/*
- * Copyright 2020 The OpenSSL Project Authors. All Rights Reserved.
+ * Copyright 2020-2021 The OpenSSL Project Authors. All Rights Reserved.
*
* Licensed under the Apache License 2.0 (the "License"). You may not use
* this file except in compliance with the License. You can obtain a copy
#include "internal/provider.h"
#include "evp_local.h"
+struct evp_rand_st {
+ OSSL_PROVIDER *prov;
+ int name_id;
+ CRYPTO_REF_COUNT refcnt;
+ CRYPTO_RWLOCK *refcnt_lock;
+
+ const OSSL_DISPATCH *dispatch;
+ OSSL_FUNC_rand_newctx_fn *newctx;
+ OSSL_FUNC_rand_freectx_fn *freectx;
+ OSSL_FUNC_rand_instantiate_fn *instantiate;
+ OSSL_FUNC_rand_uninstantiate_fn *uninstantiate;
+ OSSL_FUNC_rand_generate_fn *generate;
+ OSSL_FUNC_rand_reseed_fn *reseed;
+ OSSL_FUNC_rand_nonce_fn *nonce;
+ OSSL_FUNC_rand_enable_locking_fn *enable_locking;
+ OSSL_FUNC_rand_lock_fn *lock;
+ OSSL_FUNC_rand_unlock_fn *unlock;
+ OSSL_FUNC_rand_gettable_params_fn *gettable_params;
+ OSSL_FUNC_rand_gettable_ctx_params_fn *gettable_ctx_params;
+ OSSL_FUNC_rand_settable_ctx_params_fn *settable_ctx_params;
+ OSSL_FUNC_rand_get_params_fn *get_params;
+ OSSL_FUNC_rand_get_ctx_params_fn *get_ctx_params;
+ OSSL_FUNC_rand_set_ctx_params_fn *set_ctx_params;
+ OSSL_FUNC_rand_verify_zeroization_fn *verify_zeroization;
+} /* EVP_RAND */ ;
+
static int evp_rand_up_ref(void *vrand)
{
EVP_RAND *rand = (EVP_RAND *)vrand;
{
if (rand->meth->enable_locking != NULL)
return rand->meth->enable_locking(rand->data);
- EVPerr(0, EVP_R_LOCKING_NOT_SUPPORTED);
+ ERR_raise(ERR_LIB_EVP, EVP_R_LOCKING_NOT_SUPPORTED);
return 0;
}
OSSL_PROVIDER *prov)
{
EVP_RAND *rand = NULL;
- int fnrandcnt = 0, fnctxcnt = 0, fnlockcnt = 0;
+ int fnrandcnt = 0, fnctxcnt = 0, fnlockcnt = 0, fnenablelockcnt = 0;
#ifdef FIPS_MODULE
int fnzeroizecnt = 0;
#endif
if ((rand = evp_rand_new()) == NULL) {
- EVPerr(0, ERR_R_MALLOC_FAILURE);
+ ERR_raise(ERR_LIB_EVP, ERR_R_MALLOC_FAILURE);
return NULL;
}
rand->name_id = name_id;
break;
rand->nonce = OSSL_FUNC_rand_nonce(fns);
break;
- case OSSL_FUNC_RAND_SET_CALLBACKS:
- if (rand->set_callbacks != NULL)
- break;
- rand->set_callbacks = OSSL_FUNC_rand_set_callbacks(fns);
- break;
case OSSL_FUNC_RAND_ENABLE_LOCKING:
if (rand->enable_locking != NULL)
break;
rand->enable_locking = OSSL_FUNC_rand_enable_locking(fns);
- fnlockcnt++;
+ fnenablelockcnt++;
break;
case OSSL_FUNC_RAND_LOCK:
if (rand->lock != NULL)
if (rand->get_ctx_params != NULL)
break;
rand->get_ctx_params = OSSL_FUNC_rand_get_ctx_params(fns);
+ fnctxcnt++;
break;
case OSSL_FUNC_RAND_SET_CTX_PARAMS:
if (rand->set_ctx_params != NULL)
* locking functions.
