evp_rand.c 20 KB

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177178179180181182183184185186187188189190191192193194195196197198199200201202203204205206207208209210211212213214215216217218219220221222223224225226227228229230231232233234235236237238239240241242243244245246247248249250251252253254255256257258259260261262263264265266267268269270271272273274275276277278279280281282283284285286287288289290291292293294295296297298299300301302303304305306307308309310311312313314315316317318319320321322323324325326327328329330331332333334335336337338339340341342343344345346347348349350351352353354355356357358359360361362363364365366367368369370371372373374375376377378379380381382383384385386387388389390391392393394395396397398399400401402403404405406407408409410411412413414415416417418419420421422423424425426427428429430431432433434435436437438439440441442443444445446447448449450451452453454455456457458459460461462463464465466467468469470471472473474475476477478479480481482483484485486487488489490491492493494495496497498499500501502503504505506507508509510511512513514515516517518519520521522523524525526527528529530531532533534535536537538539540541542543544545546547548549550551552553554555556557558559560561562563564565566567568569570571572573574575576577578579580581582583584585586587588589590591592593594595596597598599600601602603604605606607608609610611612613614615616617618619620621622623624625626627628629630631632633634635636637638639640641642643644645646647648649650651652653654655656657658659660661662663664665666667668669670671672673674675676677
  1. /*
  2. * Copyright 2020-2021 The OpenSSL Project Authors. All Rights Reserved.
  3. *
  4. * Licensed under the Apache License 2.0 (the "License"). You may not use
  5. * this file except in compliance with the License. You can obtain a copy
  6. * in the file LICENSE in the source distribution or at
  7. * https://www.openssl.org/source/license.html
  8. */
  9. #include <openssl/evp.h>
  10. #include <stdio.h>
  11. #include <stdlib.h>
  12. #include <openssl/engine.h>
  13. #include <openssl/evp.h>
  14. #include <openssl/x509v3.h>
  15. #include <openssl/rand.h>
  16. #include <openssl/core.h>
  17. #include <openssl/core_names.h>
  18. #include <openssl/crypto.h>
  19. #include "crypto/asn1.h"
  20. #include "crypto/evp.h"
  21. #include "internal/cryptlib.h"
  22. #include "internal/numbers.h"
  23. #include "internal/provider.h"
  24. #include "evp_local.h"
  25. struct evp_rand_st {
  26. OSSL_PROVIDER *prov;
  27. int name_id;
  28. const char *description;
  29. CRYPTO_REF_COUNT refcnt;
  30. CRYPTO_RWLOCK *refcnt_lock;
  31. const OSSL_DISPATCH *dispatch;
  32. OSSL_FUNC_rand_newctx_fn *newctx;
  33. OSSL_FUNC_rand_freectx_fn *freectx;
  34. OSSL_FUNC_rand_instantiate_fn *instantiate;
  35. OSSL_FUNC_rand_uninstantiate_fn *uninstantiate;
  36. OSSL_FUNC_rand_generate_fn *generate;
  37. OSSL_FUNC_rand_reseed_fn *reseed;
  38. OSSL_FUNC_rand_nonce_fn *nonce;
  39. OSSL_FUNC_rand_enable_locking_fn *enable_locking;
  40. OSSL_FUNC_rand_lock_fn *lock;
  41. OSSL_FUNC_rand_unlock_fn *unlock;
