From: Simo Sorce Date: Thu, 16 Oct 2025 19:48:09 +0000 (-0400) Subject: rands: Use include file for generated code X-Git-Url: http://git.ipfire.org/gitweb.cgi?a=commitdiff_plain;h=e3c5cface6076918464b19c5f3a0fd50b3094964;p=thirdparty%2Fopenssl.git rands: Use include file for generated code Signed-off-by: Simo Sorce Reviewed-by: Matt Caswell Reviewed-by: Tomas Mraz Reviewed-by: Dmitry Belyavskiy (Merged from https://github.com/openssl/openssl/pull/28838) --- diff --git a/.gitignore b/.gitignore index a04cc765eb9..918ecc7da44 100644 --- a/.gitignore +++ b/.gitignore @@ -167,13 +167,13 @@ providers/implementations/macs/hmac_prov.inc providers/implementations/macs/kmac_prov.inc providers/implementations/macs/poly1305_prov.inc providers/implementations/macs/siphash_prov.inc -providers/implementations/rands/drbg_ctr.c -providers/implementations/rands/drbg_hash.c -providers/implementations/rands/drbg_hmac.c -providers/implementations/rands/fips_crng_test.c -providers/implementations/rands/seed_src.c -providers/implementations/rands/seed_src_jitter.c -providers/implementations/rands/test_rng.c +providers/implementations/rands/drbg_ctr.inc +providers/implementations/rands/drbg_hash.inc +providers/implementations/rands/drbg_hmac.inc +providers/implementations/rands/fips_crng_test.inc +providers/implementations/rands/seed_src.inc +providers/implementations/rands/seed_src_jitter.inc +providers/implementations/rands/test_rng.inc # error code files /crypto/err/openssl.txt.old diff --git a/build.info b/build.info index f69cddd936b..149e3c46f20 100644 --- a/build.info +++ b/build.info @@ -125,13 +125,13 @@ DEPEND[]=include/openssl/asn1.h \ providers/implementations/macs/kmac_prov.inc \ providers/implementations/macs/poly1305_prov.inc \ providers/implementations/macs/siphash_prov.inc \ - providers/implementations/rands/drbg_ctr.c \ - providers/implementations/rands/drbg_hash.c \ - providers/implementations/rands/drbg_hmac.c \ - providers/implementations/rands/fips_crng_test.c \ - providers/implementations/rands/seed_src.c \ - providers/implementations/rands/seed_src_jitter.c \ - providers/implementations/rands/test_rng.c + providers/implementations/rands/drbg_ctr.inc \ + providers/implementations/rands/drbg_hash.inc \ + providers/implementations/rands/drbg_hmac.inc \ + providers/implementations/rands/fips_crng_test.inc \ + providers/implementations/rands/seed_src.inc \ + providers/implementations/rands/seed_src_jitter.inc \ + providers/implementations/rands/test_rng.inc GENERATE[include/openssl/asn1.h]=include/openssl/asn1.h.in GENERATE[include/openssl/asn1t.h]=include/openssl/asn1t.h.in @@ -243,13 +243,13 @@ DEPEND[providers/implementations/asymciphers/rsa_enc.inc \ providers/implementations/macs/kmac_prov.inc \ providers/implementations/macs/poly1305_prov.inc \ providers/implementations/macs/siphash_prov.inc \ - providers/implementations/rands/drbg_ctr.c \ - providers/implementations/rands/drbg_hash.c \ - providers/implementations/rands/drbg_hmac.c \ - providers/implementations/rands/fips_crng_test.c \ - providers/implementations/rands/seed_src.c \ - providers/implementations/rands/seed_src_jitter.c \ - providers/implementations/rands/test_rng.c \ + providers/implementations/rands/drbg_ctr.inc \ + providers/implementations/rands/drbg_hash.inc \ + providers/implementations/rands/drbg_hmac.inc \ + providers/implementations/rands/fips_crng_test.inc \ + providers/implementations/rands/seed_src.inc \ + providers/implementations/rands/seed_src_jitter.inc \ + providers/implementations/rands/test_rng.inc \ include/openssl/core_names.h]=util/perl|OpenSSL/paramnames.pm GENERATE[providers/implementations/asymciphers/rsa_enc.inc]=\ providers/implementations/asymciphers/rsa_enc.inc.in @@ -405,20 +405,20 @@ GENERATE[providers/implementations/macs/poly1305_prov.inc]=\ providers/implementations/macs/poly1305_prov.inc.in GENERATE[providers/implementations/macs/siphash_prov.inc]=\ providers/implementations/macs/siphash_prov.inc.in -GENERATE[providers/implementations/rands/drbg_ctr.c]=\ - providers/implementations/rands/drbg_ctr.c.in -GENERATE[providers/implementations/rands/drbg_hash.c]=\ - providers/implementations/rands/drbg_hash.c.in -GENERATE[providers/implementations/rands/drbg_hmac.c]=\ - providers/implementations/rands/drbg_hmac.c.in -GENERATE[providers/implementations/rands/fips_crng_test.c]=\ - providers/implementations/rands/fips_crng_test.c.in -GENERATE[providers/implementations/rands/seed_src.c]=\ - providers/implementations/rands/seed_src.c.in -GENERATE[providers/implementations/rands/seed_src_jitter.c]=\ - providers/implementations/rands/seed_src_jitter.c.in -GENERATE[providers/implementations/rands/test_rng.c]=\ - providers/implementations/rands/test_rng.c.in +GENERATE[providers/implementations/rands/drbg_ctr.inc]=\ + providers/implementations/rands/drbg_ctr.inc.in +GENERATE[providers/implementations/rands/drbg_hash.inc]=\ + providers/implementations/rands/drbg_hash.inc.in +GENERATE[providers/implementations/rands/drbg_hmac.inc]=\ + providers/implementations/rands/drbg_hmac.inc.in +GENERATE[providers/implementations/rands/fips_crng_test.inc]=\ + providers/implementations/rands/fips_crng_test.inc.in +GENERATE[providers/implementations/rands/seed_src.inc]=\ + providers/implementations/rands/seed_src.inc.in +GENERATE[providers/implementations/rands/seed_src_jitter.inc]=\ + providers/implementations/rands/seed_src_jitter.inc.in +GENERATE[providers/implementations/rands/test_rng.inc]=\ + providers/implementations/rands/test_rng.inc.in GENERATE[include/openssl/core_names.h]=include/openssl/core_names.h.in IF[{- defined $target{shared_defflag} -}] diff --git a/providers/implementations/rands/drbg_ctr.c.in b/providers/implementations/rands/drbg_ctr.c similarity index 91% rename from providers/implementations/rands/drbg_ctr.c.in rename to providers/implementations/rands/drbg_ctr.c index 347ecf1ae6a..6a5d53c17d8 100644 --- a/providers/implementations/rands/drbg_ctr.c.in +++ b/providers/implementations/rands/drbg_ctr.c @@ -6,9 +6,6 @@ * in the file LICENSE in the source distribution or at * https://www.openssl.org/source/license.html */ -{- -use OpenSSL::paramnames qw(produce_param_decoder); --} #include #include @@ -28,6 +25,11 @@ use OpenSSL::paramnames qw(produce_param_decoder); #include "internal/provider.h" #include "internal/common.h" +#define drbg_ctr_get_ctx_params_st drbg_get_ctx_params_st +#define drbg_ctr_set_ctx_params_st drbg_set_ctx_params_st + +#include "providers/implementations/rands/drbg_ctr.inc" + static OSSL_FUNC_rand_newctx_fn drbg_ctr_new_wrapper; static OSSL_FUNC_rand_freectx_fn drbg_ctr_free; static OSSL_FUNC_rand_instantiate_fn drbg_ctr_instantiate_wrapper; @@ -42,8 +44,6 @@ static OSSL_FUNC_rand_verify_zeroization_fn drbg_ctr_verify_zeroization; static int drbg_ctr_set_ctx_params_locked(PROV_DRBG *drbg, const struct drbg_set_ctx_params_st *p); -static int drbg_ctr_set_ctx_params_decoder(const OSSL_PARAM params[], - struct drbg_set_ctx_params_st *p); /* * The state of a DRBG AES-CTR. @@ -125,7 +125,6 @@ __owur static int ctr_BCC_block(PROV_DRBG_CTR *ctr, unsigned char *out, return 1; } - /* * Handle several BCC operations for as much data as we need for K and X */ @@ -671,27 +670,6 @@ static void drbg_ctr_free(void *vdrbg) ossl_rand_drbg_free(drbg); } -#define drbg_ctr_get_ctx_params_st drbg_get_ctx_params_st - -{- produce_param_decoder('drbg_ctr_get_ctx_params', - (['OSSL_DRBG_PARAM_CIPHER', 'cipher', 'utf8_string'], - ['OSSL_DRBG_PARAM_USE_DF', 'df', 'int'], - ['OSSL_RAND_PARAM_STATE', 'state', 'int'], - ['OSSL_RAND_PARAM_STRENGTH', 'str', 'uint'], - ['OSSL_RAND_PARAM_MAX_REQUEST', 'maxreq', 'size_t'], - ['OSSL_DRBG_PARAM_MIN_ENTROPYLEN', 'minentlen', 'size_t'], - ['OSSL_DRBG_PARAM_MAX_ENTROPYLEN', 'maxentlen', 'size_t'], - ['OSSL_DRBG_PARAM_MIN_NONCELEN', 'minnonlen', 'size_t'], - ['OSSL_DRBG_PARAM_MAX_NONCELEN', 'maxnonlen', 'size_t'], - ['OSSL_DRBG_PARAM_MAX_PERSLEN', 'maxperlen', 'size_t'], - ['OSSL_DRBG_PARAM_MAX_ADINLEN', 'maxadlen', 'size_t'], - ['OSSL_DRBG_PARAM_RESEED_COUNTER', 'reseed_cnt', 'uint'], - ['OSSL_DRBG_PARAM_RESEED_TIME', 'reseed_time', 'time_t'], - ['OSSL_DRBG_PARAM_RESEED_REQUESTS', 'reseed_req', 'uint'], - ['OSSL_DRBG_PARAM_RESEED_TIME_INTERVAL', 'reseed_int', 'uint64'], - ['OSSL_KDF_PARAM_FIPS_APPROVED_INDICATOR', 'ind', 'int', 'fips'], - )); -} - static int drbg_ctr_get_ctx_params(void *vdrbg, OSSL_PARAM params[]) { PROV_DRBG *drbg = (PROV_DRBG *)vdrbg; @@ -825,17 +803,6 @@ static int drbg_ctr_set_ctx_params_locked(PROV_DRBG *ctx, return ossl_drbg_set_ctx_params(ctx, p); } -#define drbg_ctr_set_ctx_params_st drbg_set_ctx_params_st - -{- produce_param_decoder('drbg_ctr_set_ctx_params', - (['OSSL_DRBG_PARAM_PROPERTIES', 'propq', 'utf8_string'], - ['OSSL_DRBG_PARAM_CIPHER', 'cipher', 'utf8_string'], - ['OSSL_DRBG_PARAM_USE_DF', 'df', 'int'], - ['OSSL_PROV_PARAM_CORE_PROV_NAME', 'prov', 'utf8_string'], - ['OSSL_DRBG_PARAM_RESEED_REQUESTS', 'reseed_req', 'uint'], - ['OSSL_DRBG_PARAM_RESEED_TIME_INTERVAL', 'reseed_time', 'uint64'], - )); -} - static int drbg_ctr_set_ctx_params(void *vctx, const OSSL_PARAM params[]) { PROV_DRBG *drbg = (PROV_DRBG *)vctx; diff --git a/providers/implementations/rands/drbg_ctr.inc.in b/providers/implementations/rands/drbg_ctr.inc.in new file mode 100644 index 00000000000..74396fb019b --- /dev/null +++ b/providers/implementations/rands/drbg_ctr.inc.in @@ -0,0 +1,40 @@ +/* + * Copyright 2025 The OpenSSL Project Authors. All Rights Reserved. + * + * Licensed under the Apache License 2.0 (the \"License\"). You may not use + * this file except in compliance with the License. You can obtain a copy + * in the file LICENSE in the source distribution or at + * https://www.openssl.org/source/license.html + */ + +{- +use OpenSSL::paramnames qw(produce_param_decoder); +-} + +{- produce_param_decoder('drbg_ctr_get_ctx_params', + (['OSSL_DRBG_PARAM_CIPHER', 'cipher', 'utf8_string'], + ['OSSL_DRBG_PARAM_USE_DF', 'df', 'int'], + ['OSSL_RAND_PARAM_STATE', 'state', 'int'], + ['OSSL_RAND_PARAM_STRENGTH', 'str', 'uint'], + ['OSSL_RAND_PARAM_MAX_REQUEST', 'maxreq', 'size_t'], + ['OSSL_DRBG_PARAM_MIN_ENTROPYLEN', 'minentlen', 'size_t'], + ['OSSL_DRBG_PARAM_MAX_ENTROPYLEN', 'maxentlen', 'size_t'], + ['OSSL_DRBG_PARAM_MIN_NONCELEN', 'minnonlen', 'size_t'], + ['OSSL_DRBG_PARAM_MAX_NONCELEN', 'maxnonlen', 'size_t'], + ['OSSL_DRBG_PARAM_MAX_PERSLEN', 'maxperlen', 'size_t'], + ['OSSL_DRBG_PARAM_MAX_ADINLEN', 'maxadlen', 'size_t'], + ['OSSL_DRBG_PARAM_RESEED_COUNTER', 'reseed_cnt', 'uint'], + ['OSSL_DRBG_PARAM_RESEED_TIME', 'reseed_time', 'time_t'], + ['OSSL_DRBG_PARAM_RESEED_REQUESTS', 'reseed_req', 'uint'], + ['OSSL_DRBG_PARAM_RESEED_TIME_INTERVAL', 'reseed_int', 'uint64'], + ['OSSL_KDF_PARAM_FIPS_APPROVED_INDICATOR', 'ind', 'int', 'fips'], + )); -} + +{- produce_param_decoder('drbg_ctr_set_ctx_params', + (['OSSL_DRBG_PARAM_PROPERTIES', 'propq', 'utf8_string'], + ['OSSL_DRBG_PARAM_CIPHER', 'cipher', 'utf8_string'], + ['OSSL_DRBG_PARAM_USE_DF', 'df', 'int'], + ['OSSL_PROV_PARAM_CORE_PROV_NAME', 'prov', 'utf8_string'], + ['OSSL_DRBG_PARAM_RESEED_REQUESTS', 'reseed_req', 'uint'], + ['OSSL_DRBG_PARAM_RESEED_TIME_INTERVAL', 'reseed_time', 'uint64'], + )); -} diff --git a/providers/implementations/rands/drbg_hash.c.in b/providers/implementations/rands/drbg_hash.c similarity index 89% rename from providers/implementations/rands/drbg_hash.c.in rename to providers/implementations/rands/drbg_hash.c index cf518007216..28a7bb8afab 100644 --- a/providers/implementations/rands/drbg_hash.c.in +++ b/providers/implementations/rands/drbg_hash.c @@ -6,9 +6,6 @@ * in the file LICENSE in the source distribution or at * https://www.openssl.org/source/license.html */ -{- -use OpenSSL::paramnames qw(produce_param_decoder); --} #include #include @@ -30,6 +27,11 @@ use OpenSSL::paramnames qw(produce_param_decoder); #include "crypto/evp/evp_local.h" #include "internal/provider.h" +#define drbg_hash_get_ctx_params_st drbg_get_ctx_params_st +#define drbg_hash_set_ctx_params_st drbg_set_ctx_params_st + +#include "providers/implementations/rands/drbg_hash.inc" + static OSSL_FUNC_rand_newctx_fn drbg_hash_new_wrapper; static OSSL_FUNC_rand_freectx_fn drbg_hash_free; static OSSL_FUNC_rand_instantiate_fn drbg_hash_instantiate_wrapper; @@ -42,10 +44,8 @@ static OSSL_FUNC_rand_gettable_ctx_params_fn drbg_hash_gettable_ctx_params; static OSSL_FUNC_rand_get_ctx_params_fn drbg_hash_get_ctx_params; static