static time_t master_reseed_time_interval = MASTER_RESEED_TIME_INTERVAL;
static time_t slave_reseed_time_interval = SLAVE_RESEED_TIME_INTERVAL;
+/* A logical OR of all used DRBG flag bits (currently there is only one) */
+static const unsigned int rand_drbg_used_flags =
+ RAND_DRBG_FLAG_CTR_NO_DF;
+
static RAND_DRBG *drbg_setup(RAND_DRBG *parent);
static RAND_DRBG *rand_drbg_new(int secure,
break;
}
- if ((flags & ~RAND_DRBG_USED_FLAGS) != 0) {
+ if ((flags & ~rand_drbg_used_flags) != 0) {
RANDerr(RAND_F_RAND_DRBG_SET_DEFAULTS, RAND_R_UNSUPPORTED_DRBG_FLAGS);
return 0;
}
goto end;
}
- if (drbg->meth == NULL)
- {
+ if (drbg->meth == NULL) {
RANDerr(RAND_F_RAND_DRBG_INSTANTIATE,
RAND_R_NO_DRBG_IMPLEMENTATION_SELECTED);
goto end;
*/
int RAND_DRBG_uninstantiate(RAND_DRBG *drbg)
{
- if (drbg->meth == NULL)
- {
+ if (drbg->meth == NULL) {
RANDerr(RAND_F_RAND_DRBG_UNINSTANTIATE,
RAND_R_NO_DRBG_IMPLEMENTATION_SELECTED);
return 0;
return 0;
}
- if (adin == NULL)
+ if (adin == NULL) {
adinlen = 0;
- else if (adinlen > drbg->max_adinlen) {
+ } else if (adinlen > drbg->max_adinlen) {
RANDerr(RAND_F_RAND_DRBG_RESEED, RAND_R_ADDITIONAL_INPUT_TOO_LONG);
return 0;
}
*/
DEFINE_RUN_ONCE_STATIC(do_rand_drbg_init)
{
- int ret = 1;
-
/*
* ensure that libcrypto is initialized, otherwise the
* DRBG locks are not cleaned up properly
if (!OPENSSL_init_crypto(0, NULL))
return 0;
- ossl_init_thread_start(OPENSSL_INIT_THREAD_RAND);
-
- master_drbg = drbg_setup(NULL);
+ if (!CRYPTO_THREAD_init_local(&private_drbg, NULL))
+ return 0;
- ret &= CRYPTO_THREAD_init_local(&private_drbg, NULL);
- ret &= CRYPTO_THREAD_init_local(&public_drbg, NULL);
+ if (!CRYPTO_THREAD_init_local(&public_drbg, NULL))
+ goto err1;
- if (master_drbg == NULL || ret == 0)
- return 0;
+ master_drbg = drbg_setup(NULL);
+ if (master_drbg == NULL)
+ goto err2;
return 1;
+
+err2:
+ CRYPTO_THREAD_cleanup_local(&public_drbg);
+err1:
+ CRYPTO_THREAD_cleanup_local(&private_drbg);
+ return 0;
}
/* Clean up the global DRBGs before exit */
void rand_drbg_cleanup_int(void)
{
- RAND_DRBG_free(master_drbg);
- master_drbg = NULL;
+ if (master_drbg != NULL) {
+ RAND_DRBG_free(master_drbg);
+ master_drbg = NULL;
- CRYPTO_THREAD_cleanup_local(&private_drbg);
- CRYPTO_THREAD_cleanup_local(&public_drbg);
+ CRYPTO_THREAD_cleanup_local(&private_drbg);
+ CRYPTO_THREAD_cleanup_local(&public_drbg);
+ }
}
-void drbg_delete_thread_state()
+void drbg_delete_thread_state(void)
{
RAND_DRBG *drbg;
drbg = CRYPTO_THREAD_get_local(&public_drbg);
+ CRYPTO_THREAD_set_local(&public_drbg, NULL);
RAND_DRBG_free(drbg);
drbg = CRYPTO_THREAD_get_local(&private_drbg);
+ CRYPTO_THREAD_set_local(&private_drbg, NULL);
RAND_DRBG_free(drbg);
}
drbg = CRYPTO_THREAD_get_local(&public_drbg);
if (drbg == NULL) {
- ossl_init_thread_start(OPENSSL_INIT_THREAD_RAND);
+ if (!ossl_init_thread_start(OPENSSL_INIT_THREAD_RAND))
+ return NULL;
drbg = drbg_setup(master_drbg);
CRYPTO_THREAD_set_local(&public_drbg, drbg);
}
drbg = CRYPTO_THREAD_get_local(&private_drbg);
if (drbg == NULL) {
- ossl_init_thread_start(OPENSSL_INIT_THREAD_RAND);
+ if (!ossl_init_thread_start(OPENSSL_INIT_THREAD_RAND))
+ return NULL;
drbg = drbg_setup(master_drbg);
CRYPTO_THREAD_set_local(&private_drbg, drbg);
}