2 * Copyright 1995-2021 The OpenSSL Project Authors. All Rights Reserved.
4 * Licensed under the Apache License 2.0 (the "License"). You may not use
5 * this file except in compliance with the License. You can obtain a copy
6 * in the file LICENSE in the source distribution or at
7 * https://www.openssl.org/source/license.html
10 /* We need to use some engine deprecated APIs */
11 #define OPENSSL_SUPPRESS_DEPRECATED
13 #include <openssl/err.h>
14 #include <openssl/opensslconf.h>
15 #include <openssl/core_names.h>
16 #include "internal/cryptlib.h"
17 #include "internal/thread_once.h"
18 #include "crypto/rand.h"
19 #include "crypto/cryptlib.h"
20 #include "rand_local.h"
21 #include "crypto/context.h"
27 # include <openssl/conf.h>
28 # include <openssl/trace.h>
29 # include <openssl/engine.h>
30 # include "crypto/rand_pool.h"
31 # include "prov/seeding.h"
32 # include "internal/e_os.h"
34 # ifndef OPENSSL_NO_ENGINE
35 /* non-NULL if default_RAND_meth is ENGINE-provided */
36 static ENGINE
*funct_ref
;
37 static CRYPTO_RWLOCK
*rand_engine_lock
;
39 # ifndef OPENSSL_NO_DEPRECATED_3_0
40 static CRYPTO_RWLOCK
*rand_meth_lock
;
41 static const RAND_METHOD
*default_RAND_meth
;
43 static CRYPTO_ONCE rand_init
= CRYPTO_ONCE_STATIC_INIT
;
45 static int rand_inited
= 0;
47 DEFINE_RUN_ONCE_STATIC(do_rand_init
)
49 # ifndef OPENSSL_NO_ENGINE
50 rand_engine_lock
= CRYPTO_THREAD_lock_new();
51 if (rand_engine_lock
== NULL
)
55 # ifndef OPENSSL_NO_DEPRECATED_3_0
56 rand_meth_lock
= CRYPTO_THREAD_lock_new();
57 if (rand_meth_lock
== NULL
)
61 if (!ossl_rand_pool_init())
68 # ifndef OPENSSL_NO_DEPRECATED_3_0
69 CRYPTO_THREAD_lock_free(rand_meth_lock
);
70 rand_meth_lock
= NULL
;
72 # ifndef OPENSSL_NO_ENGINE
73 CRYPTO_THREAD_lock_free(rand_engine_lock
);
74 rand_engine_lock
= NULL
;
79 void ossl_rand_cleanup_int(void)
81 # ifndef OPENSSL_NO_DEPRECATED_3_0
82 const RAND_METHOD
*meth
= default_RAND_meth
;
87 if (meth
!= NULL
&& meth
->cleanup
!= NULL
)
89 RAND_set_rand_method(NULL
);
91 ossl_rand_pool_cleanup();
92 # ifndef OPENSSL_NO_ENGINE
93 CRYPTO_THREAD_lock_free(rand_engine_lock
);
94 rand_engine_lock
= NULL
;
96 # ifndef OPENSSL_NO_DEPRECATED_3_0
97 CRYPTO_THREAD_lock_free(rand_meth_lock
);
98 rand_meth_lock
= NULL
;
104 * RAND_close_seed_files() ensures that any seed file descriptors are
105 * closed after use. This only applies to libcrypto/default provider,
106 * it does not apply to other providers.
108 void RAND_keep_random_devices_open(int keep
)
110 if (RUN_ONCE(&rand_init
, do_rand_init
))
111 ossl_rand_pool_keep_random_devices_open(keep
);
115 * RAND_poll() reseeds the default RNG using random input
117 * The random input is obtained from polling various entropy
118 * sources which depend on the operating system and are
119 * configurable via the --with-rand-seed configure option.
