evp_rand.c 20 KB

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177178179180181182183184185186187188189190191192193194195196197198199200201202203204205206207208209210211212213214215216217218219220221222223224225226227228229230231232233234235236237238239240241242243244245246247248249250251252253254255256257258259260261262263264265266267268269270271272273274275276277278279280281282283284285286287288289290291292293294295296297298299300301302303304305306307308309310311312313314315316317318319320321322323324325326327328329330331332333334335336337338339340341342343344345346347348349350351352353354355356357358359360361362363364365366367368369370371372373374375376377378379380381382383384385386387388389390391392393394395396397398399400401402403404405406407408409410411412413414415416417418419420421422423424425426427428429430431432433434435436437438439440441442443444445446447448449450451452453454455456457458459460461462463464465466467468469470471472473474475476477478479480481482483484485486487488489490491492493494495496497498499500501502503504505506507508509510511512513514515516517518519520521522523524525526527528529530531532533534535536537538539540541542543544545546547548549550551552553554555556557558559560561562563564565566567568569570571572573574575576577578579580581582583584585586587588589590591592593594595596597598599600601602603604605606607608609610611612613614615616617618619620621622623624625626627628629630631632633634635636637638639640641642643644645646647648649650651652653654655656657658659660661662663664665666667668669670671672673674675676677678679680681682
  1. /*
  2. * Copyright 2020-2021 The OpenSSL Project Authors. All Rights Reserved.
  3. *
  4. * Licensed under the Apache License 2.0 (the "License"). You may not use
  5. * this file except in compliance with the License. You can obtain a copy
  6. * in the file LICENSE in the source distribution or at
  7. * https://www.openssl.org/source/license.html
  8. */
  9. #include <stdio.h>
  10. #include <stdlib.h>
  11. #include <openssl/evp.h>
  12. #include <openssl/rand.h>
  13. #include <openssl/core.h>
  14. #include <openssl/core_names.h>
  15. #include <openssl/crypto.h>
  16. #include "internal/cryptlib.h"
  17. #include "internal/numbers.h"
  18. #include "internal/provider.h"
  19. #include "internal/core.h"
  20. #include "crypto/evp.h"
  21. #include "evp_local.h"
  22. struct evp_rand_st {
  23. OSSL_PROVIDER *prov;
  24. int name_id;
  25. char *type_name;
  26. const char *description;
  27. CRYPTO_REF_COUNT refcnt;
  28. CRYPTO_RWLOCK *refcnt_lock;
  29. const OSSL_DISPATCH *dispatch;
  30. OSSL_FUNC_rand_newctx_fn *newctx;
  31. OSSL_FUNC_rand_freectx_fn *freectx;
  32. OSSL_FUNC_rand_instantiate_fn *instantiate;
  33. OSSL_FUNC_rand_uninstantiate_fn *uninstantiate;
  34. OSSL_FUNC_rand_generate_fn *generate;
  35. OSSL_FUNC_rand_reseed_fn *reseed;
  36. OSSL_FUNC_rand_nonce_fn *nonce;
  37. OSSL_FUNC_rand_enable_locking_fn *enable_locking;
  38. OSSL_FUNC_rand_lock_fn *lock;
  39. OSSL_FUNC_rand_unlock_fn *unlock;
  40. OSSL_FUNC_rand_gettable_params_fn *gettable_params;
  41. OSSL_FUNC_rand_gettable_ctx_params_fn *gettable_ctx_params;
