evp_rand.c 22 KB

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177178179180181182183184185186187188189190191192193194195196197198199200201202203204205206207208209210211212213214215216217218219220221222223224225226227228229230231232233234235236237238239240241242243244245246247248249250251252253254255256257258259260261262263264265266267268269270271272273274275276277278279280281282283284285286287288289290291292293294295296297298299300301302303304305306307308309310311312313314315316317318319320321322323324325326327328329330331332333334335336337338339340341342343344345346347348349350351352353354355356357358359360361362363364365366367368369370371372373374375376377378379380381382383384385386387388389390391392393394395396397398399400401402403404405406407408409410411412413414415416417418419420421422423424425426427428429430431432433434435436437438439440441442443444445446447448449450451452453454455456457458459460461462463464465466467468469470471472473474475476477478479480481482483484485486487488489490491492493494495496497498499500501502503504505506507508509510511512513514515516517518519520521522523524525526527528529530531532533534535536537538539540541542543544545546547548549550551552553554555556557558559560561562563564565566567568569570571572573574575576577578579580581582583584585586587588589590591592593594595596597598599600601602603604605606607608609610611612613614615616617618619620621622623624625626627628629630631632633634635636637638639640641642643644645646647648649650651652653654655656657658659660661662663664665666667668669670671672673674675676677678679680681682683684685686687688689690691692693694695696697698699700701702703704705706707708709710711712713714715716717718719720721722723724725726727728729730731732733734735736737738739740741742743744745746747748749750
  1. /*
  2. * Copyright 2020-2023 The OpenSSL Project Authors. All Rights Reserved.
  3. *
  4. * Licensed under the Apache License 2.0 (the "License"). You may not use
  5. * this file except in compliance with the License. You can obtain a copy
  6. * in the file LICENSE in the source distribution or at
  7. * https://www.openssl.org/source/license.html
  8. */
  9. #include <stdio.h>
  10. #include <stdlib.h>
  11. #include <openssl/evp.h>
  12. #include <openssl/rand.h>
  13. #include <openssl/core.h>
  14. #include <openssl/core_names.h>
  15. #include <openssl/crypto.h>
  16. #include "internal/cryptlib.h"
  17. #include "internal/numbers.h"
  18. #include "internal/provider.h"
  19. #include "internal/core.h"
  20. #include "crypto/evp.h"
  21. #include "evp_local.h"
  22. struct evp_rand_st {
  23. OSSL_PROVIDER *prov;
  24. int name_id;
  25. char *type_name;
  26. const char *description;
  27. CRYPTO_REF_COUNT refcnt;
  28. const OSSL_DISPATCH *dispatch;
  29. OSSL_FUNC_rand_newctx_fn *newctx;
  30. OSSL_FUNC_rand_freectx_fn *freectx;
  31. OSSL_FUNC_rand_instantiate_fn *instantiate;
  32. OSSL_FUNC_rand_uninstantiate_fn *uninstantiate;
  33. OSSL_FUNC_rand_generate_fn *generate;
  34. OSSL_FUNC_rand_reseed_fn *reseed;
  35. OSSL_FUNC_rand_nonce_fn *nonce;
  36. OSSL_FUNC_rand_enable_locking_fn *enable_locking;
  37. OSSL_FUNC_rand_lock_fn *lock;
  38. OSSL_FUNC_rand_unlock_fn *unlock;
  39. OSSL_FUNC_rand_gettable_params_fn *gettable_params;