*/
if (fnrandcnt != 3
- || fnctxcnt != 2
- || (fnlockcnt != 0 && fnlockcnt != 3)
+ || fnctxcnt != 3
+ || (fnenablelockcnt != 0 && fnenablelockcnt != 1)
+ || (fnlockcnt != 0 && fnlockcnt != 2)
#ifdef FIPS_MODULE
|| fnzeroizecnt != 1
#endif
return rand;
}
-EVP_RAND *EVP_RAND_fetch(OPENSSL_CTX *libctx, const char *algorithm,
+EVP_RAND *EVP_RAND_fetch(OSSL_LIB_CTX *libctx, const char *algorithm,
const char *properties)
{
return evp_generic_fetch(libctx, OSSL_OP_RAND, algorithm, properties,
return 1;
}
+static int evp_rand_ctx_up_ref(EVP_RAND_CTX *ctx)
+{
+ int ref = 0;
+
+ return CRYPTO_UP_REF(&ctx->refcnt, &ref, ctx->refcnt_lock);
+}
+
EVP_RAND_CTX *EVP_RAND_CTX_new(EVP_RAND *rand, EVP_RAND_CTX *parent)
{
EVP_RAND_CTX *ctx;
const OSSL_DISPATCH *parent_dispatch = NULL;
if (rand == NULL) {
- EVPerr(0, EVP_R_INVALID_NULL_ALGORITHM);
+ ERR_raise(ERR_LIB_EVP, EVP_R_INVALID_NULL_ALGORITHM);
return NULL;
}
ctx = OPENSSL_zalloc(sizeof(*ctx));
- if (ctx == NULL) {
- EVPerr(0, ERR_R_MALLOC_FAILURE);
+ if (ctx == NULL || (ctx->refcnt_lock = CRYPTO_THREAD_lock_new()) == NULL) {
+ OPENSSL_free(ctx);
+ ERR_raise(ERR_LIB_EVP, ERR_R_MALLOC_FAILURE);
return NULL;
}
if (parent != NULL) {
- if (!EVP_RAND_enable_locking(parent)) {
- EVPerr(0, EVP_R_UNABLE_TO_ENABLE_PARENT_LOCKING);
+ if (!evp_rand_ctx_up_ref(parent)) {
+ ERR_raise(ERR_LIB_EVP, ERR_R_INTERNAL_ERROR);
+ CRYPTO_THREAD_lock_free(ctx->refcnt_lock);
OPENSSL_free(ctx);
return NULL;
}
if ((ctx->data = rand->newctx(ossl_provider_ctx(rand->prov), parent_ctx,
parent_dispatch)) == NULL
|| !EVP_RAND_up_ref(rand)) {
- EVPerr(0, ERR_R_MALLOC_FAILURE);
+ ERR_raise(ERR_LIB_EVP, ERR_R_MALLOC_FAILURE);
rand->freectx(ctx->data);
+ CRYPTO_THREAD_lock_free(ctx->refcnt_lock);
OPENSSL_free(ctx);
+ EVP_RAND_CTX_free(parent);
return NULL;
}
ctx->meth = rand;
+ ctx->parent = parent;
+ ctx->refcnt = 1;
return ctx;
}
void EVP_RAND_CTX_free(EVP_RAND_CTX *ctx)
{
if (ctx != NULL) {
- ctx->meth->freectx(ctx->data);
- ctx->data = NULL;
- EVP_RAND_free(ctx->meth);
- OPENSSL_free(ctx);
+ int ref = 0;
+
+ CRYPTO_DOWN_REF(&ctx->refcnt, &ref, ctx->refcnt_lock);
+ if (ref <= 0) {
+ EVP_RAND_CTX *parent = ctx->parent;
+
+ ctx->meth->freectx(ctx->data);
+ ctx->data = NULL;
+ EVP_RAND_free(ctx->meth);
+ CRYPTO_THREAD_lock_free(ctx->refcnt_lock);
+ OPENSSL_free(ctx);
+ EVP_RAND_CTX_free(parent);
+ }
}
}
return ctx->meth;
}
+static int evp_rand_get_ctx_params_locked(EVP_RAND_CTX *ctx,
+ OSSL_PARAM params[])
+{
+ return ctx->meth->get_ctx_params(ctx->data, params);
+}
+
int EVP_RAND_get_ctx_params(EVP_RAND_CTX *ctx, OSSL_PARAM params[])
{
- int res = 1;
+ int res;
- if (ctx->meth->get_ctx_params != NULL) {
- if (!evp_rand_lock(ctx))
- return 0;
- res = ctx->meth->get_ctx_params(ctx->data, params);
- evp_rand_unlock(ctx);
- }
+ if (!evp_rand_lock(ctx))
+ return 0;
+ res = evp_rand_get_ctx_params_locked(ctx, params);
+ evp_rand_unlock(ctx);
return res;
}
+static int evp_rand_set_ctx_params_locked(EVP_RAND_CTX *ctx,
+ const OSSL_PARAM params[])
+{
+ if (ctx->meth->set_ctx_params != NULL)