  42. OSSL_FUNC_rand_gettable_params_fn *gettable_params;
  43. OSSL_FUNC_rand_gettable_ctx_params_fn *gettable_ctx_params;
  44. OSSL_FUNC_rand_settable_ctx_params_fn *settable_ctx_params;
  45. OSSL_FUNC_rand_get_params_fn *get_params;
  46. OSSL_FUNC_rand_get_ctx_params_fn *get_ctx_params;
  47. OSSL_FUNC_rand_set_ctx_params_fn *set_ctx_params;
  48. OSSL_FUNC_rand_verify_zeroization_fn *verify_zeroization;
  49. } /* EVP_RAND */ ;
  50. static int evp_rand_up_ref(void *vrand)
  51. {
  52. EVP_RAND *rand = (EVP_RAND *)vrand;
  53. int ref = 0;
  54. if (rand != NULL)
  55. return CRYPTO_UP_REF(&rand->refcnt, &ref, rand->refcnt_lock);
  56. return 1;
  57. }
  58. static void evp_rand_free(void *vrand){
  59. EVP_RAND *rand = (EVP_RAND *)vrand;
  60. int ref = 0;
  61. if (rand != NULL) {
  62. CRYPTO_DOWN_REF(&rand->refcnt, &ref, rand->refcnt_lock);
  63. if (ref <= 0) {
  64. ossl_provider_free(rand->prov);
  65. CRYPTO_THREAD_lock_free(rand->refcnt_lock);
  66. OPENSSL_free(rand);
  67. }
  68. }
  69. }
  70. static void *evp_rand_new(void)
  71. {
  72. EVP_RAND *rand = OPENSSL_zalloc(sizeof(*rand));
  73. if (rand == NULL
  74. || (rand->refcnt_lock = CRYPTO_THREAD_lock_new()) == NULL) {
  75. OPENSSL_free(rand);
  76. return NULL;
  77. }
  78. rand->refcnt = 1;
  79. return rand;
  80. }
  81. /* Enable locking of the underlying DRBG/RAND if available */
  82. int EVP_RAND_enable_locking(EVP_RAND_CTX *rand)
  83. {
  84. if (rand->meth->enable_locking != NULL)
  85. return rand->meth->enable_locking(rand->data);
  86. ERR_raise(ERR_LIB_EVP, EVP_R_LOCKING_NOT_SUPPORTED);
  87. return 0;
  88. }
  89. /* Lock the underlying DRBG/RAND if available */
  90. static int evp_rand_lock(EVP_RAND_CTX *rand)
  91. {
  92. if (rand->meth->lock != NULL)
  93. return rand->meth->lock(rand->data);
  94. return 1;
  95. }
  96. /* Unlock the underlying DRBG/RAND if available */
  97. static void evp_rand_unlock(EVP_RAND_CTX *rand)
  98. {
  99. if (rand->meth->unlock != NULL)
  100. rand->meth->unlock(rand->data);
  101. }
  102. static void *evp_rand_from_algorithm(int name_id,
  103. const OSSL_ALGORITHM *algodef,
  104. OSSL_PROVIDER *prov)
  105. {
  106. const OSSL_DISPATCH *fns = algodef->implementation;
  107. EVP_RAND *rand = NULL;
  108. int fnrandcnt = 0, fnctxcnt = 0, fnlockcnt = 0, fnenablelockcnt = 0;
  109. #ifdef FIPS_MODULE
  110. int fnzeroizecnt = 0;
  111. #endif
  112. if ((rand = evp_rand_new()) == NULL) {
  113. ERR_raise(ERR_LIB_EVP, ERR_R_MALLOC_FAILURE);
  114. return NULL;
  115. }
  116. rand->name_id = name_id;
  117. rand->description = algodef->algorithm_description;
  118. rand->dispatch = fns;
  119. for (; fns->function_id != 0; fns++) {
  120. switch (fns->function_id) {
  121. case OSSL_FUNC_RAND_NEWCTX:
  122. if (rand->newctx != NULL)
  123. break;
  124. rand->newctx = OSSL_FUNC_rand_newctx(fns);
  125. fnctxcnt++;
  126. break;
  127. case OSSL_FUNC_RAND_FREECTX:
  128. if (rand->freectx != NULL)
  129. break;
  130. rand->freectx = OSSL_FUNC_rand_freectx(fns);
  131. fnctxcnt++;
  132. break;
  133. case OSSL_FUNC_RAND_INSTANTIATE:
  134. if (rand->instantiate != NULL)
  135. break;
  136. rand->instantiate = OSSL_FUNC_rand_instantiate(fns);
  137. fnrandcnt++;
  138. break;
  139. case OSSL_FUNC_RAND_UNINSTANTIATE:
  140. if (rand->uninstantiate != NULL)
  141. break;
  142. rand->uninstantiate = OSSL_FUNC_rand_uninstantiate(fns);
  143. fnrandcnt++;
  144. break;
  145. case OSSL_FUNC_RAND_GENERATE:
  146. if (rand->generate != NULL)
  147. break;
  148. rand->generate = OSSL_FUNC_rand_generate(fns);
  149. fnrandcnt++;
  150. break;
  151. case OSSL_FUNC_RAND_RESEED:
  152. if (rand->reseed != NULL)
  153. break;
  154. rand->reseed = OSSL_FUNC_rand_reseed(fns);
  155. break;
  156. case OSSL_FUNC_RAND_NONCE:
  157. if (rand->nonce != NULL)
  158. break;
  159. rand->nonce = OSSL_FUNC_rand_nonce(fns);
  160. break;
  161. case OSSL_FUNC_RAND_ENABLE_LOCKING:
  162. if (rand->enable_locking != NULL)
  163. break;
  164. rand->enable_locking = OSSL_FUNC_rand_enable_locking(fns);
  165. fnenablelockcnt++;
  166. break;
  167. case OSSL_FUNC_RAND_LOCK:
  168. if (rand->lock != NULL)
  169. break;
  170. rand->lock = OSSL_FUNC_rand_lock(fns);
  171. fnlockcnt++;
  172. break;
  173. case OSSL_FUNC_RAND_UNLOCK:
  174. if (rand->unlock != NULL)
  175. break;
  176. rand->unlock = OSSL_FUNC_rand_unlock(fns);
  177. fnlockcnt++;
  178. break;
  179. case OSSL_FUNC_RAND_GETTABLE_PARAMS:
  180. if (rand->gettable_params != NULL)
  181. break;
  182. rand->gettable_params =
  183. OSSL_FUNC_rand_gettable_params(fns);
  184. break;
  185. case OSSL_FUNC_RAND_GETTABLE_CTX_PARAMS:
  186. if (rand->gettable_ctx_params != NULL)
  187. break;
  188. rand->gettable_ctx_params =
  189. OSSL_FUNC_rand_gettable_ctx_params(fns);
  190. break;
  191. case OSSL_FUNC_RAND_SETTABLE_CTX_PARAMS:
  192. if (rand->settable_ctx_params != NULL)
  193. break;
  194. rand->settable_ctx_params =
  195. OSSL_FUNC_rand_settable_ctx_params(fns);
  196. break;
  197. case OSSL_FUNC_RAND_GET_PARAMS:
  198. if (rand->get_params != NULL)
  199. break;
  200. rand->get_params = OSSL_FUNC_rand_get_params(fns);
  201. break;
  202. case OSSL_FUNC_RAND_GET_CTX_PARAMS:
  203. if (rand->get_ctx_params != NULL)
  204. break;
  205. rand->get_ctx_params = OSSL_FUNC_rand_get_ctx_params(fns);
  206. fnctxcnt++;
  207. break;
  208. case OSSL_FUNC_RAND_SET_CTX_PARAMS:
  209. if (rand->set_ctx_params != NULL)
  210. break;
  211. rand->set_ctx_params = OSSL_FUNC_rand_set_ctx_params(fns);
  212. break;
  213. case OSSL_FUNC_RAND_VERIFY_ZEROIZATION:
  214. if (rand->verify_zeroization != NULL)
  215. break;
  216. rand->verify_zeroization = OSSL_FUNC_rand_verify_zeroization(fns);
  217. #ifdef FIPS_MODULE
  218. fnzeroizecnt++;
  219. #endif
  220. break;
  221. }
  222. }
  223. /*
  224. * In order to be a consistent set of functions we must have at least
  225. * a complete set of "rand" functions and a complete set of context
  226. * management functions. In FIPS mode, we also require the zeroization
  227. * verification function.
  228. *
  229. * In addition, if locking can be enabled, we need a complete set of
  230. * locking functions.