  40. OSSL_FUNC_rand_gettable_ctx_params_fn *gettable_ctx_params;
  41. OSSL_FUNC_rand_settable_ctx_params_fn *settable_ctx_params;
  42. OSSL_FUNC_rand_get_params_fn *get_params;
  43. OSSL_FUNC_rand_get_ctx_params_fn *get_ctx_params;
  44. OSSL_FUNC_rand_set_ctx_params_fn *set_ctx_params;
  45. OSSL_FUNC_rand_verify_zeroization_fn *verify_zeroization;
  46. OSSL_FUNC_rand_get_seed_fn *get_seed;
  47. OSSL_FUNC_rand_clear_seed_fn *clear_seed;
  48. } /* EVP_RAND */ ;
  49. static int evp_rand_up_ref(void *vrand)
  50. {
  51. EVP_RAND *rand = (EVP_RAND *)vrand;
  52. int ref = 0;
  53. if (rand != NULL)
  54. return CRYPTO_UP_REF(&rand->refcnt, &ref);
  55. return 1;
  56. }
  57. static void evp_rand_free(void *vrand)
  58. {
  59. EVP_RAND *rand = (EVP_RAND *)vrand;
  60. int ref = 0;
  61. if (rand == NULL)
  62. return;
  63. CRYPTO_DOWN_REF(&rand->refcnt, &ref);
  64. if (ref > 0)
  65. return;
  66. OPENSSL_free(rand->type_name);
  67. ossl_provider_free(rand->prov);
  68. CRYPTO_FREE_REF(&rand->refcnt);
  69. OPENSSL_free(rand);
  70. }
  71. static void *evp_rand_new(void)
  72. {
  73. EVP_RAND *rand = OPENSSL_zalloc(sizeof(*rand));
  74. if (rand == NULL)
  75. return NULL;
  76. if (!CRYPTO_NEW_REF(&rand->refcnt, 1)) {
  77. OPENSSL_free(rand);
  78. return NULL;
  79. }
  80. return rand;
  81. }
  82. /* Enable locking of the underlying DRBG/RAND if available */
  83. int EVP_RAND_enable_locking(EVP_RAND_CTX *rand)
  84. {
  85. if (rand->meth->enable_locking != NULL)
  86. return rand->meth->enable_locking(rand->algctx);
  87. ERR_raise(ERR_LIB_EVP, EVP_R_LOCKING_NOT_SUPPORTED);
  88. return 0;
  89. }
  90. /* Lock the underlying DRBG/RAND if available */
  91. static int evp_rand_lock(EVP_RAND_CTX *rand)
  92. {
  93. if (rand->meth->lock != NULL)
  94. return rand->meth->lock(rand->algctx);
  95. return 1;
  96. }
  97. /* Unlock the underlying DRBG/RAND if available */
  98. static void evp_rand_unlock(EVP_RAND_CTX *rand)
  99. {
  100. if (rand->meth->unlock != NULL)
  101. rand->meth->unlock(rand->algctx);
  102. }
  103. static void *evp_rand_from_algorithm(int name_id,
  104. const OSSL_ALGORITHM *algodef,
  105. OSSL_PROVIDER *prov)
  106. {
  107. const OSSL_DISPATCH *fns = algodef->implementation;
  108. EVP_RAND *rand = NULL;
  109. int fnrandcnt = 0, fnctxcnt = 0, fnlockcnt = 0, fnenablelockcnt = 0;
  110. #ifdef FIPS_MODULE
  111. int fnzeroizecnt = 0;
  112. #endif
  113. if ((rand = evp_rand_new()) == NULL) {
  114. ERR_raise(ERR_LIB_EVP, ERR_R_EVP_LIB);
  115. return NULL;
  116. }
  117. rand->name_id = name_id;
  118. if ((rand->type_name = ossl_algorithm_get1_first_name(algodef)) == NULL) {
  119. evp_rand_free(rand);
  120. return NULL;
  121. }
  122. rand->description = algodef->algorithm_description;
  123. rand->dispatch = fns;
  124. for (; fns->function_id != 0; fns++) {
  125. switch (fns->function_id) {
  126. case OSSL_FUNC_RAND_NEWCTX:
  127. if (rand->newctx != NULL)
  128. break;
  129. rand->newctx = OSSL_FUNC_rand_newctx(fns);
  130. fnctxcnt++;
  131. break;
  132. case OSSL_FUNC_RAND_FREECTX:
  133. if (rand->freectx != NULL)
  134. break;
  135. rand->freectx = OSSL_FUNC_rand_freectx(fns);
  136. fnctxcnt++;
  137. break;
  138. case OSSL_FUNC_RAND_INSTANTIATE:
  139. if (rand->instantiate != NULL)