+ return ctx->meth->set_ctx_params(ctx->data, params);
+ return 1;
+}
+
int EVP_RAND_set_ctx_params(EVP_RAND_CTX *ctx, const OSSL_PARAM params[])
{
- int res = 1;
+ int res;
- if (ctx->meth->set_ctx_params != NULL) {
- if (!evp_rand_lock(ctx))
- return 0;
- res = ctx->meth->set_ctx_params(ctx->data, params);
- evp_rand_unlock(ctx);
- /* Clear out the cache state because the values can change on a set */
- ctx->strength = 0;
- ctx->max_request = 0;
- }
+ if (!evp_rand_lock(ctx))
+ return 0;
+ res = evp_rand_set_ctx_params_locked(ctx, params);
+ evp_rand_unlock(ctx);
return res;
}
const OSSL_PARAM *EVP_RAND_gettable_params(const EVP_RAND *rand)
{
- return rand->gettable_params == NULL ? NULL : rand->gettable_params();
+ if (rand->gettable_params == NULL)
+ return NULL;
+ return rand->gettable_params(ossl_provider_ctx(EVP_RAND_provider(rand)));
}
const OSSL_PARAM *EVP_RAND_gettable_ctx_params(const EVP_RAND *rand)
{
- return rand->gettable_ctx_params == NULL ? NULL
- : rand->gettable_ctx_params();
+ if (rand->gettable_ctx_params == NULL)
+ return NULL;
+ return rand->gettable_ctx_params(
+ ossl_provider_ctx(EVP_RAND_provider(rand)));
}
const OSSL_PARAM *EVP_RAND_settable_ctx_params(const EVP_RAND *rand)
{
- return rand->settable_ctx_params == NULL ? NULL
- :rand->settable_ctx_params();
+ if (rand->settable_ctx_params == NULL)
+ return NULL;
+ return rand->settable_ctx_params(
+ ossl_provider_ctx(EVP_RAND_provider(rand)));
}
-void EVP_RAND_do_all_provided(OPENSSL_CTX *libctx,
+void EVP_RAND_do_all_provided(OSSL_LIB_CTX *libctx,
void (*fn)(EVP_RAND *rand, void *arg),
void *arg)
{
evp_rand_from_dispatch, evp_rand_free);
}
-void EVP_RAND_names_do_all(const EVP_RAND *rand,
- void (*fn)(const char *name, void *data),
- void *data)
+int EVP_RAND_names_do_all(const EVP_RAND *rand,
+ void (*fn)(const char *name, void *data),
+ void *data)
{
if (rand->prov != NULL)
- evp_names_do_all(rand->prov, rand->name_id, fn, data);
+ return evp_names_do_all(rand->prov, rand->name_id, fn, data);
+
+ return 1;
+}
+
+static int evp_rand_instantiate_locked
+ (EVP_RAND_CTX *ctx, unsigned int strength, int prediction_resistance,
+ const unsigned char *pstr, size_t pstr_len)
+{
+ return ctx->meth->instantiate(ctx->data, strength, prediction_resistance,
+ pstr, pstr_len);
}
int EVP_RAND_instantiate(EVP_RAND_CTX *ctx, unsigned int strength,
if (!evp_rand_lock(ctx))
return 0;
- res = ctx->meth->instantiate(ctx->data, strength, prediction_resistance,
- pstr, pstr_len);
+ res = evp_rand_instantiate_locked(ctx, strength, prediction_resistance,
+ pstr, pstr_len);
evp_rand_unlock(ctx);
return res;
}
+static int evp_rand_uninstantiate_locked(EVP_RAND_CTX *ctx)
+{
+ return ctx->meth->uninstantiate(ctx->data);
+}
+
int EVP_RAND_uninstantiate(EVP_RAND_CTX *ctx)
{
int res;
if (!evp_rand_lock(ctx))
return 0;
- res = ctx->meth->uninstantiate(ctx->data);
+ res = evp_rand_uninstantiate_locked(ctx);
evp_rand_unlock(ctx);
return res;
}
-int EVP_RAND_generate(EVP_RAND_CTX *ctx, unsigned char *out, size_t outlen,