  231. */
  232. if (fnrandcnt != 3
  233. || fnctxcnt != 3
  234. || (fnenablelockcnt != 0 && fnenablelockcnt != 1)
  235. || (fnlockcnt != 0 && fnlockcnt != 2)
  236. #ifdef FIPS_MODULE
  237. || fnzeroizecnt != 1
  238. #endif
  239. ) {
  240. evp_rand_free(rand);
  241. ERR_raise(ERR_LIB_EVP, EVP_R_INVALID_PROVIDER_FUNCTIONS);
  242. return NULL;
  243. }
  244. if (prov != NULL && !ossl_provider_up_ref(prov)) {
  245. evp_rand_free(rand);
  246. ERR_raise(ERR_LIB_EVP, ERR_R_INTERNAL_ERROR);
  247. return NULL;
  248. }
  249. rand->prov = prov;
  250. return rand;
  251. }
  252. EVP_RAND *EVP_RAND_fetch(OSSL_LIB_CTX *libctx, const char *algorithm,
  253. const char *properties)
  254. {
  255. return evp_generic_fetch(libctx, OSSL_OP_RAND, algorithm, properties,
  256. evp_rand_from_algorithm, evp_rand_up_ref,
  257. evp_rand_free);
  258. }
  259. int EVP_RAND_up_ref(EVP_RAND *rand)
  260. {
  261. return evp_rand_up_ref(rand);
  262. }
  263. void EVP_RAND_free(EVP_RAND *rand)
  264. {
  265. evp_rand_free(rand);
  266. }
  267. int EVP_RAND_number(const EVP_RAND *rand)
  268. {
  269. return rand->name_id;
  270. }
  271. const char *EVP_RAND_name(const EVP_RAND *rand)
  272. {
  273. return evp_first_name(rand->prov, rand->name_id);
  274. }
  275. const char *EVP_RAND_description(const EVP_RAND *rand)
  276. {
  277. return rand->description;
  278. }
  279. int EVP_RAND_is_a(const EVP_RAND *rand, const char *name)
  280. {
  281. return evp_is_a(rand->prov, rand->name_id, NULL, name);
  282. }
  283. const OSSL_PROVIDER *EVP_RAND_provider(const EVP_RAND *rand)
  284. {
  285. return rand->prov;
  286. }
  287. int EVP_RAND_get_params(EVP_RAND *rand, OSSL_PARAM params[])
  288. {
  289. if (rand->get_params != NULL)
  290. return rand->get_params(params);
  291. return 1;
  292. }
  293. static int evp_rand_ctx_up_ref(EVP_RAND_CTX *ctx)
  294. {
  295. int ref = 0;
  296. return CRYPTO_UP_REF(&ctx->refcnt, &ref, ctx->refcnt_lock);
  297. }
  298. EVP_RAND_CTX *EVP_RAND_CTX_new(EVP_RAND *rand, EVP_RAND_CTX *parent)
  299. {
  300. EVP_RAND_CTX *ctx;
  301. void *parent_ctx = NULL;
  302. const OSSL_DISPATCH *parent_dispatch = NULL;
  303. if (rand == NULL) {
  304. ERR_raise(ERR_LIB_EVP, EVP_R_INVALID_NULL_ALGORITHM);
  305. return NULL;
  306. }
  307. ctx = OPENSSL_zalloc(sizeof(*ctx));
  308. if (ctx == NULL || (ctx->refcnt_lock = CRYPTO_THREAD_lock_new()) == NULL) {
  309. OPENSSL_free(ctx);
  310. ERR_raise(ERR_LIB_EVP, ERR_R_MALLOC_FAILURE);
  311. return NULL;
  312. }
  313. if (parent != NULL) {
  314. if (!evp_rand_ctx_up_ref(parent)) {
  315. ERR_raise(ERR_LIB_EVP, ERR_R_INTERNAL_ERROR);
  316. CRYPTO_THREAD_lock_free(ctx->refcnt_lock);
  317. OPENSSL_free(ctx);
  318. return NULL;
  319. }
  320. parent_ctx = parent->data;
  321. parent_dispatch = parent->meth->dispatch;
  322. }
  323. if ((ctx->data = rand->newctx(ossl_provider_ctx(rand->prov), parent_ctx,
  324. parent_dispatch)) == NULL
  325. || !EVP_RAND_up_ref(rand)) {