  140. break;
  141. rand->instantiate = OSSL_FUNC_rand_instantiate(fns);
  142. fnrandcnt++;
  143. break;
  144. case OSSL_FUNC_RAND_UNINSTANTIATE:
  145. if (rand->uninstantiate != NULL)
  146. break;
  147. rand->uninstantiate = OSSL_FUNC_rand_uninstantiate(fns);
  148. fnrandcnt++;
  149. break;
  150. case OSSL_FUNC_RAND_GENERATE:
  151. if (rand->generate != NULL)
  152. break;
  153. rand->generate = OSSL_FUNC_rand_generate(fns);
  154. fnrandcnt++;
  155. break;
  156. case OSSL_FUNC_RAND_RESEED:
  157. if (rand->reseed != NULL)
  158. break;
  159. rand->reseed = OSSL_FUNC_rand_reseed(fns);
  160. break;
  161. case OSSL_FUNC_RAND_NONCE:
  162. if (rand->nonce != NULL)
  163. break;
  164. rand->nonce = OSSL_FUNC_rand_nonce(fns);
  165. break;
  166. case OSSL_FUNC_RAND_ENABLE_LOCKING:
  167. if (rand->enable_locking != NULL)
  168. break;
  169. rand->enable_locking = OSSL_FUNC_rand_enable_locking(fns);
  170. fnenablelockcnt++;
  171. break;
  172. case OSSL_FUNC_RAND_LOCK:
  173. if (rand->lock != NULL)
  174. break;
  175. rand->lock = OSSL_FUNC_rand_lock(fns);
  176. fnlockcnt++;
  177. break;
  178. case OSSL_FUNC_RAND_UNLOCK:
  179. if (rand->unlock != NULL)
  180. break;
  181. rand->unlock = OSSL_FUNC_rand_unlock(fns);
  182. fnlockcnt++;
  183. break;
  184. case OSSL_FUNC_RAND_GETTABLE_PARAMS:
  185. if (rand->gettable_params != NULL)
  186. break;
  187. rand->gettable_params =
  188. OSSL_FUNC_rand_gettable_params(fns);
  189. break;
  190. case OSSL_FUNC_RAND_GETTABLE_CTX_PARAMS:
  191. if (rand->gettable_ctx_params != NULL)
  192. break;
  193. rand->gettable_ctx_params =
  194. OSSL_FUNC_rand_gettable_ctx_params(fns);
  195. break;
  196. case OSSL_FUNC_RAND_SETTABLE_CTX_PARAMS:
  197. if (rand->settable_ctx_params != NULL)
  198. break;
  199. rand->settable_ctx_params =
  200. OSSL_FUNC_rand_settable_ctx_params(fns);
  201. break;
  202. case OSSL_FUNC_RAND_GET_PARAMS:
  203. if (rand->get_params != NULL)
  204. break;
  205. rand->get_params = OSSL_FUNC_rand_get_params(fns);
  206. break;
  207. case OSSL_FUNC_RAND_GET_CTX_PARAMS:
  208. if (rand->get_ctx_params != NULL)
  209. break;
  210. rand->get_ctx_params = OSSL_FUNC_rand_get_ctx_params(fns);
  211. fnctxcnt++;
  212. break;
  213. case OSSL_FUNC_RAND_SET_CTX_PARAMS:
  214. if (rand->set_ctx_params != NULL)
  215. break;
  216. rand->set_ctx_params = OSSL_FUNC_rand_set_ctx_params(fns);
  217. break;
  218. case OSSL_FUNC_RAND_VERIFY_ZEROIZATION:
  219. if (rand->verify_zeroization != NULL)
  220. break;
  221. rand->verify_zeroization = OSSL_FUNC_rand_verify_zeroization(fns);
  222. #ifdef FIPS_MODULE
  223. fnzeroizecnt++;
  224. #endif
  225. break;
  226. case OSSL_FUNC_RAND_GET_SEED:
  227. if (rand->get_seed != NULL)
  228. break;
  229. rand->get_seed = OSSL_FUNC_rand_get_seed(fns);
  230. break;
  231. case OSSL_FUNC_RAND_CLEAR_SEED:
  232. if (rand->clear_seed != NULL)
  233. break;
  234. rand->clear_seed = OSSL_FUNC_rand_clear_seed(fns);
  235. break;
  236. }
  237. }
  238. /*
  239. * In order to be a consistent set of functions we must have at least
  240. * a complete set of "rand" functions and a complete set of context
  241. * management functions. In FIPS mode, we also require the zeroization
  242. * verification function.