- unsigned int strength, int prediction_resistance,
- const unsigned char *addin, size_t addin_len)
+static int evp_rand_generate_locked(EVP_RAND_CTX *ctx, unsigned char *out,
+ size_t outlen, unsigned int strength,
+ int prediction_resistance,
+ const unsigned char *addin,
+ size_t addin_len)
{
- size_t chunk;
- OSSL_PARAM params[2];
- int res = 0;
+ size_t chunk, max_request = 0;
+ OSSL_PARAM params[2] = { OSSL_PARAM_END, OSSL_PARAM_END };
- if (!evp_rand_lock(ctx))
+ params[0] = OSSL_PARAM_construct_size_t(OSSL_RAND_PARAM_MAX_REQUEST,
+ &max_request);
+ if (!evp_rand_get_ctx_params_locked(ctx, params)
+ || max_request == 0) {
+ ERR_raise(ERR_LIB_EVP, EVP_R_UNABLE_TO_GET_MAXIMUM_REQUEST_SIZE);
return 0;
- if (ctx->max_request == 0) {
- params[0] = OSSL_PARAM_construct_size_t(OSSL_DRBG_PARAM_MAX_REQUEST,
- &chunk);
- params[1] = OSSL_PARAM_construct_end();
- if (!EVP_RAND_get_ctx_params(ctx, params) || chunk == 0) {
- EVPerr(0, EVP_R_UNABLE_TO_GET_MAXIMUM_REQUEST_SIZE);
- goto err;
- }
- ctx->max_request = chunk;
}
for (; outlen > 0; outlen -= chunk, out += chunk) {
- chunk = outlen > ctx->max_request ? ctx->max_request : outlen;
+ chunk = outlen > max_request ? max_request : outlen;
if (!ctx->meth->generate(ctx->data, out, chunk, strength,
prediction_resistance, addin, addin_len)) {
- EVPerr(0, EVP_R_GENERATE_ERROR);
- goto err;
+ ERR_raise(ERR_LIB_EVP, EVP_R_GENERATE_ERROR);
+ return 0;
}
/*
* Prediction resistance is only relevant the first time around,
*/
prediction_resistance = 0;
}
- res = 1;
-err:
+ return 1;
+}
+
+int EVP_RAND_generate(EVP_RAND_CTX *ctx, unsigned char *out, size_t outlen,
+ unsigned int strength, int prediction_resistance,
+ const unsigned char *addin, size_t addin_len)
+{
+ int res;
+
+ if (!evp_rand_lock(ctx))
+ return 0;
+ res = evp_rand_generate_locked(ctx, out, outlen, strength,
+ prediction_resistance, addin, addin_len);
evp_rand_unlock(ctx);
return res;
}
+static int evp_rand_reseed_locked(EVP_RAND_CTX *ctx, int prediction_resistance,
+ const unsigned char *ent, size_t ent_len,
+ const unsigned char *addin, size_t addin_len)
+{
+ if (ctx->meth->reseed != NULL)
+ return ctx->meth->reseed(ctx->data, prediction_resistance,
+ ent, ent_len, addin, addin_len);
+ return 1;
+}
+
int EVP_RAND_reseed(EVP_RAND_CTX *ctx, int prediction_resistance,
const unsigned char *ent, size_t ent_len,
const unsigned char *addin, size_t addin_len)
{
- int res = 1;
+ int res;
if (!evp_rand_lock(ctx))
return 0;
- if (ctx->meth->reseed != NULL)
- res = ctx->meth->reseed(ctx->data, prediction_resistance,
- ent, ent_len, addin, addin_len);
+ res = evp_rand_reseed_locked(ctx, prediction_resistance,
+ ent, ent_len, addin, addin_len);
evp_rand_unlock(ctx);
return res;
}
-int EVP_RAND_nonce(EVP_RAND_CTX *ctx, unsigned char *out, size_t outlen)
+static unsigned int evp_rand_strength_locked(EVP_RAND_CTX *ctx)
{
- int res = 1;
- unsigned int str = EVP_RAND_strength(ctx);
+ OSSL_PARAM params[2] = { OSSL_PARAM_END, OSSL_PARAM_END };
+ unsigned int strength = 0;
+