  326. ERR_raise(ERR_LIB_EVP, ERR_R_MALLOC_FAILURE);
  327. rand->freectx(ctx->data);
  328. CRYPTO_THREAD_lock_free(ctx->refcnt_lock);
  329. OPENSSL_free(ctx);
  330. EVP_RAND_CTX_free(parent);
  331. return NULL;
  332. }
  333. ctx->meth = rand;
  334. ctx->parent = parent;
  335. ctx->refcnt = 1;
  336. return ctx;
  337. }
  338. void EVP_RAND_CTX_free(EVP_RAND_CTX *ctx)
  339. {
  340. if (ctx != NULL) {
  341. int ref = 0;
  342. CRYPTO_DOWN_REF(&ctx->refcnt, &ref, ctx->refcnt_lock);
  343. if (ref <= 0) {
  344. EVP_RAND_CTX *parent = ctx->parent;
  345. ctx->meth->freectx(ctx->data);
  346. ctx->data = NULL;
  347. EVP_RAND_free(ctx->meth);
  348. CRYPTO_THREAD_lock_free(ctx->refcnt_lock);
  349. OPENSSL_free(ctx);
  350. EVP_RAND_CTX_free(parent);
  351. }
  352. }
  353. }
  354. EVP_RAND *EVP_RAND_CTX_rand(EVP_RAND_CTX *ctx)
  355. {
  356. return ctx->meth;
  357. }
  358. static int evp_rand_get_ctx_params_locked(EVP_RAND_CTX *ctx,
  359. OSSL_PARAM params[])
  360. {
  361. return ctx->meth->get_ctx_params(ctx->data, params);
  362. }
  363. int EVP_RAND_get_ctx_params(EVP_RAND_CTX *ctx, OSSL_PARAM params[])
  364. {
  365. int res;
  366. if (!evp_rand_lock(ctx))
  367. return 0;
  368. res = evp_rand_get_ctx_params_locked(ctx, params);
  369. evp_rand_unlock(ctx);
  370. return res;
  371. }
  372. static int evp_rand_set_ctx_params_locked(EVP_RAND_CTX *ctx,
  373. const OSSL_PARAM params[])
  374. {
  375. if (ctx->meth->set_ctx_params != NULL)
  376. return ctx->meth->set_ctx_params(ctx->data, params);
  377. return 1;
  378. }
  379. int EVP_RAND_set_ctx_params(EVP_RAND_CTX *ctx, const OSSL_PARAM params[])
  380. {
  381. int res;
  382. if (!evp_rand_lock(ctx))
  383. return 0;
  384. res = evp_rand_set_ctx_params_locked(ctx, params);
  385. evp_rand_unlock(ctx);
  386. return res;
  387. }
  388. const OSSL_PARAM *EVP_RAND_gettable_params(const EVP_RAND *rand)
  389. {
  390. if (rand->gettable_params == NULL)
  391. return NULL;
  392. return rand->gettable_params(ossl_provider_ctx(EVP_RAND_provider(rand)));
  393. }
  394. const OSSL_PARAM *EVP_RAND_gettable_ctx_params(const EVP_RAND *rand)
  395. {
  396. void *provctx;
  397. if (rand->gettable_ctx_params == NULL)
  398. return NULL;
  399. provctx = ossl_provider_ctx(EVP_RAND_provider(rand));
  400. return rand->gettable_ctx_params(NULL, provctx);
  401. }
  402. const OSSL_PARAM *EVP_RAND_settable_ctx_params(const EVP_RAND *rand)
  403. {
  404. void *provctx;
  405. if (rand->settable_ctx_params == NULL)
  406. return NULL;
  407. provctx = ossl_provider_ctx(EVP_RAND_provider(rand));
  408. return rand->settable_ctx_params(NULL, provctx);
  409. }
  410. const OSSL_PARAM *EVP_RAND_CTX_gettable_params(EVP_RAND_CTX *ctx)
  411. {
  412. void *provctx;
  413. if (ctx->meth->gettable_ctx_params == NULL)
  414. return NULL;
  415. provctx = ossl_provider_ctx(EVP_RAND_provider(ctx->meth));
  416. return ctx->meth->gettable_ctx_params(ctx->data, provctx);
  417. }
  418. const OSSL_PARAM *EVP_RAND_CTX_settable_params(EVP_RAND_CTX *ctx)
