]> git.ipfire.org Git - thirdparty/openssl.git/blob - crypto/evp/evp_rand.c
projects / thirdparty / openssl.git / blob
? search:
summary | shortlog | log | commit | commitdiff | tree
blame | history | raw | HEAD
gettables: core changes to pass the provider context.
[thirdparty/openssl.git] / crypto / evp / evp_rand.c
1 /*
2 * Copyright 2020 The OpenSSL Project Authors. All Rights Reserved.
3 *
4 * Licensed under the Apache License 2.0 (the "License"). You may not use
5 * this file except in compliance with the License. You can obtain a copy
6 * in the file LICENSE in the source distribution or at
7 * https://www.openssl.org/source/license.html
8 */
9
10 #include <openssl/evp.h>
11
12 #include <stdio.h>
13 #include <stdlib.h>
14 #include <openssl/engine.h>
15 #include <openssl/evp.h>
16 #include <openssl/x509v3.h>
17 #include <openssl/rand.h>
18 #include <openssl/core.h>
19 #include <openssl/core_names.h>
20 #include <openssl/crypto.h>
21 #include "crypto/asn1.h"
22 #include "crypto/evp.h"
23 #include "internal/cryptlib.h"
24 #include "internal/numbers.h"
25 #include "internal/provider.h"
26 #include "evp_local.h"
27
28 static int evp_rand_up_ref(void *vrand)
29 {
30 EVP_RAND *rand = (EVP_RAND *)vrand;
31 int ref = 0;
32
33 if (rand != NULL)
34 return CRYPTO_UP_REF(&rand->refcnt, &ref, rand->refcnt_lock);
35 return 1;
36 }
37
38 static void evp_rand_free(void *vrand){
39 EVP_RAND *rand = (EVP_RAND *)vrand;
40 int ref = 0;
41
42 if (rand != NULL) {
43 CRYPTO_DOWN_REF(&rand->refcnt, &ref, rand->refcnt_lock);
44 if (ref <= 0) {
45 ossl_provider_free(rand->prov);
46 CRYPTO_THREAD_lock_free(rand->refcnt_lock);
47 OPENSSL_free(rand);
48 }
49 }
50 }
51
52 static void *evp_rand_new(void)
53 {
54 EVP_RAND *rand = OPENSSL_zalloc(sizeof(*rand));
55
56 if (rand == NULL
57 || (rand->refcnt_lock = CRYPTO_THREAD_lock_new()) == NULL) {
58 OPENSSL_free(rand);
59 return NULL;
60 }
61 rand->refcnt = 1;
62 return rand;
63 }
64
65 /* Enable locking of the underlying DRBG/RAND if available */
66 int EVP_RAND_enable_locking(EVP_RAND_CTX *rand)
67 {
68 if (rand->meth->enable_locking != NULL)
69 return rand->meth->enable_locking(rand->data);
70 EVPerr(0, EVP_R_LOCKING_NOT_SUPPORTED);
71 return 0;
72 }
73
74 /* Lock the underlying DRBG/RAND if available */
75 static int evp_rand_lock(EVP_RAND_CTX *rand)
76 {
77 if (rand->meth->lock != NULL)
78 return rand->meth->lock(rand->data);
79 return 1;
80 }
81
82 /* Unlock the underlying DRBG/RAND if available */
83 static void evp_rand_unlock(EVP_RAND_CTX *rand)
84 {
85 if (rand->meth->unlock != NULL)
86 rand->meth->unlock(rand->data);
87 }
88
89 static void *evp_rand_from_dispatch(int name_id,
90 const OSSL_DISPATCH *fns,
91 OSSL_PROVIDER *prov)
92 {
93 EVP_RAND *rand = NULL;
94 int fnrandcnt = 0, fnctxcnt = 0, fnlockcnt = 0;
95 #ifdef FIPS_MODULE
96 int fnzeroizecnt = 0;
97 #endif
98
99 if ((rand = evp_rand_new()) == NULL) {
100 EVPerr(0, ERR_R_MALLOC_FAILURE);
101 return NULL;
102 }
103 rand->name_id = name_id;
104 rand->dispatch = fns;
105 for (; fns->function_id != 0; fns++) {
106 switch (fns->function_id) {
107 case OSSL_FUNC_RAND_NEWCTX:
108 if (rand->newctx != NULL)