123 # ifndef OPENSSL_NO_DEPRECATED_3_0
124 const RAND_METHOD
*meth
= RAND_get_rand_method();
125 int ret
= meth
== RAND_OpenSSL();
131 /* fill random pool and seed the current legacy RNG */
132 RAND_POOL
*pool
= ossl_rand_pool_new(RAND_DRBG_STRENGTH
, 1,
133 (RAND_DRBG_STRENGTH
+ 7) / 8,
134 RAND_POOL_MAX_LENGTH
);
139 if (ossl_pool_acquire_entropy(pool
) == 0)
142 if (meth
->add
== NULL
143 || meth
->add(ossl_rand_pool_buffer(pool
),
144 ossl_rand_pool_length(pool
),
145 (ossl_rand_pool_entropy(pool
) / 8.0)) == 0)
150 ossl_rand_pool_free(pool
);
154 static const char salt
[] = "polling";
156 RAND_seed(salt
, sizeof(salt
));
161 # ifndef OPENSSL_NO_DEPRECATED_3_0
162 static int rand_set_rand_method_internal(const RAND_METHOD
*meth
,
163 ossl_unused ENGINE
*e
)
165 if (!RUN_ONCE(&rand_init
, do_rand_init
))
168 if (!CRYPTO_THREAD_write_lock(rand_meth_lock
))
170 # ifndef OPENSSL_NO_ENGINE
171 ENGINE_finish(funct_ref
);
174 default_RAND_meth
= meth
;
175 CRYPTO_THREAD_unlock(rand_meth_lock
);
179 int RAND_set_rand_method(const RAND_METHOD
*meth
)
181 return rand_set_rand_method_internal(meth
, NULL
);
184 const RAND_METHOD
*RAND_get_rand_method(void)
186 const RAND_METHOD
*tmp_meth
= NULL
;
188 if (!RUN_ONCE(&rand_init
, do_rand_init
))
191 if (!CRYPTO_THREAD_write_lock(rand_meth_lock
))
193 if (default_RAND_meth
== NULL
) {
194 # ifndef OPENSSL_NO_ENGINE
197 /* If we have an engine that can do RAND, use it. */
198 if ((e
= ENGINE_get_default_RAND()) != NULL
199 && (tmp_meth
= ENGINE_get_RAND(e
)) != NULL
) {
201 default_RAND_meth
= tmp_meth
;
204 default_RAND_meth
= &ossl_rand_meth
;
207 default_RAND_meth
= &ossl_rand_meth
;
210 tmp_meth
= default_RAND_meth
;
211 CRYPTO_THREAD_unlock(rand_meth_lock
);
215 # if !defined(OPENSSL_NO_ENGINE)
216 int RAND_set_rand_engine(ENGINE
*engine
)
218 const RAND_METHOD
*tmp_meth
= NULL
;
220 if (!RUN_ONCE(&rand_init
, do_rand_init
))
223 if (engine
!= NULL
) {
224 if (!ENGINE_init(engine
))
226 tmp_meth
= ENGINE_get_RAND(engine
);
227 if (tmp_meth
== NULL
) {
228 ENGINE_finish(engine
);
232 if (!CRYPTO_THREAD_write_lock(rand_engine_lock
)) {
233 ENGINE_finish(engine
);
237 /* This function releases any prior ENGINE so call it first */
238 rand_set_rand_method_internal(tmp_meth
, engine
);
239 CRYPTO_THREAD_unlock(rand_engine_lock
);
243 # endif /* OPENSSL_NO_DEPRECATED_3_0 */
245 void RAND_seed(const void *buf
, int num
)
248 # ifndef OPENSSL_NO_DEPRECATED_3_0
249 const RAND_METHOD
*meth
= RAND_get_rand_method();
251 if (meth
!= NULL
&& meth
->seed
!= NULL
) {
252 meth
->seed(buf
, num
);
257 drbg
= RAND_get0_primary(NULL
);
258 if (drbg
!= NULL
&& num
> 0)
259 EVP_RAND_reseed(drbg
, 0, NULL
, 0, buf
, num
);
262 void RAND_add(const void *buf
, int num
, double randomness
)
