rand: avoid caching RNG parameters.

The strength and max_length DRBG parameters were being cached in the EVP_RAND
layer.  This commit removes the caching.

Reviewed-by: Matthias St. Pierre <Matthias.St.Pierre@ncp-e.com>
(Merged from https://github.com/openssl/openssl/pull/12321)

diff --git a/crypto/evp/evp_local.h b/crypto/evp/evp_local.h
index aeb4cca266709f11d1d3db6e17cb8d696fa152b6..4aae702d6fb1b023241750840a2bf4507dfc7222 100644 (file)
--- a/crypto/evp/evp_local.h
+++ b/crypto/evp/evp_local.h
@@ -69,11 +69,6 @@ struct evp_kdf_ctx_st {
 struct evp_rand_ctx_st {
     EVP_RAND *meth;             /* Method structure */
     void *data;                 /* Algorithm-specific data */
-    size_t max_request;         /*
-                                 * Cached: maximum number of bytes generated 
-                                 * in a single call to the generate function
-                                 */
-    unsigned int strength;      /* Cached: bit strength of generator */
 } /* EVP_RAND_CTX */ ;
 
 struct evp_rand_st {

diff --git a/crypto/evp/evp_rand.c b/crypto/evp/evp_rand.c
index 495e774c5164eb63eb4880bcd2b1d8d2736332fd..9273fd9c19d771da73bdae59a4c041666ef38b8a 100644 (file)
--- a/crypto/evp/evp_rand.c
+++ b/crypto/evp/evp_rand.c
@@ -359,10 +359,6 @@ int EVP_RAND_get_ctx_params(EVP_RAND_CTX *ctx, OSSL_PARAM params[])
 static int evp_rand_set_ctx_params_locked(EVP_RAND_CTX *ctx,
                                           const OSSL_PARAM params[])
 {
-    /* Clear out the cache state because the values can change on a set */
-    ctx->strength = 0;
-    ctx->max_request = 0;
-
     if (ctx->meth->set_ctx_params != NULL)
         return ctx->meth->set_ctx_params(ctx->data, params);
     return 1;
@@ -457,22 +453,18 @@ static int evp_rand_generate_locked(EVP_RAND_CTX *ctx, unsigned char *out,
                                     const unsigned char *addin,
                                     size_t addin_len)
 {
-    size_t chunk;
-    OSSL_PARAM params[2];
+    size_t chunk, max_request = 0;
+    OSSL_PARAM params[2] = { OSSL_PARAM_END, OSSL_PARAM_END };
 
-    if (ctx->max_request == 0) {
-        params[0] = OSSL_PARAM_construct_size_t(OSSL_DRBG_PARAM_MAX_REQUEST,
-                                                &chunk);
-        params[1] = OSSL_PARAM_construct_end();
-        if (!evp_rand_get_ctx_params_locked(ctx, params)
-                || chunk == 0) {
-            EVPerr(0, EVP_R_UNABLE_TO_GET_MAXIMUM_REQUEST_SIZE);
-            return 0;
-        }
-        ctx->max_request = chunk;
+    params[0] = OSSL_PARAM_construct_size_t(OSSL_DRBG_PARAM_MAX_REQUEST,
+                                            &max_request);
+    if (!evp_rand_get_ctx_params_locked(ctx, params)
+            || max_request == 0) {
+        EVPerr(0, EVP_R_UNABLE_TO_GET_MAXIMUM_REQUEST_SIZE);
+        return 0;
     }
     for (; outlen > 0; outlen -= chunk, out += chunk) {
-        chunk = outlen > ctx->max_request ? ctx->max_request : outlen;
+        chunk = outlen > max_request ? max_request : outlen;
         if (!ctx->meth->generate(ctx->data, out, chunk, strength,
                                  prediction_resistance, addin, addin_len)) {
             EVPerr(0, EVP_R_GENERATE_ERROR);
@@ -528,14 +520,12 @@ int EVP_RAND_reseed(EVP_RAND_CTX *ctx, int prediction_resistance,
 static unsigned int evp_rand_strength_locked(EVP_RAND_CTX *ctx)
 {
     OSSL_PARAM params[2] = { OSSL_PARAM_END, OSSL_PARAM_END };
+    unsigned int strength = 0;
 
-    if (ctx->strength == 0) {
-        params[0] = OSSL_PARAM_construct_uint(OSSL_RAND_PARAM_STRENGTH,
-                                              &ctx->strength);
-        if (!evp_rand_get_ctx_params_locked(ctx, params))
-            return 0;
-    }
-    return ctx->strength;
+    params[0] = OSSL_PARAM_construct_uint(OSSL_RAND_PARAM_STRENGTH, &strength);
+    if (!evp_rand_get_ctx_params_locked(ctx, params))
+        return 0;
+    return strength;
 }
 
 unsigned int EVP_RAND_strength(EVP_RAND_CTX *ctx)