  243. *
  244. * In addition, if locking can be enabled, we need a complete set of
  245. * locking functions.
  246. */
  247. if (fnrandcnt != 3
  248. || fnctxcnt != 3
  249. || (fnenablelockcnt != 0 && fnenablelockcnt != 1)
  250. || (fnlockcnt != 0 && fnlockcnt != 2)
  251. #ifdef FIPS_MODULE
  252. || fnzeroizecnt != 1
  253. #endif
  254. ) {
  255. evp_rand_free(rand);
  256. ERR_raise(ERR_LIB_EVP, EVP_R_INVALID_PROVIDER_FUNCTIONS);
  257. return NULL;
  258. }
  259. if (prov != NULL && !ossl_provider_up_ref(prov)) {
  260. evp_rand_free(rand);
  261. ERR_raise(ERR_LIB_EVP, ERR_R_INTERNAL_ERROR);
  262. return NULL;
  263. }
  264. rand->prov = prov;
  265. return rand;
  266. }
  267. EVP_RAND *EVP_RAND_fetch(OSSL_LIB_CTX *libctx, const char *algorithm,
  268. const char *properties)
  269. {
  270. return evp_generic_fetch(libctx, OSSL_OP_RAND, algorithm, properties,
  271. evp_rand_from_algorithm, evp_rand_up_ref,
  272. evp_rand_free);
  273. }
  274. int EVP_RAND_up_ref(EVP_RAND *rand)
  275. {
  276. return evp_rand_up_ref(rand);
  277. }
  278. void EVP_RAND_free(EVP_RAND *rand)
  279. {
  280. evp_rand_free(rand);
  281. }
  282. int evp_rand_get_number(const EVP_RAND *rand)
  283. {
  284. return rand->name_id;
  285. }
  286. const char *EVP_RAND_get0_name(const EVP_RAND *rand)
  287. {
  288. return rand->type_name;
  289. }
  290. const char *EVP_RAND_get0_description(const EVP_RAND *rand)
  291. {
  292. return rand->description;
  293. }
  294. int EVP_RAND_is_a(const EVP_RAND *rand, const char *name)
  295. {
  296. return rand != NULL && evp_is_a(rand->prov, rand->name_id, NULL, name);
  297. }
  298. const OSSL_PROVIDER *EVP_RAND_get0_provider(const EVP_RAND *rand)
  299. {
  300. return rand->prov;
  301. }
  302. int EVP_RAND_get_params(EVP_RAND *rand, OSSL_PARAM params[])
  303. {
  304. if (rand->get_params != NULL)
  305. return rand->get_params(params);
  306. return 1;
  307. }
  308. int EVP_RAND_CTX_up_ref(EVP_RAND_CTX *ctx)
  309. {
  310. int ref = 0;
  311. return CRYPTO_UP_REF(&ctx->refcnt, &ref);
  312. }
  313. EVP_RAND_CTX *EVP_RAND_CTX_new(EVP_RAND *rand, EVP_RAND_CTX *parent)
  314. {
  315. EVP_RAND_CTX *ctx;
  316. void *parent_ctx = NULL;
  317. const OSSL_DISPATCH *parent_dispatch = NULL;
  318. if (rand == NULL) {
  319. ERR_raise(ERR_LIB_EVP, EVP_R_INVALID_NULL_ALGORITHM);
  320. return NULL;
  321. }
  322. ctx = OPENSSL_zalloc(sizeof(*ctx));
  323. if (ctx == NULL)
  324. return NULL;
  325. if (!CRYPTO_NEW_REF(&ctx->refcnt, 1)) {
  326. OPENSSL_free(ctx);
  327. return NULL;
  328. }
  329. if (parent != NULL) {
  330. if (!EVP_RAND_CTX_up_ref(parent)) {
  331. ERR_raise(ERR_LIB_EVP, ERR_R_INTERNAL_ERROR);
  332. CRYPTO_FREE_REF(&ctx->refcnt);
  333. OPENSSL_free(ctx);
  334. return NULL;
  335. }