265 # ifndef OPENSSL_NO_DEPRECATED_3_0
266 const RAND_METHOD
*meth
= RAND_get_rand_method();
268 if (meth
!= NULL
&& meth
->add
!= NULL
) {
269 meth
->add(buf
, num
, randomness
);
273 drbg
= RAND_get0_primary(NULL
);
274 if (drbg
!= NULL
&& num
> 0)
275 EVP_RAND_reseed(drbg
, 0, NULL
, 0, buf
, num
);
278 # if !defined(OPENSSL_NO_DEPRECATED_1_1_0)
279 int RAND_pseudo_bytes(unsigned char *buf
, int num
)
281 const RAND_METHOD
*meth
= RAND_get_rand_method();
283 if (meth
!= NULL
&& meth
->pseudorand
!= NULL
)
284 return meth
->pseudorand(buf
, num
);
285 ERR_raise(ERR_LIB_RAND
, RAND_R_FUNC_NOT_IMPLEMENTED
);
290 int RAND_status(void)
293 # ifndef OPENSSL_NO_DEPRECATED_3_0
294 const RAND_METHOD
*meth
= RAND_get_rand_method();
296 if (meth
!= NULL
&& meth
!= RAND_OpenSSL())
297 return meth
->status
!= NULL
? meth
->status() : 0;
300 if ((rand
= RAND_get0_primary(NULL
)) == NULL
)
302 return EVP_RAND_get_state(rand
) == EVP_RAND_STATE_READY
;
304 # else /* !FIPS_MODULE */
306 # ifndef OPENSSL_NO_DEPRECATED_3_0
307 const RAND_METHOD
*RAND_get_rand_method(void)
312 #endif /* !FIPS_MODULE */
315 * This function is not part of RAND_METHOD, so if we're not using
316 * the default method, then just call RAND_bytes(). Otherwise make
317 * sure we're instantiated and use the private DRBG.
319 int RAND_priv_bytes_ex(OSSL_LIB_CTX
*ctx
, unsigned char *buf
, size_t num
,
320 unsigned int strength
)
323 #if !defined(OPENSSL_NO_DEPRECATED_3_0) && !defined(FIPS_MODULE)
324 const RAND_METHOD
*meth
= RAND_get_rand_method();
326 if (meth
!= NULL
&& meth
!= RAND_OpenSSL()) {
327 if (meth
->bytes
!= NULL
)
328 return meth
->bytes(buf
, num
);
329 ERR_raise(ERR_LIB_RAND
, RAND_R_FUNC_NOT_IMPLEMENTED
);
334 rand
= RAND_get0_private(ctx
);
336 return EVP_RAND_generate(rand
, buf
, num
, strength
, 0, NULL
, 0);
341 int RAND_priv_bytes(unsigned char *buf
, int num
)
345 return RAND_priv_bytes_ex(NULL
, buf
, (size_t)num
, 0);
348 int RAND_bytes_ex(OSSL_LIB_CTX
*ctx
, unsigned char *buf
, size_t num
,
349 unsigned int strength
)
352 #if !defined(OPENSSL_NO_DEPRECATED_3_0) && !defined(FIPS_MODULE)
353 const RAND_METHOD
*meth
= RAND_get_rand_method();
355 if (meth
!= NULL
&& meth
!= RAND_OpenSSL()) {
356 if (meth
->bytes
!= NULL
)
357 return meth
->bytes(buf
, num
);
358 ERR_raise(ERR_LIB_RAND
, RAND_R_FUNC_NOT_IMPLEMENTED
);
363 rand
= RAND_get0_public(ctx
);
365 return EVP_RAND_generate(rand
, buf
, num
, strength
, 0, NULL
, 0);
370 int RAND_bytes(unsigned char *buf
, int num
)
374 return RAND_bytes_ex(NULL
, buf
, (size_t)num
, 0);
377 typedef struct rand_global_st
{
379 * The three shared DRBG instances
381 * There are three shared DRBG instances: <primary>, <public>, and
382 * <private>. The <public> and <private> DRBGs are secondary ones.