  42. OSSL_FUNC_rand_settable_ctx_params_fn *settable_ctx_params;
  43. OSSL_FUNC_rand_get_params_fn *get_params;
  44. OSSL_FUNC_rand_get_ctx_params_fn *get_ctx_params;
  45. OSSL_FUNC_rand_set_ctx_params_fn *set_ctx_params;
  46. OSSL_FUNC_rand_verify_zeroization_fn *verify_zeroization;
  47. } /* EVP_RAND */ ;
  48. static int evp_rand_up_ref(void *vrand)
  49. {
  50. EVP_RAND *rand = (EVP_RAND *)vrand;
  51. int ref = 0;
  52. if (rand != NULL)
  53. return CRYPTO_UP_REF(&rand->refcnt, &ref, rand->refcnt_lock);
  54. return 1;
  55. }
  56. static void evp_rand_free(void *vrand)
  57. {
  58. EVP_RAND *rand = (EVP_RAND *)vrand;
  59. int ref = 0;
  60. if (rand == NULL)
  61. return;
  62. CRYPTO_DOWN_REF(&rand->refcnt, &ref, rand->refcnt_lock);
  63. if (ref > 0)
  64. return;
  65. OPENSSL_free(rand->type_name);
  66. ossl_provider_free(rand->prov);
  67. CRYPTO_THREAD_lock_free(rand->refcnt_lock);
  68. OPENSSL_free(rand);
  69. }
  70. static void *evp_rand_new(void)
  71. {
  72. EVP_RAND *rand = OPENSSL_zalloc(sizeof(*rand));
  73. if (rand == NULL
  74. || (rand->refcnt_lock = CRYPTO_THREAD_lock_new()) == NULL) {
  75. OPENSSL_free(rand);
  76. return NULL;
  77. }
  78. rand->refcnt = 1;
  79. return rand;
  80. }
  81. /* Enable locking of the underlying DRBG/RAND if available */
  82. int EVP_RAND_enable_locking(EVP_RAND_CTX *rand)
  83. {
  84. if (rand->meth->enable_locking != NULL)
  85. return rand->meth->enable_locking(rand->algctx);
  86. ERR_raise(ERR_LIB_EVP, EVP_R_LOCKING_NOT_SUPPORTED);
  87. return 0;
  88. }
  89. /* Lock the underlying DRBG/RAND if available */
  90. static int evp_rand_lock(EVP_RAND_CTX *rand)
  91. {
  92. if (rand->meth->lock != NULL)
  93. return rand->meth->lock(rand->algctx);
  94. return 1;
  95. }
  96. /* Unlock the underlying DRBG/RAND if available */
  97. static void evp_rand_unlock(EVP_RAND_CTX *rand)
  98. {
  99. if (rand->meth->unlock != NULL)
  100. rand->meth->unlock(rand->algctx);
  101. }
  102. static void *evp_rand_from_algorithm(int name_id,
  103. const OSSL_ALGORITHM *algodef,
  104. OSSL_PROVIDER *prov)
  105. {
  106. const OSSL_DISPATCH *fns = algodef->implementation;
  107. EVP_RAND *rand = NULL;
  108. int fnrandcnt = 0, fnctxcnt = 0, fnlockcnt = 0, fnenablelockcnt = 0;
  109. #ifdef FIPS_MODULE
  110. int fnzeroizecnt = 0;
  111. #endif
  112. if ((rand = evp_rand_new()) == NULL) {
  113. ERR_raise(ERR_LIB_EVP, ERR_R_MALLOC_FAILURE);
  114. return NULL;
  115. }
  116. rand->name_id = name_id;
  117. if ((rand->type_name = ossl_algorithm_get1_first_name(algodef)) == NULL) {
  118. evp_rand_free(rand);
  119. return NULL;
  120. }
  121. rand->description = algodef->algorithm_description;
  122. rand->dispatch = fns;
  123. for (; fns->function_id != 0; fns++) {
  124. switch (fns->function_id) {
  125. case OSSL_FUNC_RAND_NEWCTX:
  126. if (rand->newctx != NULL)
  127. break;
  128. rand->newctx = OSSL_FUNC_rand_newctx(fns);
  129. fnctxcnt++;
  130. break;
  131. case OSSL_FUNC_RAND_FREECTX:
  132. if (rand->freectx != NULL)
  133. break;
  134. rand->freectx = OSSL_FUNC_rand_freectx(fns);
  135. fnctxcnt++;
  136. break;