  336. parent_ctx = parent->algctx;
  337. parent_dispatch = parent->meth->dispatch;
  338. }
  339. if ((ctx->algctx = rand->newctx(ossl_provider_ctx(rand->prov), parent_ctx,
  340. parent_dispatch)) == NULL
  341. || !EVP_RAND_up_ref(rand)) {
  342. ERR_raise(ERR_LIB_EVP, ERR_R_EVP_LIB);
  343. rand->freectx(ctx->algctx);
  344. CRYPTO_FREE_REF(&ctx->refcnt);
  345. OPENSSL_free(ctx);
  346. EVP_RAND_CTX_free(parent);
  347. return NULL;
  348. }
  349. ctx->meth = rand;
  350. ctx->parent = parent;
  351. return ctx;
  352. }
  353. void EVP_RAND_CTX_free(EVP_RAND_CTX *ctx)
  354. {
  355. int ref = 0;
  356. EVP_RAND_CTX *parent;
  357. if (ctx == NULL)
  358. return;
  359. CRYPTO_DOWN_REF(&ctx->refcnt, &ref);
  360. if (ref > 0)
  361. return;
  362. parent = ctx->parent;
  363. ctx->meth->freectx(ctx->algctx);
  364. ctx->algctx = NULL;
  365. EVP_RAND_free(ctx->meth);
  366. CRYPTO_FREE_REF(&ctx->refcnt);
  367. OPENSSL_free(ctx);
  368. EVP_RAND_CTX_free(parent);
  369. }
  370. EVP_RAND *EVP_RAND_CTX_get0_rand(EVP_RAND_CTX *ctx)
  371. {
  372. return ctx->meth;
  373. }
  374. static int evp_rand_get_ctx_params_locked(EVP_RAND_CTX *ctx,
  375. OSSL_PARAM params[])
  376. {
  377. return ctx->meth->get_ctx_params(ctx->algctx, params);
  378. }
  379. int EVP_RAND_CTX_get_params(EVP_RAND_CTX *ctx, OSSL_PARAM params[])
  380. {
  381. int res;
  382. if (!evp_rand_lock(ctx))
  383. return 0;
  384. res = evp_rand_get_ctx_params_locked(ctx, params);
  385. evp_rand_unlock(ctx);
  386. return res;
  387. }
  388. static int evp_rand_set_ctx_params_locked(EVP_RAND_CTX *ctx,
  389. const OSSL_PARAM params[])
  390. {
  391. if (ctx->meth->set_ctx_params != NULL)
  392. return ctx->meth->set_ctx_params(ctx->algctx, params);
  393. return 1;
  394. }
  395. int EVP_RAND_CTX_set_params(EVP_RAND_CTX *ctx, const OSSL_PARAM params[])
  396. {
  397. int res;
  398. if (!evp_rand_lock(ctx))
  399. return 0;
  400. res = evp_rand_set_ctx_params_locked(ctx, params);
  401. evp_rand_unlock(ctx);
  402. return res;
  403. }
  404. const OSSL_PARAM *EVP_RAND_gettable_params(const EVP_RAND *rand)
  405. {
  406. if (rand->gettable_params == NULL)
  407. return NULL;
  408. return rand->gettable_params(ossl_provider_ctx(EVP_RAND_get0_provider(rand)));
  409. }
  410. const OSSL_PARAM *EVP_RAND_gettable_ctx_params(const EVP_RAND *rand)
  411. {
  412. void *provctx;
  413. if (rand->gettable_ctx_params == NULL)
  414. return NULL;
  415. provctx = ossl_provider_ctx(EVP_RAND_get0_provider(rand));
  416. return rand->gettable_ctx_params(NULL, provctx);
  417. }
  418. const OSSL_PARAM *EVP_RAND_settable_ctx_params(const EVP_RAND *rand)
  419. {
  420. void *provctx;
  421. if (rand->settable_ctx_params == NULL)
  422. return NULL;
  423. provctx = ossl_provider_ctx(EVP_RAND_get0_provider(rand));