383 * These are used for non-secret (e.g. nonces) and secret
384 * (e.g. private keys) data respectively.
393 * Not used directly by the application, only for reseeding the two other
394 * DRBGs. It reseeds itself by pulling either randomness from os entropy
395 * sources or by consuming randomness which was added by RAND_add().
397 * The <primary> DRBG is a global instance which is accessed concurrently by
398 * all threads. The necessary locking is managed automatically by its child
399 * DRBG instances during reseeding.
401 EVP_RAND_CTX
*primary
;
406 * Used by default for generating random bytes using RAND_bytes().
408 * The <public> secondary DRBG is thread-local, i.e., there is one instance
411 CRYPTO_THREAD_LOCAL
public;
416 * Used by default for generating private keys using RAND_priv_bytes()
418 * The <private> secondary DRBG is thread-local, i.e., there is one
419 * instance per thread.
421 CRYPTO_THREAD_LOCAL
private;
423 /* Which RNG is being used by default and it's configuration settings */
429 /* Allow the randomness source to be changed */
435 * Initialize the OSSL_LIB_CTX global DRBGs on first use.
436 * Returns the allocated global data on success or NULL on failure.
438 void *ossl_rand_ctx_new(OSSL_LIB_CTX
*libctx
)
440 RAND_GLOBAL
*dgbl
= OPENSSL_zalloc(sizeof(*dgbl
));
447 * We need to ensure that base libcrypto thread handling has been
450 OPENSSL_init_crypto(OPENSSL_INIT_BASE_ONLY
, NULL
);
453 dgbl
->lock
= CRYPTO_THREAD_lock_new();
454 if (dgbl
->lock
== NULL
)
457 if (!CRYPTO_THREAD_init_local(&dgbl
->private, NULL
))
460 if (!CRYPTO_THREAD_init_local(&dgbl
->public, NULL
))
466 CRYPTO_THREAD_cleanup_local(&dgbl
->private);
468 CRYPTO_THREAD_lock_free(dgbl
->lock
);
473 void ossl_rand_ctx_free(void *vdgbl
)
475 RAND_GLOBAL
*dgbl
= vdgbl
;
480 CRYPTO_THREAD_lock_free(dgbl
->lock
);
481 CRYPTO_THREAD_cleanup_local(&dgbl
->private);
482 CRYPTO_THREAD_cleanup_local(&dgbl
->public);
483 EVP_RAND_CTX_free(dgbl
->primary
);
484 EVP_RAND_CTX_free(dgbl
->seed
);
485 OPENSSL_free(dgbl
->rng_name
);
486 OPENSSL_free(dgbl
->rng_cipher
);
487 OPENSSL_free(dgbl
->rng_digest
);
488 OPENSSL_free(dgbl
->rng_propq
);
489 OPENSSL_free(dgbl
->seed_name
);
490 OPENSSL_free(dgbl
->seed_propq
);
495 static RAND_GLOBAL
*rand_get_global(OSSL_LIB_CTX
*libctx
)
497 return ossl_lib_ctx_get_data(libctx
, OSSL_LIB_CTX_DRBG_INDEX
);
500 static void rand_delete_thread_state(void *arg
)
502 OSSL_LIB_CTX
*ctx
= arg
;
503 RAND_GLOBAL
*dgbl
= rand_get_global(ctx
);
509 rand
= CRYPTO_THREAD_get_local(&dgbl
->public);
510 CRYPTO_THREAD_set_local(&dgbl
->public, NULL