  419. {
  420. void *provctx;
  421. if (ctx->meth->settable_ctx_params == NULL)
  422. return NULL;
  423. provctx = ossl_provider_ctx(EVP_RAND_provider(ctx->meth));
  424. return ctx->meth->settable_ctx_params(ctx->data, provctx);
  425. }
  426. void EVP_RAND_do_all_provided(OSSL_LIB_CTX *libctx,
  427. void (*fn)(EVP_RAND *rand, void *arg),
  428. void *arg)
  429. {
  430. evp_generic_do_all(libctx, OSSL_OP_RAND,
  431. (void (*)(void *, void *))fn, arg,
  432. evp_rand_from_algorithm, evp_rand_free);
  433. }
  434. int EVP_RAND_names_do_all(const EVP_RAND *rand,
  435. void (*fn)(const char *name, void *data),
  436. void *data)
  437. {
  438. if (rand->prov != NULL)
  439. return evp_names_do_all(rand->prov, rand->name_id, fn, data);
  440. return 1;
  441. }
  442. static int evp_rand_instantiate_locked
  443. (EVP_RAND_CTX *ctx, unsigned int strength, int prediction_resistance,
  444. const unsigned char *pstr, size_t pstr_len, const OSSL_PARAM params[])
  445. {
  446. return ctx->meth->instantiate(ctx->data, strength, prediction_resistance,
  447. pstr, pstr_len, params);
  448. }
  449. int EVP_RAND_instantiate(EVP_RAND_CTX *ctx, unsigned int strength,
  450. int prediction_resistance,
  451. const unsigned char *pstr, size_t pstr_len,
  452. const OSSL_PARAM params[])
  453. {
  454. int res;
  455. if (!evp_rand_lock(ctx))
  456. return 0;
  457. res = evp_rand_instantiate_locked(ctx, strength, prediction_resistance,
  458. pstr, pstr_len, params);
  459. evp_rand_unlock(ctx);
  460. return res;
  461. }
  462. static int evp_rand_uninstantiate_locked(EVP_RAND_CTX *ctx)
  463. {
  464. return ctx->meth->uninstantiate(ctx->data);
  465. }
  466. int EVP_RAND_uninstantiate(EVP_RAND_CTX *ctx)
  467. {
  468. int res;
  469. if (!evp_rand_lock(ctx))
  470. return 0;
  471. res = evp_rand_uninstantiate_locked(ctx);
  472. evp_rand_unlock(ctx);
  473. return res;
  474. }
  475. static int evp_rand_generate_locked(EVP_RAND_CTX *ctx, unsigned char *out,
  476. size_t outlen, unsigned int strength,
  477. int prediction_resistance,
  478. const unsigned char *addin,
  479. size_t addin_len)
  480. {
  481. size_t chunk, max_request = 0;
  482. OSSL_PARAM params[2] = { OSSL_PARAM_END, OSSL_PARAM_END };
  483. params[0] = OSSL_PARAM_construct_size_t(OSSL_RAND_PARAM_MAX_REQUEST,
  484. &max_request);
  485. if (!evp_rand_get_ctx_params_locked(ctx, params)
  486. || max_request == 0) {
  487. ERR_raise(ERR_LIB_EVP, EVP_R_UNABLE_TO_GET_MAXIMUM_REQUEST_SIZE);
  488. return 0;
  489. }
  490. for (; outlen > 0; outlen -= chunk, out += chunk) {
  491. chunk = outlen > max_request ? max_request : outlen;
  492. if (!ctx->meth->generate(ctx->data, out, chunk, strength,
  493. prediction_resistance, addin, addin_len)) {
  494. ERR_raise(ERR_LIB_EVP, EVP_R_GENERATE_ERROR);
  495. return 0;
  496. }
  497. /*
  498. * Prediction resistance is only relevant the first time around,
  499. * subsequently, the DRBG has already been properly reseeded.