  424. return rand->settable_ctx_params(NULL, provctx);
  425. }
  426. const OSSL_PARAM *EVP_RAND_CTX_gettable_params(EVP_RAND_CTX *ctx)
  427. {
  428. void *provctx;
  429. if (ctx->meth->gettable_ctx_params == NULL)
  430. return NULL;
  431. provctx = ossl_provider_ctx(EVP_RAND_get0_provider(ctx->meth));
  432. return ctx->meth->gettable_ctx_params(ctx->algctx, provctx);
  433. }
  434. const OSSL_PARAM *EVP_RAND_CTX_settable_params(EVP_RAND_CTX *ctx)
  435. {
  436. void *provctx;
  437. if (ctx->meth->settable_ctx_params == NULL)
  438. return NULL;
  439. provctx = ossl_provider_ctx(EVP_RAND_get0_provider(ctx->meth));
  440. return ctx->meth->settable_ctx_params(ctx->algctx, provctx);
  441. }
  442. void EVP_RAND_do_all_provided(OSSL_LIB_CTX *libctx,
  443. void (*fn)(EVP_RAND *rand, void *arg),
  444. void *arg)
  445. {
  446. evp_generic_do_all(libctx, OSSL_OP_RAND,
  447. (void (*)(void *, void *))fn, arg,
  448. evp_rand_from_algorithm, evp_rand_up_ref,
  449. evp_rand_free);
  450. }
  451. int EVP_RAND_names_do_all(const EVP_RAND *rand,
  452. void (*fn)(const char *name, void *data),
  453. void *data)
  454. {
  455. if (rand->prov != NULL)
  456. return evp_names_do_all(rand->prov, rand->name_id, fn, data);
  457. return 1;
  458. }
  459. static int evp_rand_instantiate_locked
  460. (EVP_RAND_CTX *ctx, unsigned int strength, int prediction_resistance,
  461. const unsigned char *pstr, size_t pstr_len, const OSSL_PARAM params[])
  462. {
  463. return ctx->meth->instantiate(ctx->algctx, strength, prediction_resistance,
  464. pstr, pstr_len, params);
  465. }
  466. int EVP_RAND_instantiate(EVP_RAND_CTX *ctx, unsigned int strength,
  467. int prediction_resistance,
  468. const unsigned char *pstr, size_t pstr_len,
  469. const OSSL_PARAM params[])
  470. {
  471. int res;
  472. if (!evp_rand_lock(ctx))
  473. return 0;
  474. res = evp_rand_instantiate_locked(ctx, strength, prediction_resistance,
  475. pstr, pstr_len, params);
  476. evp_rand_unlock(ctx);
  477. return res;
  478. }
  479. static int evp_rand_uninstantiate_locked(EVP_RAND_CTX *ctx)
  480. {
  481. return ctx->meth->uninstantiate(ctx->algctx);
  482. }
  483. int EVP_RAND_uninstantiate(EVP_RAND_CTX *ctx)
  484. {
  485. int res;
  486. if (!evp_rand_lock(ctx))
  487. return 0;
  488. res = evp_rand_uninstantiate_locked(ctx);
  489. evp_rand_unlock(ctx);
  490. return res;
  491. }
  492. static int evp_rand_generate_locked(EVP_RAND_CTX *ctx, unsigned char *out,
  493. size_t outlen, unsigned int strength,
  494. int prediction_resistance,
  495. const unsigned char *addin,
  496. size_t addin_len)
  497. {
  498. size_t chunk, max_request = 0;
  499. OSSL_PARAM params[2] = { OSSL_PARAM_END, OSSL_PARAM_END };