OSSL_FUNC_rand_verify_zeroization_fn drbg_hash_verify_zeroization; -static int drbg_hash_set_ctx_params_locked - (PROV_DRBG *drbg, const struct drbg_set_ctx_params_st *p); -static int drbg_hash_set_ctx_params_decoder(const OSSL_PARAM params[], - struct drbg_set_ctx_params_st *p); +static int drbg_hash_set_ctx_params_locked(PROV_DRBG *drbg, + const struct drbg_set_ctx_params_st *p); /* 888 bits from SP800-90Ar1 10.1 table 2 */ #define HASH_PRNG_MAX_SEEDLEN (888/8) @@ -474,26 +474,6 @@ static void drbg_hash_free(void *vdrbg) ossl_rand_drbg_free(drbg); } -#define drbg_hash_get_ctx_params_st drbg_get_ctx_params_st - -{- produce_param_decoder('drbg_hash_get_ctx_params', - (['OSSL_DRBG_PARAM_DIGEST', 'digest', 'utf8_string'], - ['OSSL_RAND_PARAM_STATE', 'state', 'int'], - ['OSSL_RAND_PARAM_STRENGTH', 'str', 'uint'], - ['OSSL_RAND_PARAM_MAX_REQUEST', 'maxreq', 'size_t'], - ['OSSL_DRBG_PARAM_MIN_ENTROPYLEN', 'minentlen', 'size_t'], - ['OSSL_DRBG_PARAM_MAX_ENTROPYLEN', 'maxentlen', 'size_t'], - ['OSSL_DRBG_PARAM_MIN_NONCELEN', 'minnonlen', 'size_t'], - ['OSSL_DRBG_PARAM_MAX_NONCELEN', 'maxnonlen', 'size_t'], - ['OSSL_DRBG_PARAM_MAX_PERSLEN', 'maxperlen', 'size_t'], - ['OSSL_DRBG_PARAM_MAX_ADINLEN', 'maxadlen', 'size_t'], - ['OSSL_DRBG_PARAM_RESEED_COUNTER', 'reseed_cnt', 'uint'], - ['OSSL_DRBG_PARAM_RESEED_TIME', 'reseed_time', 'time_t'], - ['OSSL_DRBG_PARAM_RESEED_REQUESTS', 'reseed_req', 'uint'], - ['OSSL_DRBG_PARAM_RESEED_TIME_INTERVAL', 'reseed_int', 'uint64'], - ['OSSL_KDF_PARAM_FIPS_APPROVED_INDICATOR', 'ind', 'int', 'fips'], - )); -} - static int drbg_hash_get_ctx_params(void *vdrbg, OSSL_PARAM params[]) { PROV_DRBG *drbg = (PROV_DRBG *)vdrbg; @@ -625,18 +605,6 @@ static int drbg_hash_set_ctx_params_locked return ossl_drbg_set_ctx_params(ctx, p); } -#define drbg_hash_set_ctx_params_st drbg_set_ctx_params_st - -{- produce_param_decoder('drbg_hash_set_ctx_params', - (['OSSL_DRBG_PARAM_PROPERTIES', 'propq', 'utf8_string'], - ['OSSL_ALG_PARAM_ENGINE', 'engine', 'utf8_string', 'hidden'], - ['OSSL_DRBG_PARAM_DIGEST', 'digest', 'utf8_string'], - ['OSSL_PROV_PARAM_CORE_PROV_NAME', 'prov', 'utf8_string'], - ['OSSL_DRBG_PARAM_RESEED_REQUESTS', 'reseed_req', 'uint'], - ['OSSL_DRBG_PARAM_RESEED_TIME_INTERVAL', 'reseed_time', 'uint64'], - ['OSSL_KDF_PARAM_FIPS_DIGEST_CHECK', 'ind_d', 'int', 'fips'], - )); -} - static int drbg_hash_set_ctx_params(void *vctx, const OSSL_PARAM params[]) { PROV_DRBG *drbg = (PROV_DRBG *)vctx; diff --git a/providers/implementations/rands/drbg_hash.inc.in b/providers/implementations/rands/drbg_hash.inc.in new file mode 100644 index 00000000000..5983813fac3 --- /dev/null +++ b/providers/implementations/rands/drbg_hash.inc.in @@ -0,0 +1,40 @@ +/* + * Copyright 2025 The OpenSSL Project Authors. All Rights Reserved. + * + * Licensed under the Apache License 2.0 (the \"License\"). You may not use + * this file except in compliance with the License. You can obtain a copy + * in the file LICENSE in the source distribution or at + * https://www.openssl.org/source/license.html + */ + +{- +use OpenSSL::paramnames