  137. case OSSL_FUNC_RAND_INSTANTIATE:
  138. if (rand->instantiate != NULL)
  139. break;
  140. rand->instantiate = OSSL_FUNC_rand_instantiate(fns);
  141. fnrandcnt++;
  142. break;
  143. case OSSL_FUNC_RAND_UNINSTANTIATE:
  144. if (rand->uninstantiate != NULL)
  145. break;
  146. rand->uninstantiate = OSSL_FUNC_rand_uninstantiate(fns);
  147. fnrandcnt++;
  148. break;
  149. case OSSL_FUNC_RAND_GENERATE:
  150. if (rand->generate != NULL)
  151. break;
  152. rand->generate = OSSL_FUNC_rand_generate(fns);
  153. fnrandcnt++;
  154. break;
  155. case OSSL_FUNC_RAND_RESEED:
  156. if (rand->reseed != NULL)
  157. break;
  158. rand->reseed = OSSL_FUNC_rand_reseed(fns);
  159. break;
  160. case OSSL_FUNC_RAND_NONCE:
  161. if (rand->nonce != NULL)
  162. break;
  163. rand->nonce = OSSL_FUNC_rand_nonce(fns);
  164. break;
  165. case OSSL_FUNC_RAND_ENABLE_LOCKING:
  166. if (rand->enable_locking != NULL)
  167. break;
  168. rand->enable_locking = OSSL_FUNC_rand_enable_locking(fns);
  169. fnenablelockcnt++;
  170. break;
  171. case OSSL_FUNC_RAND_LOCK:
  172. if (rand->lock != NULL)
  173. break;
  174. rand->lock = OSSL_FUNC_rand_lock(fns);
  175. fnlockcnt++;
  176. break;
  177. case OSSL_FUNC_RAND_UNLOCK:
  178. if (rand->unlock != NULL)
  179. break;
  180. rand->unlock = OSSL_FUNC_rand_unlock(fns);
  181. fnlockcnt++;
  182. break;
  183. case OSSL_FUNC_RAND_GETTABLE_PARAMS:
  184. if (rand->gettable_params != NULL)
  185. break;
  186. rand->gettable_params =
  187. OSSL_FUNC_rand_gettable_params(fns);
  188. break;
  189. case OSSL_FUNC_RAND_GETTABLE_CTX_PARAMS:
  190. if (rand->gettable_ctx_params != NULL)
  191. break;
  192. rand->gettable_ctx_params =
  193. OSSL_FUNC_rand_gettable_ctx_params(fns);
  194. break;
  195. case OSSL_FUNC_RAND_SETTABLE_CTX_PARAMS:
  196. if (rand->settable_ctx_params != NULL)
  197. break;
  198. rand->settable_ctx_params =
  199. OSSL_FUNC_rand_settable_ctx_params(fns);
  200. break;
  201. case OSSL_FUNC_RAND_GET_PARAMS:
  202. if (rand->get_params != NULL)
  203. break;
  204. rand->get_params = OSSL_FUNC_rand_get_params(fns);
  205. break;
  206. case OSSL_FUNC_RAND_GET_CTX_PARAMS:
  207. if (rand->get_ctx_params != NULL)
  208. break;
  209. rand->get_ctx_params = OSSL_FUNC_rand_get_ctx_params(fns);
  210. fnctxcnt++;
  211. break;
  212. case OSSL_FUNC_RAND_SET_CTX_PARAMS:
  213. if (rand->set_ctx_params != NULL)
  214. break;
  215. rand->set_ctx_params = OSSL_FUNC_rand_set_ctx_params(fns);
  216. break;
  217. case OSSL_FUNC_RAND_VERIFY_ZEROIZATION:
  218. if (rand->verify_zeroization != NULL)
  219. break;
  220. rand->verify_zeroization = OSSL_FUNC_rand_verify_zeroization(fns);
  221. #ifdef FIPS_MODULE
  222. fnzeroizecnt++;
  223. #endif
  224. break;
  225. }
  226. }
  227. /*
  228. * In order to be a consistent set of functions we must have at least
  229. * a complete set of "rand" functions and a complete set of context
  230. * management functions. In FIPS mode, we also require the zeroization
  231. * verification function.
  232. *
  233. * In addition, if locking can be enabled, we need a complete set of
  234. * locking functions.