109 break;
110 rand->newctx = OSSL_FUNC_rand_newctx(fns);
111 fnctxcnt++;
112 break;
113 case OSSL_FUNC_RAND_FREECTX:
114 if (rand->freectx != NULL)
115 break;
116 rand->freectx = OSSL_FUNC_rand_freectx(fns);
117 fnctxcnt++;
118 break;
119 case OSSL_FUNC_RAND_INSTANTIATE:
120 if (rand->instantiate != NULL)
121 break;
122 rand->instantiate = OSSL_FUNC_rand_instantiate(fns);
123 fnrandcnt++;
124 break;
125 case OSSL_FUNC_RAND_UNINSTANTIATE:
126 if (rand->uninstantiate != NULL)
127 break;
128 rand->uninstantiate = OSSL_FUNC_rand_uninstantiate(fns);
129 fnrandcnt++;
130 break;
131 case OSSL_FUNC_RAND_GENERATE:
132 if (rand->generate != NULL)
133 break;
134 rand->generate = OSSL_FUNC_rand_generate(fns);
135 fnrandcnt++;
136 break;
137 case OSSL_FUNC_RAND_RESEED:
138 if (rand->reseed != NULL)
139 break;
140 rand->reseed = OSSL_FUNC_rand_reseed(fns);
141 break;
142 case OSSL_FUNC_RAND_NONCE:
143 if (rand->nonce != NULL)
144 break;
145 rand->nonce = OSSL_FUNC_rand_nonce(fns);
146 break;
147 case OSSL_FUNC_RAND_SET_CALLBACKS:
148 if (rand->set_callbacks != NULL)
149 break;
150 rand->set_callbacks = OSSL_FUNC_rand_set_callbacks(fns);
151 break;
152 case OSSL_FUNC_RAND_ENABLE_LOCKING:
153 if (rand->enable_locking != NULL)
154 break;
155 rand->enable_locking = OSSL_FUNC_rand_enable_locking(fns);
156 fnlockcnt++;
157 break;
158 case OSSL_FUNC_RAND_LOCK:
159 if (rand->lock != NULL)
160 break;
161 rand->lock = OSSL_FUNC_rand_lock(fns);
162 fnlockcnt++;
163 break;
164 case OSSL_FUNC_RAND_UNLOCK:
165 if (rand->unlock != NULL)
166 break;
167 rand->unlock = OSSL_FUNC_rand_unlock(fns);
168 fnlockcnt++;
169 break;
170 case OSSL_FUNC_RAND_GETTABLE_PARAMS:
171 if (rand->gettable_params != NULL)
172 break;
173 rand->gettable_params =
174 OSSL_FUNC_rand_gettable_params(fns);
175 break;
176 case OSSL_FUNC_RAND_GETTABLE_CTX_PARAMS:
177 if (rand->gettable_ctx_params != NULL)
178 break;
179 rand->gettable_ctx_params =
180 OSSL_FUNC_rand_gettable_ctx_params(fns);
181 break;
182 case OSSL_FUNC_RAND_SETTABLE_CTX_PARAMS:
183 if (rand->settable_ctx_params != NULL)
184 break;
185 rand->settable_ctx_params =
186 OSSL_FUNC_rand_settable_ctx_params(fns);
187 break;
188 case OSSL_FUNC_RAND_GET_PARAMS:
189 if (rand->get_params != NULL)
190 break;
191 rand->get_params = OSSL_FUNC_rand_get_params(fns);
192 break;
193 case OSSL_FUNC_RAND_GET_CTX_PARAMS:
194 if (rand->get_ctx_params != NULL)
195 break;
196 rand->get_ctx_params = OSSL_FUNC_rand_get_ctx_params(fns);
197 fnctxcnt++;
198 break;
199 case OSSL_FUNC_RAND_SET_CTX_PARAMS:
200 if (rand->set_ctx_params != NULL)
201 break;
202 rand->set_ctx_params = OSSL_FUNC_rand_set_ctx_params(fns);
203 break;
204 case OSSL_FUNC_RAND_VERIFY_ZEROIZATION:
205 if (rand->verify_zeroization != NULL)
206 break;
207 rand->verify_zeroization = OSSL_FUNC_rand_verify_zeroization(fns);
208 #ifdef FIPS_MODULE
209 fnzeroizecnt++;
210 #endif
211 break;
212 }
213 }
214 /*
215 * In order to be a consistent set of functions we must have at least
216 * a complete set of "rand" functions and a complete set of context
217 * management functions. In FIPS mode, we also require the zeroization
218 * verification function.