qw(produce_param_decoder); +-} + +{- produce_param_decoder('drbg_hash_get_ctx_params', + (['OSSL_DRBG_PARAM_DIGEST', 'digest', 'utf8_string'], + ['OSSL_RAND_PARAM_STATE', 'state', 'int'], + ['OSSL_RAND_PARAM_STRENGTH', 'str', 'uint'], + ['OSSL_RAND_PARAM_MAX_REQUEST', 'maxreq', 'size_t'], + ['OSSL_DRBG_PARAM_MIN_ENTROPYLEN', 'minentlen', 'size_t'], + ['OSSL_DRBG_PARAM_MAX_ENTROPYLEN', 'maxentlen', 'size_t'], + ['OSSL_DRBG_PARAM_MIN_NONCELEN', 'minnonlen', 'size_t'], + ['OSSL_DRBG_PARAM_MAX_NONCELEN', 'maxnonlen', 'size_t'], + ['OSSL_DRBG_PARAM_MAX_PERSLEN', 'maxperlen', 'size_t'], + ['OSSL_DRBG_PARAM_MAX_ADINLEN', 'maxadlen', 'size_t'], + ['OSSL_DRBG_PARAM_RESEED_COUNTER', 'reseed_cnt', 'uint'], + ['OSSL_DRBG_PARAM_RESEED_TIME', 'reseed_time', 'time_t'], + ['OSSL_DRBG_PARAM_RESEED_REQUESTS', 'reseed_req', 'uint'], + ['OSSL_DRBG_PARAM_RESEED_TIME_INTERVAL', 'reseed_int', 'uint64'], + ['OSSL_KDF_PARAM_FIPS_APPROVED_INDICATOR', 'ind', 'int', 'fips'], + )); -} + +{- produce_param_decoder('drbg_hash_set_ctx_params', + (['OSSL_DRBG_PARAM_PROPERTIES', 'propq', 'utf8_string'], + ['OSSL_ALG_PARAM_ENGINE', 'engine', 'utf8_string', 'hidden'], + ['OSSL_DRBG_PARAM_DIGEST', 'digest', 'utf8_string'], + ['OSSL_PROV_PARAM_CORE_PROV_NAME', 'prov', 'utf8_string'], + ['OSSL_DRBG_PARAM_RESEED_REQUESTS', 'reseed_req', 'uint'], + ['OSSL_DRBG_PARAM_RESEED_TIME_INTERVAL', 'reseed_time', 'uint64'], + ['OSSL_KDF_PARAM_FIPS_DIGEST_CHECK', 'ind_d', 'int', 'fips'], + )); -} diff --git a/providers/implementations/rands/drbg_hmac.c.in b/providers/implementations/rands/drbg_hmac.c similarity index 87% rename from providers/implementations/rands/drbg_hmac.c.in rename to providers/implementations/rands/drbg_hmac.c index a0ab3995593..3743de2f1da 100644 --- a/providers/implementations/rands/drbg_hmac.c.in +++ b/providers/implementations/rands/drbg_hmac.c @@ -6,9 +6,6 @@ * in the file LICENSE in the source distribution or at * https://www.openssl.org/source/license.html */ -{- -use OpenSSL::paramnames qw(produce_param_decoder); --} #include #include @@ -27,6 +24,11 @@ use OpenSSL::paramnames qw(produce_param_decoder); #include "crypto/evp/evp_local.h" #include "internal/provider.h" +#define drbg_hmac_get_ctx_params_st drbg_get_ctx_params_st +#define drbg_hmac_set_ctx_params_st drbg_set_ctx_params_st + +#include "providers/implementations/rands/drbg_hmac.inc" + static OSSL_FUNC_rand_newctx_fn drbg_hmac_new_wrapper; static OSSL_FUNC_rand_freectx_fn drbg_hmac_free; static OSSL_FUNC_rand_instantiate_fn drbg_hmac_instantiate_wrapper; @@ -39,10 +41,8 @@ static OSSL_FUNC_rand_gettable_ctx_params_fn drbg_hmac_gettable_ctx_params; static OSSL_FUNC_rand_get_ctx_params_fn drbg_hmac_get_ctx_params; static OSSL_FUNC_rand_verify_zeroization_fn drbg_hmac_verify_zeroization; -static int drbg_hmac_set_ctx_params_locked - (PROV_DRBG *drbg, const struct drbg_set_ctx_params_st *p); -static int drbg_hmac_set_ctx_params_decoder(const OSSL_PARAM params[], - struct drbg_set_ctx_params_st *p); +static int drbg_hmac_set_ctx_params_locked(PROV_DRBG *drbg, + const struct drbg_set_ctx_params_st *p); /* * Called twice by SP800-90Ar1 