  235. */
  236. if (fnrandcnt != 3
  237. || fnctxcnt != 3
  238. || (fnenablelockcnt != 0 && fnenablelockcnt != 1)
  239. || (fnlockcnt != 0 && fnlockcnt != 2)
  240. #ifdef FIPS_MODULE
  241. || fnzeroizecnt != 1
  242. #endif
  243. ) {
  244. evp_rand_free(rand);
  245. ERR_raise(ERR_LIB_EVP, EVP_R_INVALID_PROVIDER_FUNCTIONS);
  246. return NULL;
  247. }
  248. if (prov != NULL && !ossl_provider_up_ref(prov)) {
  249. evp_rand_free(rand);
  250. ERR_raise(ERR_LIB_EVP, ERR_R_INTERNAL_ERROR);
  251. return NULL;
  252. }
  253. rand->prov = prov;
  254. return rand;
  255. }
  256. EVP_RAND *EVP_RAND_fetch(OSSL_LIB_CTX *libctx, const char *algorithm,
  257. const char *properties)
  258. {
  259. return evp_generic_fetch(libctx, OSSL_OP_RAND, algorithm, properties,
  260. evp_rand_from_algorithm, evp_rand_up_ref,
  261. evp_rand_free);
  262. }
  263. int EVP_RAND_up_ref(EVP_RAND *rand)
  264. {
  265. return evp_rand_up_ref(rand);
  266. }
  267. void EVP_RAND_free(EVP_RAND *rand)
  268. {
  269. evp_rand_free(rand);
  270. }
  271. int evp_rand_get_number(const EVP_RAND *rand)
  272. {
  273. return rand->name_id;
  274. }
  275. const char *EVP_RAND_get0_name(const EVP_RAND *rand)
  276. {
  277. return rand->type_name;
  278. }
  279. const char *EVP_RAND_get0_description(const EVP_RAND *rand)
  280. {
  281. return rand->description;
  282. }
  283. int EVP_RAND_is_a(const EVP_RAND *rand, const char *name)
  284. {
  285. return rand != NULL && evp_is_a(rand->prov, rand->name_id, NULL, name);
  286. }
  287. const OSSL_PROVIDER *EVP_RAND_get0_provider(const EVP_RAND *rand)
  288. {
  289. return rand->prov;
  290. }
  291. int EVP_RAND_get_params(EVP_RAND *rand, OSSL_PARAM params[])
  292. {
  293. if (rand->get_params != NULL)
  294. return rand->get_params(params);
  295. return 1;
  296. }
  297. static int evp_rand_ctx_up_ref(EVP_RAND_CTX *ctx)
  298. {
  299. int ref = 0;
  300. return CRYPTO_UP_REF(&ctx->refcnt, &ref, ctx->refcnt_lock);
  301. }
  302. EVP_RAND_CTX *EVP_RAND_CTX_new(EVP_RAND *rand, EVP_RAND_CTX *parent)
  303. {
  304. EVP_RAND_CTX *ctx;
  305. void *parent_ctx = NULL;
  306. const OSSL_DISPATCH *parent_dispatch = NULL;
  307. if (rand == NULL) {
  308. ERR_raise(ERR_LIB_EVP, EVP_R_INVALID_NULL_ALGORITHM);
  309. return NULL;
  310. }
  311. ctx = OPENSSL_zalloc(sizeof(*ctx));
  312. if (ctx == NULL || (ctx->refcnt_lock = CRYPTO_THREAD_lock_new()) == NULL) {
  313. OPENSSL_free(ctx);
  314. ERR_raise(ERR_LIB_EVP, ERR_R_MALLOC_FAILURE);
  315. return NULL;
  316. }
  317. if (parent != NULL) {
  318. if (!evp_rand_ctx_up_ref(parent)) {
  319. ERR_raise(ERR_LIB_EVP, ERR_R_INTERNAL_ERROR);
  320. CRYPTO_THREAD_lock_free(ctx->refcnt_lock);
  321. OPENSSL_free(ctx);
  322. return NULL;
  323. }
  324. parent_ctx = parent->algctx;
  325. parent_dispatch = parent->meth->dispatch;
  326. }
  327. if ((ctx->algctx = rand->newctx(ossl_provider_ctx(rand->prov), parent_ctx,
  328. parent_dispatch)) == NULL
  329. || !EVP_RAND_up_ref(rand)) {
  330. ERR_raise(ERR_LIB_EVP, ERR_R_MALLOC_FAILURE);