);
511 EVP_RAND_CTX_free(rand
);
513 rand
= CRYPTO_THREAD_get_local(&dgbl
->private);
514 CRYPTO_THREAD_set_local(&dgbl
->private, NULL
);
515 EVP_RAND_CTX_free(rand
);
519 static EVP_RAND_CTX
*rand_new_seed(OSSL_LIB_CTX
*libctx
)
522 RAND_GLOBAL
*dgbl
= rand_get_global(libctx
);
528 name
= dgbl
->seed_name
!= NULL
? dgbl
->seed_name
: "SEED-SRC";
529 rand
= EVP_RAND_fetch(libctx
, name
, dgbl
->seed_propq
);
531 ERR_raise(ERR_LIB_RAND
, RAND_R_UNABLE_TO_FETCH_DRBG
);
534 ctx
= EVP_RAND_CTX_new(rand
, NULL
);
537 ERR_raise(ERR_LIB_RAND
, RAND_R_UNABLE_TO_CREATE_DRBG
);
540 if (!EVP_RAND_instantiate(ctx
, 0, 0, NULL
, 0, NULL
)) {
541 ERR_raise(ERR_LIB_RAND
, RAND_R_ERROR_INSTANTIATING_DRBG
);
542 EVP_RAND_CTX_free(ctx
);
549 static EVP_RAND_CTX
*rand_new_drbg(OSSL_LIB_CTX
*libctx
, EVP_RAND_CTX
*parent
,
550 unsigned int reseed_interval
,
551 time_t reseed_time_interval
, int use_df
)
554 RAND_GLOBAL
*dgbl
= rand_get_global(libctx
);
556 OSSL_PARAM params
[8], *p
= params
;
557 const OSSL_PARAM
*settables
;
562 name
= dgbl
->rng_name
!= NULL
? dgbl
->rng_name
: "CTR-DRBG";
563 rand
= EVP_RAND_fetch(libctx
, name
, dgbl
->rng_propq
);
565 ERR_raise(ERR_LIB_RAND
, RAND_R_UNABLE_TO_FETCH_DRBG
);
568 ctx
= EVP_RAND_CTX_new(rand
, parent
);
571 ERR_raise(ERR_LIB_RAND
, RAND_R_UNABLE_TO_CREATE_DRBG
);
575 settables
= EVP_RAND_CTX_settable_params(ctx
);
576 if (OSSL_PARAM_locate_const(settables
, OSSL_DRBG_PARAM_CIPHER
)) {
577 cipher
= dgbl
->rng_cipher
!= NULL
? dgbl
->rng_cipher
: "AES-256-CTR";
578 *p
++ = OSSL_PARAM_construct_utf8_string(OSSL_DRBG_PARAM_CIPHER
,
581 if (dgbl
->rng_digest
!= NULL
582 && OSSL_PARAM_locate_const(settables
, OSSL_DRBG_PARAM_DIGEST
))
583 *p
++ = OSSL_PARAM_construct_utf8_string(OSSL_DRBG_PARAM_DIGEST
,
584 dgbl
->rng_digest
, 0);
585 if (dgbl
->rng_propq
!= NULL
)
586 *p
++ = OSSL_PARAM_construct_utf8_string(OSSL_DRBG_PARAM_PROPERTIES
,
588 if (OSSL_PARAM_locate_const(settables
, OSSL_ALG_PARAM_MAC
))
589 *p
++ = OSSL_PARAM_construct_utf8_string(OSSL_ALG_PARAM_MAC
, "HMAC", 0);
590 if (OSSL_PARAM_locate_const(settables
, OSSL_DRBG_PARAM_USE_DF
))
591 *p
++ = OSSL_PARAM_construct_int(OSSL_DRBG_PARAM_USE_DF
, &use_df
);
592 *p
++ = OSSL_PARAM_construct_uint(OSSL_DRBG_PARAM_RESEED_REQUESTS
,
594 *p
++ = OSSL_PARAM_construct_time_t(OSSL_DRBG_PARAM_RESEED_TIME_INTERVAL
,
595 &reseed_time_interval
);
596 *p
= OSSL_PARAM_construct_end();
597 if (!EVP_RAND_instantiate(ctx
, 0, 0, NULL
, 0, params
)) {
598 ERR_raise(ERR_LIB_RAND
, RAND_R_ERROR_INSTANTIATING_DRBG
);
599 EVP_RAND_CTX_free(ctx
);
606 * Get the primary random generator.