  500. params[0] = OSSL_PARAM_construct_size_t(OSSL_RAND_PARAM_MAX_REQUEST,
  501. &max_request);
  502. if (!evp_rand_get_ctx_params_locked(ctx, params)
  503. || max_request == 0) {
  504. ERR_raise(ERR_LIB_EVP, EVP_R_UNABLE_TO_GET_MAXIMUM_REQUEST_SIZE);
  505. return 0;
  506. }
  507. for (; outlen > 0; outlen -= chunk, out += chunk) {
  508. chunk = outlen > max_request ? max_request : outlen;
  509. if (!ctx->meth->generate(ctx->algctx, out, chunk, strength,
  510. prediction_resistance, addin, addin_len)) {
  511. ERR_raise(ERR_LIB_EVP, EVP_R_GENERATE_ERROR);
  512. return 0;
  513. }
  514. /*
  515. * Prediction resistance is only relevant the first time around,
  516. * subsequently, the DRBG has already been properly reseeded.
  517. */
  518. prediction_resistance = 0;
  519. }
  520. return 1;
  521. }
  522. int EVP_RAND_generate(EVP_RAND_CTX *ctx, unsigned char *out, size_t outlen,
  523. unsigned int strength, int prediction_resistance,
  524. const unsigned char *addin, size_t addin_len)
  525. {
  526. int res;
  527. if (!evp_rand_lock(ctx))
  528. return 0;
  529. res = evp_rand_generate_locked(ctx, out, outlen, strength,
  530. prediction_resistance, addin, addin_len);
  531. evp_rand_unlock(ctx);
  532. return res;
  533. }
  534. static int evp_rand_reseed_locked(EVP_RAND_CTX *ctx, int prediction_resistance,
  535. const unsigned char *ent, size_t ent_len,
  536. const unsigned char *addin, size_t addin_len)
  537. {
  538. if (ctx->meth->reseed != NULL)
  539. return ctx->meth->reseed(ctx->algctx, prediction_resistance,
  540. ent, ent_len, addin, addin_len);
  541. return 1;
  542. }
  543. int EVP_RAND_reseed(EVP_RAND_CTX *ctx, int prediction_resistance,
  544. const unsigned char *ent, size_t ent_len,
  545. const unsigned char *addin, size_t addin_len)
  546. {
  547. int res;
  548. if (!evp_rand_lock(ctx))
  549. return 0;
  550. res = evp_rand_reseed_locked(ctx, prediction_resistance,
  551. ent, ent_len, addin, addin_len);
  552. evp_rand_unlock(ctx);
  553. return res;
  554. }
  555. static unsigned int evp_rand_strength_locked(EVP_RAND_CTX *ctx)
  556. {
  557. OSSL_PARAM params[2] = { OSSL_PARAM_END, OSSL_PARAM_END };
  558. unsigned int strength = 0;
  559. params[0] = OSSL_PARAM_construct_uint(OSSL_RAND_PARAM_STRENGTH, &strength);
  560. if (!evp_rand_get_ctx_params_locked(ctx, params))
  561. return 0;
  562. return strength;
  563. }
  564. unsigned int EVP_RAND_get_strength(EVP_RAND_CTX *ctx)
  565. {
  566. unsigned int res;
  567. if (!evp_rand_lock(ctx))
  568. return 0;
  569. res = evp_rand_strength_locked(ctx);
  570. evp_rand_unlock(ctx);
  571. return res;
  572. }
  573. static int evp_rand_nonce_locked(EVP_RAND_CTX *ctx, unsigned char *out,
  574. size_t outlen)
  575. {
  576. unsigned int str = evp_rand_strength_locked(ctx);