  331. rand->freectx(ctx->algctx);
  332. CRYPTO_THREAD_lock_free(ctx->refcnt_lock);
  333. OPENSSL_free(ctx);
  334. EVP_RAND_CTX_free(parent);
  335. return NULL;
  336. }
  337. ctx->meth = rand;
  338. ctx->parent = parent;
  339. ctx->refcnt = 1;
  340. return ctx;
  341. }
  342. void EVP_RAND_CTX_free(EVP_RAND_CTX *ctx)
  343. {
  344. int ref = 0;
  345. EVP_RAND_CTX *parent;
  346. if (ctx == NULL)
  347. return;
  348. CRYPTO_DOWN_REF(&ctx->refcnt, &ref, ctx->refcnt_lock);
  349. if (ref > 0)
  350. return;
  351. parent = ctx->parent;
  352. ctx->meth->freectx(ctx->algctx);
  353. ctx->algctx = NULL;
  354. EVP_RAND_free(ctx->meth);
  355. CRYPTO_THREAD_lock_free(ctx->refcnt_lock);
  356. OPENSSL_free(ctx);
  357. EVP_RAND_CTX_free(parent);
  358. }
  359. EVP_RAND *EVP_RAND_CTX_get0_rand(EVP_RAND_CTX *ctx)
  360. {
  361. return ctx->meth;
  362. }
  363. static int evp_rand_get_ctx_params_locked(EVP_RAND_CTX *ctx,
  364. OSSL_PARAM params[])
  365. {
  366. return ctx->meth->get_ctx_params(ctx->algctx, params);
  367. }
  368. int EVP_RAND_CTX_get_params(EVP_RAND_CTX *ctx, OSSL_PARAM params[])
  369. {
  370. int res;
  371. if (!evp_rand_lock(ctx))
  372. return 0;
  373. res = evp_rand_get_ctx_params_locked(ctx, params);
  374. evp_rand_unlock(ctx);
  375. return res;
  376. }
  377. static int evp_rand_set_ctx_params_locked(EVP_RAND_CTX *ctx,
  378. const OSSL_PARAM params[])
  379. {
  380. if (ctx->meth->set_ctx_params != NULL)
  381. return ctx->meth->set_ctx_params(ctx->algctx, params);
  382. return 1;
  383. }
  384. int EVP_RAND_CTX_set_params(EVP_RAND_CTX *ctx, const OSSL_PARAM params[])
  385. {
  386. int res;
  387. if (!evp_rand_lock(ctx))
  388. return 0;
  389. res = evp_rand_set_ctx_params_locked(ctx, params);
  390. evp_rand_unlock(ctx);
  391. return res;
  392. }
  393. const OSSL_PARAM *EVP_RAND_gettable_params(const EVP_RAND *rand)
  394. {
  395. if (rand->gettable_params == NULL)
  396. return NULL;
  397. return rand->gettable_params(ossl_provider_ctx(EVP_RAND_get0_provider(rand)));
  398. }
  399. const OSSL_PARAM *EVP_RAND_gettable_ctx_params(const EVP_RAND *rand)
  400. {
  401. void *provctx;
  402. if (rand->gettable_ctx_params == NULL)
  403. return NULL;
  404. provctx = ossl_provider_ctx(EVP_RAND_get0_provider(rand));
  405. return rand->gettable_ctx_params(NULL, provctx);
  406. }
  407. const OSSL_PARAM *EVP_RAND_settable_ctx_params(const EVP_RAND *rand)
  408. {
  409. void *provctx;
  410. if (rand->settable_ctx_params == NULL)
  411. return NULL;
  412. provctx = ossl_provider_ctx(EVP_RAND_get0_provider(rand));
  413. return rand->settable_ctx_params(NULL, provctx);
  414. }
  415. const OSSL_PARAM *EVP_RAND_CTX_gettable_params(EVP_RAND_CTX *ctx)
  416. {
  417. void *provctx;
  418. if (ctx->meth->gettable_ctx_params == NULL)
  419. return NULL;
  420. provctx = ossl_provider_ctx(EVP_RAND_get0_provider(ctx->meth));
  421. return ctx->meth->gettable_ctx_params(ctx->algctx, provctx);
  422. }
  423. const OSSL_PARAM *EVP_RAND_CTX_settable_params(EVP_RAND_CTX *ctx)