607 * Returns pointer to its EVP_RAND_CTX on success, NULL on failure.
610 EVP_RAND_CTX
*RAND_get0_primary(OSSL_LIB_CTX
*ctx
)
612 RAND_GLOBAL
*dgbl
= rand_get_global(ctx
);
618 if (!CRYPTO_THREAD_read_lock(dgbl
->lock
))
622 CRYPTO_THREAD_unlock(dgbl
->lock
);
627 if (!CRYPTO_THREAD_write_lock(dgbl
->lock
))
632 CRYPTO_THREAD_unlock(dgbl
->lock
);
637 if (dgbl
->seed
== NULL
) {
639 dgbl
->seed
= rand_new_seed(ctx
);
644 ret
= dgbl
->primary
= rand_new_drbg(ctx
, dgbl
->seed
,
645 PRIMARY_RESEED_INTERVAL
,
646 PRIMARY_RESEED_TIME_INTERVAL
, 1);
648 * The primary DRBG may be shared between multiple threads so we must
651 if (ret
!= NULL
&& !EVP_RAND_enable_locking(ret
)) {
652 ERR_raise(ERR_LIB_EVP
, EVP_R_UNABLE_TO_ENABLE_LOCKING
);
653 EVP_RAND_CTX_free(ret
);
654 ret
= dgbl
->primary
= NULL
;
656 CRYPTO_THREAD_unlock(dgbl
->lock
);
662 * Get the public random generator.
663 * Returns pointer to its EVP_RAND_CTX on success, NULL on failure.
665 EVP_RAND_CTX
*RAND_get0_public(OSSL_LIB_CTX
*ctx
)
667 RAND_GLOBAL
*dgbl
= rand_get_global(ctx
);
668 EVP_RAND_CTX
*rand
, *primary
;
673 rand
= CRYPTO_THREAD_get_local(&dgbl
->public);
675 primary
= RAND_get0_primary(ctx
);
679 ctx
= ossl_lib_ctx_get_concrete(ctx
);
681 * If the private is also NULL then this is the first time we've
684 if (CRYPTO_THREAD_get_local(&dgbl
->private) == NULL
685 && !ossl_init_thread_start(NULL
, ctx
, rand_delete_thread_state
))
687 rand
= rand_new_drbg(ctx
, primary
, SECONDARY_RESEED_INTERVAL
,
688 SECONDARY_RESEED_TIME_INTERVAL
, 0);
689 CRYPTO_THREAD_set_local(&dgbl
->public, rand
);
695 * Get the private random generator.
696 * Returns pointer to its EVP_RAND_CTX on success, NULL on failure.
698 EVP_RAND_CTX
*RAND_get0_private(OSSL_LIB_CTX
*ctx
)
700 RAND_GLOBAL
*dgbl
= rand_get_global(ctx
);
701 EVP_RAND_CTX
*rand
, *primary
;
706 rand
= CRYPTO_THREAD_get_local(&dgbl
->private);
708 primary
= RAND_get0_primary(ctx
);
712 ctx
= ossl_lib_ctx_get_concrete(ctx
);
714 * If the public is also NULL then this is the first time we've
717 if (CRYPTO_THREAD_get_local(&dgbl
->public) == NULL
718 && !ossl_init_thread_start(NULL
, ctx
, rand_delete_thread_state
))
720 rand
= rand_new_drbg(ctx
, primary
, SECONDARY_RESEED_INTERVAL
,
721 SECONDARY_RESEED_TIME_INTERVAL
, 0);
722 CRYPTO_THREAD_set_local(&dgbl
->private, rand
);
728 static int random_set_string(char **p
, const char *s
)
733 d
= OPENSSL_strdup(s
);
735 ERR_raise(ERR_LIB_CRYPTO
, ERR_R_MALLOC_FAILURE
);
745 * Load the DRBG definitions from a configuration file.