  577. if (ctx->meth->nonce == NULL)
  578. return 0;
  579. if (ctx->meth->nonce(ctx->algctx, out, str, outlen, outlen))
  580. return 1;
  581. return evp_rand_generate_locked(ctx, out, outlen, str, 0, NULL, 0);
  582. }
  583. int EVP_RAND_nonce(EVP_RAND_CTX *ctx, unsigned char *out, size_t outlen)
  584. {
  585. int res;
  586. if (!evp_rand_lock(ctx))
  587. return 0;
  588. res = evp_rand_nonce_locked(ctx, out, outlen);
  589. evp_rand_unlock(ctx);
  590. return res;
  591. }
  592. int EVP_RAND_get_state(EVP_RAND_CTX *ctx)
  593. {
  594. OSSL_PARAM params[2] = { OSSL_PARAM_END, OSSL_PARAM_END };
  595. int state;
  596. params[0] = OSSL_PARAM_construct_int(OSSL_RAND_PARAM_STATE, &state);
  597. if (!EVP_RAND_CTX_get_params(ctx, params))
  598. state = EVP_RAND_STATE_ERROR;
  599. return state;
  600. }
  601. static int evp_rand_verify_zeroization_locked(EVP_RAND_CTX *ctx)
  602. {
  603. if (ctx->meth->verify_zeroization != NULL)
  604. return ctx->meth->verify_zeroization(ctx->algctx);
  605. return 0;
  606. }
  607. int EVP_RAND_verify_zeroization(EVP_RAND_CTX *ctx)
  608. {
  609. int res;
  610. if (!evp_rand_lock(ctx))
  611. return 0;
  612. res = evp_rand_verify_zeroization_locked(ctx);
  613. evp_rand_unlock(ctx);
  614. return res;
  615. }
  616. int evp_rand_can_seed(EVP_RAND_CTX *ctx)
  617. {
  618. return ctx->meth->get_seed != NULL;
  619. }
  620. static size_t evp_rand_get_seed_locked(EVP_RAND_CTX *ctx,
  621. unsigned char **buffer,
  622. int entropy,
  623. size_t min_len, size_t max_len,
  624. int prediction_resistance,
  625. const unsigned char *adin,
  626. size_t adin_len)
  627. {
  628. if (ctx->meth->get_seed != NULL)
  629. return ctx->meth->get_seed(ctx->algctx, buffer,
  630. entropy, min_len, max_len,
  631. prediction_resistance,
  632. adin, adin_len);
  633. return 0;
  634. }
  635. size_t evp_rand_get_seed(EVP_RAND_CTX *ctx,
  636. unsigned char **buffer,
  637. int entropy, size_t min_len, size_t max_len,
  638. int prediction_resistance,
  639. const unsigned char *adin, size_t adin_len)
  640. {
  641. int res;
  642. if (!evp_rand_lock(ctx))
  643. return 0;
  644. res = evp_rand_get_seed_locked(ctx,
  645. buffer,
  646. entropy, min_len, max_len,
  647. prediction_resistance,
  648. adin, adin_len);
  649. evp_rand_unlock(ctx);
  650. return res;
  651. }
  652. static void evp_rand_clear_seed_locked(EVP_RAND_CTX *ctx,
  653. unsigned char *buffer, size_t b_len)
  654. {
  655. if (ctx->meth->clear_seed != NULL)
  656. ctx->meth->clear_seed(ctx->algctx, buffer, b_len);
  657. }
  658. void evp_rand_clear_seed(EVP_RAND_CTX *ctx,
  659. unsigned char *buffer, size_t b_len)
  660. {
  661. if (!evp_rand_lock(ctx))
  662. return;
  663. evp_rand_clear_seed_locked(ctx, buffer, b_len);
  664. evp_rand_unlock(ctx);
  665. }