  424. {
  425. void *provctx;
  426. if (ctx->meth->settable_ctx_params == NULL)
  427. return NULL;
  428. provctx = ossl_provider_ctx(EVP_RAND_get0_provider(ctx->meth));
  429. return ctx->meth->settable_ctx_params(ctx->algctx, provctx);
  430. }
  431. void EVP_RAND_do_all_provided(OSSL_LIB_CTX *libctx,
  432. void (*fn)(EVP_RAND *rand, void *arg),
  433. void *arg)
  434. {
  435. evp_generic_do_all(libctx, OSSL_OP_RAND,
  436. (void (*)(void *, void *))fn, arg,
  437. evp_rand_from_algorithm, evp_rand_up_ref,
  438. evp_rand_free);
  439. }
  440. int EVP_RAND_names_do_all(const EVP_RAND *rand,
  441. void (*fn)(const char *name, void *data),
  442. void *data)
  443. {
  444. if (rand->prov != NULL)
  445. return evp_names_do_all(rand->prov, rand->name_id, fn, data);
  446. return 1;
  447. }
  448. static int evp_rand_instantiate_locked
  449. (EVP_RAND_CTX *ctx, unsigned int strength, int prediction_resistance,
  450. const unsigned char *pstr, size_t pstr_len, const OSSL_PARAM params[])
  451. {
  452. return ctx->meth->instantiate(ctx->algctx, strength, prediction_resistance,
  453. pstr, pstr_len, params);
  454. }
  455. int EVP_RAND_instantiate(EVP_RAND_CTX *ctx, unsigned int strength,
  456. int prediction_resistance,
  457. const unsigned char *pstr, size_t pstr_len,
  458. const OSSL_PARAM params[])
  459. {
  460. int res;
  461. if (!evp_rand_lock(ctx))
  462. return 0;
  463. res = evp_rand_instantiate_locked(ctx, strength, prediction_resistance,
  464. pstr, pstr_len, params);
  465. evp_rand_unlock(ctx);
  466. return res;
  467. }
  468. static int evp_rand_uninstantiate_locked(EVP_RAND_CTX *ctx)
  469. {
  470. return ctx->meth->uninstantiate(ctx->algctx);
  471. }
  472. int EVP_RAND_uninstantiate(EVP_RAND_CTX *ctx)
  473. {
  474. int res;
  475. if (!evp_rand_lock(ctx))
  476. return 0;
  477. res = evp_rand_uninstantiate_locked(ctx);
  478. evp_rand_unlock(ctx);
  479. return res;
  480. }
  481. static int evp_rand_generate_locked(EVP_RAND_CTX *ctx, unsigned char *out,
  482. size_t outlen, unsigned int strength,
  483. int prediction_resistance,
  484. const unsigned char *addin,
  485. size_t addin_len)
  486. {
  487. size_t chunk, max_request = 0;
  488. OSSL_PARAM params[2] = { OSSL_PARAM_END, OSSL_PARAM_END };
  489. params[0] = OSSL_PARAM_construct_size_t(OSSL_RAND_PARAM_MAX_REQUEST,
  490. &max_request);
  491. if (!evp_rand_get_ctx_params_locked(ctx, params)
  492. || max_request == 0) {
  493. ERR_raise(ERR_LIB_EVP, EVP_R_UNABLE_TO_GET_MAXIMUM_REQUEST_SIZE);
  494. return 0;
  495. }
  496. for (; outlen > 0; outlen -= chunk, out += chunk) {
  497. chunk = outlen > max_request ? max_request : outlen;
  498. if (!ctx->meth->generate(ctx->algctx, out, chunk, strength,
  499. prediction_resistance, addin, addin_len)) {
  500. ERR_raise(ERR_LIB_EVP, EVP_R_GENERATE_ERROR);
  501. return 0;
  502. }
  503. /*
  504. * Prediction resistance is only relevant the first time around,
  505. * subsequently, the DRBG has already been properly reseeded.