+ params[0] = OSSL_PARAM_construct_uint(OSSL_RAND_PARAM_STRENGTH, &strength);
+ if (!evp_rand_get_ctx_params_locked(ctx, params))
+ return 0;
+ return strength;
+}
+
+unsigned int EVP_RAND_strength(EVP_RAND_CTX *ctx)
+{
+ unsigned int res;
if (!evp_rand_lock(ctx))
return 0;
- if (ctx->meth->nonce == NULL
- || !ctx->meth->nonce(ctx->data, out, str, outlen, outlen))
- res = ctx->meth->generate(ctx->data, out, outlen, str, 0, NULL, 0);
+ res = evp_rand_strength_locked(ctx);
evp_rand_unlock(ctx);
return res;
}
-unsigned int EVP_RAND_strength(EVP_RAND_CTX *ctx)
+static int evp_rand_nonce_locked(EVP_RAND_CTX *ctx, unsigned char *out,
+ size_t outlen)
{
- OSSL_PARAM params[2];
- unsigned int t;
- int res;
+ unsigned int str = evp_rand_strength_locked(ctx);
- if (ctx->strength == 0) {
- params[0] = OSSL_PARAM_construct_uint(OSSL_RAND_PARAM_STRENGTH, &t);
- params[1] = OSSL_PARAM_construct_end();
- if (!evp_rand_lock(ctx))
- return 0;
- res = EVP_RAND_get_ctx_params(ctx, params);
- evp_rand_unlock(ctx);
- if (!res)
- return 0;
- ctx->strength = t;
- }
- return ctx->strength;
+ if (ctx->meth->nonce == NULL)
+ return 0;
+ if (ctx->meth->nonce(ctx->data, out, str, outlen, outlen))
+ return 1;
+ return evp_rand_generate_locked(ctx, out, outlen, str, 0, NULL, 0);
}
-int EVP_RAND_state(EVP_RAND_CTX *ctx)
+int EVP_RAND_nonce(EVP_RAND_CTX *ctx, unsigned char *out, size_t outlen)
{
- OSSL_PARAM params[2] = { OSSL_PARAM_END, OSSL_PARAM_END };
- int status, res;
+ int res;
- params[0] = OSSL_PARAM_construct_int(OSSL_RAND_PARAM_STATE,
- &status);
if (!evp_rand_lock(ctx))
return 0;
- res = EVP_RAND_get_ctx_params(ctx, params);
+ res = evp_rand_nonce_locked(ctx, out, outlen);
evp_rand_unlock(ctx);
- if (!res)
- status = EVP_RAND_STATE_ERROR;
- return status;
+ return res;
}
-int EVP_RAND_set_callbacks(EVP_RAND_CTX *ctx,
- OSSL_INOUT_CALLBACK *get_entropy,
- OSSL_CALLBACK *cleanup_entropy,
- OSSL_INOUT_CALLBACK *get_nonce,
- OSSL_CALLBACK *cleanup_nonce, void *arg)
+int EVP_RAND_state(EVP_RAND_CTX *ctx)
{
- if (ctx->meth->set_callbacks == NULL) {
- EVPerr(0, EVP_R_UNABLE_TO_SET_CALLBACKS);
- return 0;
- }
- ctx->meth->set_callbacks(ctx->data, get_entropy, cleanup_entropy,
- get_nonce, cleanup_nonce, arg);
- return 1;
+ OSSL_PARAM params[2] = { OSSL_PARAM_END, OSSL_PARAM_END };
+ int state;
+
+ params[0] = OSSL_PARAM_construct_int(OSSL_RAND_PARAM_STATE, &state);
+ if (!EVP_RAND_get_ctx_params(ctx, params))
+ state = EVP_RAND_STATE_ERROR;
+ return state;
+}
+
+static int evp_rand_verify_zeroization_locked(EVP_RAND_CTX *ctx)
+{
+ if (ctx->meth->verify_zeroization != NULL)
+ return ctx->meth->verify_zeroization(ctx->data);
+ return 0;
}
int EVP_RAND_verify_zeroization(EVP_RAND_CTX *ctx)
{
- int res = 0;
+ int res;
- if (ctx->meth->verify_zeroization != NULL) {
- if (!evp_rand_lock(ctx))
- return 0;
- res = ctx->meth->verify_zeroization(ctx->data);
- evp_rand_unlock(ctx);
- }
+ if (!evp_rand_lock(ctx))
+ return 0;
+ res = evp_rand_verify_zeroization_locked(ctx);
+ evp_rand_unlock(ctx);
return res;
}