219 *
220 * In addition, if locking can be enabled, we need a complete set of
221 * locking functions.
222 */
223 if (fnrandcnt != 3
224 || fnctxcnt != 3
225 || (fnlockcnt != 0 && fnlockcnt != 3)
226 #ifdef FIPS_MODULE
227 || fnzeroizecnt != 1
228 #endif
229 ) {
230 evp_rand_free(rand);
231 ERR_raise(ERR_LIB_EVP, EVP_R_INVALID_PROVIDER_FUNCTIONS);
232 return NULL;
233 }
234
235 if (prov != NULL && !ossl_provider_up_ref(prov)) {
236 evp_rand_free(rand);
237 ERR_raise(ERR_LIB_EVP, ERR_R_INTERNAL_ERROR);
238 return NULL;
239 }
240 rand->prov = prov;
241
242 return rand;
243 }
244
245 EVP_RAND *EVP_RAND_fetch(OPENSSL_CTX *libctx, const char *algorithm,
246 const char *properties)
247 {
248 return evp_generic_fetch(libctx, OSSL_OP_RAND, algorithm, properties,
249 evp_rand_from_dispatch, evp_rand_up_ref,
250 evp_rand_free);
251 }
252
253 int EVP_RAND_up_ref(EVP_RAND *rand)
254 {
255 return evp_rand_up_ref(rand);
256 }
257
258 void EVP_RAND_free(EVP_RAND *rand)
259 {
260 evp_rand_free(rand);
261 }
262
263 int EVP_RAND_number(const EVP_RAND *rand)
264 {
265 return rand->name_id;
266 }
267
268 const char *EVP_RAND_name(const EVP_RAND *rand)
269 {
270 return evp_first_name(rand->prov, rand->name_id);
271 }
272
273 int EVP_RAND_is_a(const EVP_RAND *rand, const char *name)
274 {
275 return evp_is_a(rand->prov, rand->name_id, NULL, name);
276 }
277
278 const OSSL_PROVIDER *EVP_RAND_provider(const EVP_RAND *rand)
279 {
280 return rand->prov;
281 }
282
283 int EVP_RAND_get_params(EVP_RAND *rand, OSSL_PARAM params[])
284 {
285 if (rand->get_params != NULL)
286 return rand->get_params(params);
287 return 1;
288 }
289
290 EVP_RAND_CTX *EVP_RAND_CTX_new(EVP_RAND *rand, EVP_RAND_CTX *parent)
291 {
292 EVP_RAND_CTX *ctx;
293 void *parent_ctx = NULL;
294 const OSSL_DISPATCH *parent_dispatch = NULL;
295
296 if (rand == NULL) {
297 EVPerr(0, EVP_R_INVALID_NULL_ALGORITHM);
298 return NULL;
299 }
300
301 ctx = OPENSSL_zalloc(sizeof(*ctx));
302 if (ctx == NULL) {
303 EVPerr(0, ERR_R_MALLOC_FAILURE);
304 return NULL;
305 }
306 if (parent != NULL) {
307 if (!EVP_RAND_enable_locking(parent)) {
308 EVPerr(0, EVP_R_UNABLE_TO_ENABLE_PARENT_LOCKING);
309 OPENSSL_free(ctx);
310 return NULL;
311 }
312 parent_ctx = parent->data;
313 parent_dispatch = parent->meth->dispatch;
314 }
315 if ((ctx->data = rand->newctx(ossl_provider_ctx(rand->prov), parent_ctx,
316 parent_dispatch)) == NULL
317 || !EVP_RAND_up_ref(rand)) {
318 EVPerr(0, ERR_R_MALLOC_FAILURE);
319 rand->freectx(ctx->data);
320 OPENSSL_free(ctx);
321 return NULL;
322 }
323 ctx->meth = rand;
324 return ctx;
325 }
326
327 void EVP_RAND_CTX_free(EVP_RAND_CTX *ctx)
328 {
329 if (ctx != NULL) {
330 ctx->meth->freectx(ctx->data);
331 ctx->data = NULL;
332 EVP_RAND_free(ctx->meth);