  500. */
  501. prediction_resistance = 0;
  502. }
  503. return 1;
  504. }
  505. int EVP_RAND_generate(EVP_RAND_CTX *ctx, unsigned char *out, size_t outlen,
  506. unsigned int strength, int prediction_resistance,
  507. const unsigned char *addin, size_t addin_len)
  508. {
  509. int res;
  510. if (!evp_rand_lock(ctx))
  511. return 0;
  512. res = evp_rand_generate_locked(ctx, out, outlen, strength,
  513. prediction_resistance, addin, addin_len);
  514. evp_rand_unlock(ctx);
  515. return res;
  516. }
  517. static int evp_rand_reseed_locked(EVP_RAND_CTX *ctx, int prediction_resistance,
  518. const unsigned char *ent, size_t ent_len,
  519. const unsigned char *addin, size_t addin_len)
  520. {
  521. if (ctx->meth->reseed != NULL)
  522. return ctx->meth->reseed(ctx->data, prediction_resistance,
  523. ent, ent_len, addin, addin_len);
  524. return 1;
  525. }
  526. int EVP_RAND_reseed(EVP_RAND_CTX *ctx, int prediction_resistance,
  527. const unsigned char *ent, size_t ent_len,
  528. const unsigned char *addin, size_t addin_len)
  529. {
  530. int res;
  531. if (!evp_rand_lock(ctx))
  532. return 0;
  533. res = evp_rand_reseed_locked(ctx, prediction_resistance,
  534. ent, ent_len, addin, addin_len);
  535. evp_rand_unlock(ctx);
  536. return res;
  537. }
  538. static unsigned int evp_rand_strength_locked(EVP_RAND_CTX *ctx)
  539. {
  540. OSSL_PARAM params[2] = { OSSL_PARAM_END, OSSL_PARAM_END };
  541. unsigned int strength = 0;
  542. params[0] = OSSL_PARAM_construct_uint(OSSL_RAND_PARAM_STRENGTH, &strength);
  543. if (!evp_rand_get_ctx_params_locked(ctx, params))
  544. return 0;
  545. return strength;
  546. }
  547. unsigned int EVP_RAND_strength(EVP_RAND_CTX *ctx)
  548. {
  549. unsigned int res;
  550. if (!evp_rand_lock(ctx))
  551. return 0;
  552. res = evp_rand_strength_locked(ctx);
  553. evp_rand_unlock(ctx);
  554. return res;
  555. }
  556. static int evp_rand_nonce_locked(EVP_RAND_CTX *ctx, unsigned char *out,
  557. size_t outlen)
  558. {
  559. unsigned int str = evp_rand_strength_locked(ctx);
  560. if (ctx->meth->nonce == NULL)
  561. return 0;
  562. if (ctx->meth->nonce(ctx->data, out, str, outlen, outlen))
  563. return 1;
  564. return evp_rand_generate_locked(ctx, out, outlen, str, 0, NULL, 0);
  565. }
  566. int EVP_RAND_nonce(EVP_RAND_CTX *ctx, unsigned char *out, size_t outlen)
  567. {
  568. int res;
  569. if (!evp_rand_lock(ctx))
  570. return 0;
  571. res = evp_rand_nonce_locked(ctx, out, outlen);
  572. evp_rand_unlock(ctx);
  573. return res;
  574. }
  575. int EVP_RAND_state(EVP_RAND_CTX *ctx)
  576. {
  577. OSSL_PARAM params[2] = { OSSL_PARAM_END, OSSL_PARAM_END };
  578. int state;
  579. params[0] = OSSL_PARAM_construct_int(OSSL_RAND_PARAM_STATE, &state);
  580. if (!EVP_RAND_get_ctx_params(ctx, params))
  581. state = EVP_RAND_STATE_ERROR;
  582. return state;
  583. }
  584. static int evp_rand_verify_zeroization_locked(EVP_RAND_CTX *ctx)
  585. {
  586. if (ctx->meth->verify_zeroization != NULL)
  587. return ctx->meth->verify_zeroization(ctx->data);
  588. return 0;
  589. }
  590. int EVP_RAND_verify_zeroization(EVP_RAND_CTX *ctx)
  591. {
  592. int res;
  593. if (!evp_rand_lock(ctx))
  594. return 0;
  595. res = evp_rand_verify_zeroization_locked(ctx);
  596. evp_rand_unlock(ctx);
  597. return res;
  598. }