747 static int random_conf_init(CONF_IMODULE
*md
, const CONF
*cnf
)
749 STACK_OF(CONF_VALUE
) *elist
;
751 RAND_GLOBAL
*dgbl
= rand_get_global(NCONF_get0_libctx((CONF
*)cnf
));
754 OSSL_TRACE1(CONF
, "Loading random module: section %s\n",
755 CONF_imodule_get_value(md
));
757 /* Value is a section containing RANDOM configuration */
758 elist
= NCONF_get_section(cnf
, CONF_imodule_get_value(md
));
760 ERR_raise(ERR_LIB_CRYPTO
, CRYPTO_R_RANDOM_SECTION_ERROR
);
767 for (i
= 0; i
< sk_CONF_VALUE_num(elist
); i
++) {
768 cval
= sk_CONF_VALUE_value(elist
, i
);
769 if (OPENSSL_strcasecmp(cval
->name
, "random") == 0) {
770 if (!random_set_string(&dgbl
->rng_name
, cval
->value
))
772 } else if (OPENSSL_strcasecmp(cval
->name
, "cipher") == 0) {
773 if (!random_set_string(&dgbl
->rng_cipher
, cval
->value
))
775 } else if (OPENSSL_strcasecmp(cval
->name
, "digest") == 0) {
776 if (!random_set_string(&dgbl
->rng_digest
, cval
->value
))
778 } else if (OPENSSL_strcasecmp(cval
->name
, "properties") == 0) {
779 if (!random_set_string(&dgbl
->rng_propq
, cval
->value
))
781 } else if (OPENSSL_strcasecmp(cval
->name
, "seed") == 0) {
782 if (!random_set_string(&dgbl
->seed_name
, cval
->value
))
784 } else if (OPENSSL_strcasecmp(cval
->name
, "seed_properties") == 0) {
785 if (!random_set_string(&dgbl
->seed_propq
, cval
->value
))
788 ERR_raise_data(ERR_LIB_CRYPTO
,
789 CRYPTO_R_UNKNOWN_NAME_IN_RANDOM_SECTION
,
790 "name=%s, value=%s", cval
->name
, cval
->value
);
798 static void random_conf_deinit(CONF_IMODULE
*md
)
800 OSSL_TRACE(CONF
, "Cleaned up random\n");
803 void ossl_random_add_conf_module(void)
805 OSSL_TRACE(CONF
, "Adding config module 'random'\n");
806 CONF_module_add("random", random_conf_init
, random_conf_deinit
);
809 int RAND_set_DRBG_type(OSSL_LIB_CTX
*ctx
, const char *drbg
, const char *propq
,
810 const char *cipher
, const char *digest
)
812 RAND_GLOBAL
*dgbl
= rand_get_global(ctx
);
816 if (dgbl
->primary
!= NULL
) {
817 ERR_raise(ERR_LIB_CRYPTO
, RAND_R_ALREADY_INSTANTIATED
);
820 return random_set_string(&dgbl
->rng_name
, drbg
)
821 && random_set_string(&dgbl
->rng_propq
, propq
)
822 && random_set_string(&dgbl
->rng_cipher
, cipher
)
823 && random_set_string(&dgbl
->rng_digest
, digest
);
826 int RAND_set_seed_source_type(OSSL_LIB_CTX
*ctx
, const char *seed
,
829 RAND_GLOBAL
*dgbl
= rand_get_global(ctx
);
833 if (dgbl
->primary
!= NULL
) {
834 ERR_raise(ERR_LIB_CRYPTO
, RAND_R_ALREADY_INSTANTIATED
);
837 return random_set_string(&dgbl
->seed_name
, seed
)
838 && random_set_string(&dgbl
->seed_propq
, propq
);