333 OPENSSL_free(ctx);
334 }
335 }
336
337 EVP_RAND *EVP_RAND_CTX_rand(EVP_RAND_CTX *ctx)
338 {
339 return ctx->meth;
340 }
341
342 static int evp_rand_get_ctx_params_locked(EVP_RAND_CTX *ctx,
343 OSSL_PARAM params[])
344 {
345 return ctx->meth->get_ctx_params(ctx->data, params);
346 }
347
348 int EVP_RAND_get_ctx_params(EVP_RAND_CTX *ctx, OSSL_PARAM params[])
349 {
350 int res;
351
352 if (!evp_rand_lock(ctx))
353 return 0;
354 res = evp_rand_get_ctx_params_locked(ctx, params);
355 evp_rand_unlock(ctx);
356 return res;
357 }
358
359 static int evp_rand_set_ctx_params_locked(EVP_RAND_CTX *ctx,
360 const OSSL_PARAM params[])
361 {
362 if (ctx->meth->set_ctx_params != NULL)
363 return ctx->meth->set_ctx_params(ctx->data, params);
364 return 1;
365 }
366
367 int EVP_RAND_set_ctx_params(EVP_RAND_CTX *ctx, const OSSL_PARAM params[])
368 {
369 int res;
370
371 if (!evp_rand_lock(ctx))
372 return 0;
373 res = evp_rand_set_ctx_params_locked(ctx, params);
374 evp_rand_unlock(ctx);
375 return res;
376 }
377
378 const OSSL_PARAM *EVP_RAND_gettable_params(const EVP_RAND *rand)
379 {
380 if (rand->gettable_params == NULL)
381 return NULL;
382 return rand->gettable_params(ossl_provider_ctx(EVP_RAND_provider(rand)));
383 }
384
385 const OSSL_PARAM *EVP_RAND_gettable_ctx_params(const EVP_RAND *rand)
386 {
387 if (rand->gettable_params == NULL)
388 return NULL;
389 return rand->gettable_ctx_params(
390 ossl_provider_ctx(EVP_RAND_provider(rand)));
391 }
392
393 const OSSL_PARAM *EVP_RAND_settable_ctx_params(const EVP_RAND *rand)
394 {
395 if (rand->gettable_params == NULL)
396 return NULL;
397 return rand->settable_ctx_params(
398 ossl_provider_ctx(EVP_RAND_provider(rand)));
399 }
400
401 void EVP_RAND_do_all_provided(OPENSSL_CTX *libctx,
402 void (*fn)(EVP_RAND *rand, void *arg),
403 void *arg)
404 {
405 evp_generic_do_all(libctx, OSSL_OP_RAND,
406 (void (*)(void *, void *))fn, arg,
407 evp_rand_from_dispatch, evp_rand_free);
408 }
409
410 void EVP_RAND_names_do_all(const EVP_RAND *rand,
411 void (*fn)(const char *name, void *data),
412 void *data)
413 {
414 if (rand->prov != NULL)
415 evp_names_do_all(rand->prov, rand->name_id, fn, data);
416 }
417
418 static int evp_rand_instantiate_locked
419 (EVP_RAND_CTX *ctx, unsigned int strength, int prediction_resistance,
420 const unsigned char *pstr, size_t pstr_len)
421 {
422 return ctx->meth->instantiate(ctx->data, strength, prediction_resistance,
423 pstr, pstr_len);
424 }
425
426 int EVP_RAND_instantiate(EVP_RAND_CTX *ctx, unsigned int strength,
427 int prediction_resistance,
428 const unsigned char *pstr, size_t pstr_len)
429 {
430 int res;
431
432 if (!evp_rand_lock(ctx))
433 return 0;
434 res = evp_rand_instantiate_locked(ctx, strength, prediction_resistance,
