacks(drbg, drbg_entropy_from_parent,
drbg_release_entropy,
NULL, NULL)
return drbg;
err:
- OPENSSL_free(ucp);
OPENSSL_free(drbg);
return NULL;
}
+RAND_DRBG *RAND_DRBG_get0_global(void)
+{
+ return &rand_drbg;
+}
+
/*
* Uninstantiate |drbg| and free all memory.
*/
return;
ctr_uninstantiate(drbg);
- OPENSSL_cleanse(drbg->randomness, drbg->size);
- OPENSSL_free(drbg->randomness);
CRYPTO_free_ex_data(CRYPTO_EX_INDEX_DRBG, drbg, &drbg->ex_data);
OPENSSL_clear_free(drbg, sizeof(*drbg));
}
const unsigned char *pers, size_t perslen)
{
unsigned char *nonce = NULL, *entropy = NULL;
- size_t noncelen = 0, entlen = 0;
+ size_t noncelen = 0, entropylen = 0;
- if (perslen > drbg->max_pers) {
+ if (perslen > drbg->max_perslen) {
RANDerr(RAND_F_RAND_DRBG_INSTANTIATE,
RAND_R_PERSONALISATION_STRING_TOO_LONG);
goto end;
drbg->state = DRBG_ERROR;
if (drbg->get_entropy != NULL)
- entlen = drbg->get_entropy(drbg, &entropy, drbg->strength,
- drbg->min_entropy, drbg->max_entropy);
- if (entlen < drbg->min_entropy || entlen > drbg->max_entropy) {
+ entropylen = drbg->get_entropy(drbg, &entropy, drbg->strength,
+ drbg->min_entropylen, drbg->max_entropylen);
+ if (entropylen < drbg->min_entropylen || entropylen > drbg->max_entropylen) {
RANDerr(RAND_F_RAND_DRBG_INSTANTIATE, RAND_R_ERROR_RETRIEVING_ENTROPY);
goto end;
}
- if (drbg->max_nonce > 0 && drbg->get_nonce != NULL) {
+ if (drbg->max_noncelen > 0 && drbg->get_nonce != NULL) {
noncelen = drbg->get_nonce(drbg, &nonce, drbg->strength / 2,
- drbg->min_nonce, drbg->max_nonce);
- if (noncelen < drbg->min_nonce || noncelen > drbg->max_nonce) {
+ drbg->min_noncelen, drbg->max_noncelen);
+ if (noncelen < drbg->min_noncelen || noncelen > drbg->max_noncelen) {
RANDerr(RAND_F_RAND_DRBG_INSTANTIATE, RAND_R_ERROR_RETRIEVING_NONCE);
goto end;
}
}
- if (!ctr_instantiate(drbg, entropy, entlen,
+ if (!ctr_instantiate(drbg, entropy, entropylen,
nonce, noncelen, pers, perslen)) {
RANDerr(RAND_F_RAND_DRBG_INSTANTIATE, RAND_R_ERROR_INSTANTIATING_DRBG);
goto end;
end:
if (entropy != NULL && drbg->cleanup_entropy != NULL)
- drbg->cleanup_entropy(drbg, entropy);
+ drbg->cleanup_entropy(drbg, entropy, entropylen);
if (nonce != NULL && drbg->cleanup_nonce!= NULL )
- drbg->cleanup_nonce(drbg, nonce);
+ drbg->cleanup_nonce(drbg, nonce, noncelen);
if (drbg->state == DRBG_READY)
return 1;
return 0;
const unsigned char *adin, size_t adinlen)
{
unsigned char *entropy = NULL;
- size_t entlen = 0;
+ size_t entropylen = 0;
if (drbg->state == DRBG_ERROR) {
RANDerr(RAND_F_RAND_DRBG_RESEED, RAND_R_IN_ERROR_STATE);
if (adin == NULL)
adinlen = 0;
- else if (adinlen > drbg->max_adin) {
+ else if (adinlen > drbg->max_adinlen) {
RANDerr(RAND_F_RAND_DRBG_RESEED, RAND_R_ADDITIONAL_INPUT_TOO_LONG);
return 0;
}
drbg->state = DRBG_ERROR;
if (drbg->get_entropy != NULL)
- entlen = drbg->get_entropy(drbg, &entropy, drbg->strength,
- drbg->min_entropy, drbg->max_entropy);
- if (entlen < drbg->min_entropy || entlen > drbg->max_entropy) {
+ entropylen = drbg->get_entropy(drbg, &entropy, drbg->strength,
+ drbg->min_entropylen, drbg->max_entropylen);
+ if (entropylen < drbg->min_entropylen || entropylen > drbg->max_entropylen) {
RANDerr(RAND_F_RAND_DRBG_RESEED, RAND_R_ERROR_RETRIEVING_ENTROPY);
goto end;
}
- if (!ctr_reseed(drbg, entropy, entlen, adin, adinlen))
+ if (!ctr_reseed(drbg, entropy, entropylen, adin, adinlen))
goto end;
drbg->state = DRBG_READY;
drbg->reseed_counter = 1;
end:
if (entropy != NULL && drbg->cleanup_entropy != NULL)
- drbg->cleanup_entropy(drbg, entropy);
+ drbg->cleanup_entropy(drbg, entropy, entropylen);
if (drbg->state == DRBG_READY)
return 1;
return 0;
RANDerr(RAND_F_RAND_DRBG_GENERATE, RAND_R_REQUEST_TOO_LARGE_FOR_DRBG);
return 0;
}
- if (adinlen > drbg->max_adin) {
+ if (adinlen > drbg->max_adinlen) {
RANDerr(RAND_F_RAND_DRBG_GENERATE, RAND_R_ADDITIONAL_INPUT_TOO_LONG);
return 0;
}
+ if (drbg->fork_count != rand_fork_count) {
+ drbg->fork_count = rand_fork_count;
+ drbg->state = DRBG_RESEED;
+ }
+
if (drbg->reseed_counter >= drbg->reseed_interval)
drbg->state = DRBG_RESEED;
return ret;
}
-static void drbg_cleanup(void)
-{
- CRYPTO_THREAD_write_lock(rand_drbg.lock);
- RAND_DRBG_uninstantiate(&rand_drbg);
- CRYPTO_THREAD_unlock(rand_drbg.lock);
-}
-
static int drbg_add(const void *buf, int num, double randomness)
{
unsigned char *in = (unsigned char *)buf;
int ret;
CRYPTO_THREAD_write_lock(rand_drbg.lock);
+ if (rand_drbg.state == DRBG_UNINITIALISED)
+ RAND_DRBG_instantiate(&rand_drbg, NULL, 0);
ret = rand_drbg.state == DRBG_READY ? 1 : 0;
CRYPTO_THREAD_unlock(rand_drbg.lock);
return ret;
}
RAND_DRBG rand_drbg; /* The default global DRBG. */
+RAND_DRBG priv_drbg; /* The global private-key DRBG. */
RAND_METHOD rand_meth = {
drbg_seed,
drbg_bytes,
- drbg_cleanup,
+ NULL,
drbg_add,
drbg_bytes,
drbg_status