  506. */
  507. prediction_resistance = 0;
  508. }
  509. return 1;
  510. }
  511. int EVP_RAND_generate(EVP_RAND_CTX *ctx, unsigned char *out, size_t outlen,
  512. unsigned int strength, int prediction_resistance,
  513. const unsigned char *addin, size_t addin_len)
  514. {
  515. int res;
  516. if (!evp_rand_lock(ctx))
  517. return 0;
  518. res = evp_rand_generate_locked(ctx, out, outlen, strength,
  519. prediction_resistance, addin, addin_len);
  520. evp_rand_unlock(ctx);
  521. return res;
  522. }
  523. static int evp_rand_reseed_locked(EVP_RAND_CTX *ctx, int prediction_resistance,
  524. const unsigned char *ent, size_t ent_len,
  525. const unsigned char *addin, size_t addin_len)
  526. {
  527. if (ctx->meth->reseed != NULL)
  528. return ctx->meth->reseed(ctx->algctx, prediction_resistance,
  529. ent, ent_len, addin, addin_len);
  530. return 1;
  531. }
  532. int EVP_RAND_reseed(EVP_RAND_CTX *ctx, int prediction_resistance,
  533. const unsigned char *ent, size_t ent_len,
  534. const unsigned char *addin, size_t addin_len)
  535. {
  536. int res;
  537. if (!evp_rand_lock(ctx))
  538. return 0;
  539. res = evp_rand_reseed_locked(ctx, prediction_resistance,
  540. ent, ent_len, addin, addin_len);
  541. evp_rand_unlock(ctx);
  542. return res;
  543. }
  544. static unsigned int evp_rand_strength_locked(EVP_RAND_CTX *ctx)
  545. {
  546. OSSL_PARAM params[2] = { OSSL_PARAM_END, OSSL_PARAM_END };
  547. unsigned int strength = 0;
  548. params[0] = OSSL_PARAM_construct_uint(OSSL_RAND_PARAM_STRENGTH, &strength);
  549. if (!evp_rand_get_ctx_params_locked(ctx, params))
  550. return 0;
  551. return strength;
  552. }
  553. unsigned int EVP_RAND_get_strength(EVP_RAND_CTX *ctx)
  554. {
  555. unsigned int res;
  556. if (!evp_rand_lock(ctx))
  557. return 0;
  558. res = evp_rand_strength_locked(ctx);
  559. evp_rand_unlock(ctx);
  560. return res;
  561. }
  562. static int evp_rand_nonce_locked(EVP_RAND_CTX *ctx, unsigned char *out,
  563. size_t outlen)
  564. {
  565. unsigned int str = evp_rand_strength_locked(ctx);
  566. if (ctx->meth->nonce == NULL)
  567. return 0;
  568. if (ctx->meth->nonce(ctx->algctx, out, str, outlen, outlen))
  569. return 1;
  570. return evp_rand_generate_locked(ctx, out, outlen, str, 0, NULL, 0);
  571. }
  572. int EVP_RAND_nonce(EVP_RAND_CTX *ctx, unsigned char *out, size_t outlen)
  573. {
  574. int res;
  575. if (!evp_rand_lock(ctx))
  576. return 0;
  577. res = evp_rand_nonce_locked(ctx, out, outlen);
  578. evp_rand_unlock(ctx);
  579. return res;
  580. }
  581. int EVP_RAND_get_state(EVP_RAND_CTX *ctx)
  582. {
  583. OSSL_PARAM params[2] = { OSSL_PARAM_END, OSSL_PARAM_END };
  584. int state;
  585. params[0] = OSSL_PARAM_construct_int(OSSL_RAND_PARAM_STATE, &state);
  586. if (!EVP_RAND_CTX_get_params(ctx, params))
  587. state = EVP_RAND_STATE_ERROR;
  588. return state;
  589. }
  590. static int evp_rand_verify_zeroization_locked(EVP_RAND_CTX *ctx)
  591. {
  592. if (ctx->meth->verify_zeroization != NULL)
  593. return ctx->meth->verify_zeroization(ctx->algctx);
  594. return 0;
  595. }
  596. int EVP_RAND_verify_zeroization(EVP_RAND_CTX *ctx)
  597. {
  598. int res;
  599. if (!evp_rand_lock(ctx))
  600. return 0;
  601. res = evp_rand_verify_zeroization_locked(ctx);
  602. evp_rand_unlock(ctx);
  603. return res;
  604. }