435 pstr, pstr_len);
436 evp_rand_unlock(ctx);
437 return res;
438 }
439
440 static int evp_rand_uninstantiate_locked(EVP_RAND_CTX *ctx)
441 {
442 return ctx->meth->uninstantiate(ctx->data);
443 }
444
445 int EVP_RAND_uninstantiate(EVP_RAND_CTX *ctx)
446 {
447 int res;
448
449 if (!evp_rand_lock(ctx))
450 return 0;
451 res = evp_rand_uninstantiate_locked(ctx);
452 evp_rand_unlock(ctx);
453 return res;
454 }
455
456 static int evp_rand_generate_locked(EVP_RAND_CTX *ctx, unsigned char *out,
457 size_t outlen, unsigned int strength,
458 int prediction_resistance,
459 const unsigned char *addin,
460 size_t addin_len)
461 {
462 size_t chunk, max_request = 0;
463 OSSL_PARAM params[2] = { OSSL_PARAM_END, OSSL_PARAM_END };
464
465 params[0] = OSSL_PARAM_construct_size_t(OSSL_DRBG_PARAM_MAX_REQUEST,
466 &max_request);
467 if (!evp_rand_get_ctx_params_locked(ctx, params)
468 || max_request == 0) {
469 EVPerr(0, EVP_R_UNABLE_TO_GET_MAXIMUM_REQUEST_SIZE);
470 return 0;
471 }
472 for (; outlen > 0; outlen -= chunk, out += chunk) {
473 chunk = outlen > max_request ? max_request : outlen;
474 if (!ctx->meth->generate(ctx->data, out, chunk, strength,
475 prediction_resistance, addin, addin_len)) {
476 EVPerr(0, EVP_R_GENERATE_ERROR);
477 return 0;
478 }
479 /*
480 * Prediction resistance is only relevant the first time around,
481 * subsequently, the DRBG has already been properly reseeded.
482 */
483 prediction_resistance = 0;
484 }
485 return 1;
486 }
487
488 int EVP_RAND_generate(EVP_RAND_CTX *ctx, unsigned char *out, size_t outlen,
489 unsigned int strength, int prediction_resistance,
490 const unsigned char *addin, size_t addin_len)
491 {
492 int res;
493
494 if (!evp_rand_lock(ctx))
495 return 0;
496 res = evp_rand_generate_locked(ctx, out, outlen, strength,
497 prediction_resistance, addin, addin_len);
498 evp_rand_unlock(ctx);
499 return res;
500 }
501
502 static int evp_rand_reseed_locked(EVP_RAND_CTX *ctx, int prediction_resistance,
503 const unsigned char *ent, size_t ent_len,
504 const unsigned char *addin, size_t addin_len)
505 {
506 if (ctx->meth->reseed != NULL)
507 return ctx->meth->reseed(ctx->data, prediction_resistance,
508 ent, ent_len, addin, addin_len);
509 return 1;
510 }
511
512 int EVP_RAND_reseed(EVP_RAND_CTX *ctx, int prediction_resistance,
513 const unsigned char *ent, size_t ent_len,
514 const unsigned char *addin, size_t addin_len)
515 {
516 int res;
517
518 if (!evp_rand_lock(ctx))
519 return 0;
520 res = evp_rand_reseed_locked(ctx, prediction_resistance,
521 ent, ent_len, addin, addin_len);
522 evp_rand_unlock(ctx);
523 return res;
524 }
525
526 static unsigned int evp_rand_strength_locked(EVP_RAND_CTX *ctx)
527 {
528 OSSL_PARAM params[2] = { OSSL_PARAM_END, OSSL_PARAM_END };
529 unsigned int strength = 0;
530
531 params[0] = OSSL_PARAM_construct_uint(OSSL_RAND_PARAM_STRENGTH, &strength);
532 if (!evp_rand_get_ctx_params_locked(ctx, params))
533 return 0;
534 return strength;
535 }
536
537 unsigned int EVP_RAND_strength(EVP_RAND_CTX *ctx)
538 {
539 unsigned int res;
540
541 if (!evp_rand_lock(ctx))
542 return 0;
543 res = evp_rand_strength_locked(ctx);
544 evp_rand_unlock(ctx);
545 return res;
546 }
547
548 static int evp_rand_nonce_locked(EVP_RAND_CTX *ctx, unsigned char *out,
549 size_t outlen)
550 {
551 unsigned int str = evp_rand_strength_locked(ctx);
552
553 if (ctx->meth->nonce == NULL)
554 return 0;
555 if (ctx->meth->nonce(ctx->data, out, str, outlen, outlen))
556 return 1;
557 return evp_rand_generate_locked(ctx, out, outlen, str, 0, NULL, 0);
558 }
559
560 int EVP_RAND_nonce(EVP_RAND_CTX *ctx, unsigned char *out, size_t outlen)
561 {
562 int res;
563
564 if (!evp_rand_lock(ctx))
565 return 0;
566 res = evp_rand_nonce_locked(ctx, out, outlen);
567 evp_rand_unlock(ctx);
568 return res;
569 }
570
571 int EVP_RAND_state(EVP_RAND_CTX *ctx)
572 {
573 OSSL_PARAM params[2] = { OSSL_PARAM_END, OSSL_PARAM_END };
574 int state;
575
576 params[0] = OSSL_PARAM_construct_int(OSSL_RAND_PARAM_STATE, &state);
577 if (!EVP_RAND_get_ctx_params(ctx, params))
578 state = EVP_RAND_STATE_ERROR;
579 return state;
580 }
581
582 static int evp_rand_set_callbacks_locked(EVP_RAND_CTX *ctx,
583 OSSL_INOUT_CALLBACK *get_entropy,
584 OSSL_CALLBACK *cleanup_entropy,
585 OSSL_INOUT_CALLBACK *get_nonce,
586 OSSL_CALLBACK *cleanup_nonce,
587 void *arg)
588 {
589 if (ctx->meth->set_callbacks == NULL) {
590 EVPerr(0, EVP_R_UNABLE_TO_SET_CALLBACKS);
591 return 0;
592 }
593 ctx->meth->set_callbacks(ctx->data, get_entropy, cleanup_entropy,
594 get_nonce, cleanup_nonce, arg);
595 return 1;
596 }
597
598 int EVP_RAND_set_callbacks(EVP_RAND_CTX *ctx,
599 OSSL_INOUT_CALLBACK *get_entropy,
600 OSSL_CALLBACK *cleanup_entropy,
601 OSSL_INOUT_CALLBACK *get_nonce,
602 OSSL_CALLBACK *cleanup_nonce, void *arg)
603 {
604 int res;
605
606 if (!evp_rand_lock(ctx))
607 return 0;
608 res = evp_rand_set_callbacks_locked(ctx, get_entropy, cleanup_entropy,
609 get_nonce, cleanup_nonce, arg);
610 evp_rand_unlock(ctx);
611 return res;
612 }
613
614 static int evp_rand_verify_zeroization_locked(EVP_RAND_CTX *ctx)
615 {
616 if (ctx->meth->verify_zeroization != NULL)
617 return ctx->meth->verify_zeroization(ctx->data);
618 return 0;
619 }
620
621 int EVP_RAND_verify_zeroization(EVP_RAND_CTX *ctx)
622 {
623 int res;
624
625 if (!evp_rand_lock(ctx))
626 return 0;
627 res = evp_rand_verify_zeroization_locked(ctx);
628 evp_rand_unlock(ctx);
629 return res;
630 }
A mirror of the official openssl repository