10.1.2.2 HMAC_DRBG_Update_Process. @@ -175,7 +175,6 @@ static int drbg_hmac_instantiate_wrapper(void *vdrbg, unsigned int strength, return ret; } - /* * SP800-90Ar1 10.1.2.4 HMAC_DRBG_Reseed_Process: * @@ -366,27 +365,6 @@ static void drbg_hmac_free(void *vdrbg) ossl_rand_drbg_free(drbg); } -#define drbg_hmac_get_ctx_params_st drbg_get_ctx_params_st - -{- produce_param_decoder('drbg_hmac_get_ctx_params', - (['OSSL_DRBG_PARAM_MAC', 'mac', 'utf8_string'], - ['OSSL_DRBG_PARAM_DIGEST', 'digest', 'utf8_string'], - ['OSSL_RAND_PARAM_STATE', 'state', 'int'], - ['OSSL_RAND_PARAM_STRENGTH', 'str', 'uint'], - ['OSSL_RAND_PARAM_MAX_REQUEST', 'maxreq', 'size_t'], - ['OSSL_DRBG_PARAM_MIN_ENTROPYLEN', 'minentlen', 'size_t'], - ['OSSL_DRBG_PARAM_MAX_ENTROPYLEN', 'maxentlen', 'size_t'], - ['OSSL_DRBG_PARAM_MIN_NONCELEN', 'minnonlen', 'size_t'], - ['OSSL_DRBG_PARAM_MAX_NONCELEN', 'maxnonlen', 'size_t'], - ['OSSL_DRBG_PARAM_MAX_PERSLEN', 'maxperlen', 'size_t'], - ['OSSL_DRBG_PARAM_MAX_ADINLEN', 'maxadlen', 'size_t'], - ['OSSL_DRBG_PARAM_RESEED_COUNTER', 'reseed_cnt', 'uint'], - ['OSSL_DRBG_PARAM_RESEED_TIME', 'reseed_time', 'time_t'], - ['OSSL_DRBG_PARAM_RESEED_REQUESTS', 'reseed_req', 'uint'], - ['OSSL_DRBG_PARAM_RESEED_TIME_INTERVAL', 'reseed_int', 'uint64'], - ['OSSL_KDF_PARAM_FIPS_APPROVED_INDICATOR', 'ind', 'int', 'fips'], - )); -} - static int drbg_hmac_get_ctx_params(void *vdrbg, OSSL_PARAM params[]) { PROV_DRBG *drbg = (PROV_DRBG *)vdrbg; @@ -547,19 +525,6 @@ static int drbg_hmac_set_ctx_params_locked return ossl_drbg_set_ctx_params(ctx, p); } -#define drbg_hmac_set_ctx_params_st drbg_set_ctx_params_st - -{- produce_param_decoder('drbg_hmac_set_ctx_params', - (['OSSL_DRBG_PARAM_PROPERTIES', 'propq', 'utf8_string'], - ['OSSL_ALG_PARAM_ENGINE', 'engine', 'utf8_string', 'hidden'], - ['OSSL_DRBG_PARAM_DIGEST', 'digest', 'utf8_string'], - ['OSSL_DRBG_PARAM_MAC', 'mac', 'utf8_string'], - ['OSSL_PROV_PARAM_CORE_PROV_NAME', 'prov', 'utf8_string'], - ['OSSL_DRBG_PARAM_RESEED_REQUESTS', 'reseed_req', 'uint'], - ['OSSL_DRBG_PARAM_RESEED_TIME_INTERVAL', 'reseed_time', 'uint64'], - ['OSSL_KDF_PARAM_FIPS_DIGEST_CHECK', 'ind_d', 'int', 'fips'], - )); -} - static int drbg_hmac_set_ctx_params(void *vctx, const OSSL_PARAM params[]) { PROV_DRBG *drbg = (PROV_DRBG *)vctx; diff --git a/providers/implementations/rands/drbg_hmac.inc.in b/providers/implementations/rands/drbg_hmac.inc.in new file mode 100644 index 00000000000..c8c13333f2f --- /dev/null +++ b/providers/implementations/rands/drbg_hmac.inc.in @@ -0,0 +1,42 @@ +/* + * Copyright 2025 The OpenSSL Project Authors. All Rights Reserved. + * + * Licensed under the Apache License 2.0 (the \"License\"). You may not use + * this file except in compliance with the License. You can obtain a copy + * in the file LICENSE in the source distribution or at + * https://www.openssl.org/source/license.html + */ + +{- +use OpenSSL::paramnames qw(produce_param_decoder); +-} + +{- produce_param_decoder('drbg_hmac_get_ctx_params', + (['OSSL_DRBG_PARAM_MAC', 'mac', 'utf8_string'], + ['OSSL_DRBG_PARAM_DIGEST', 'digest', 'utf8_string'], + ['OSSL_RAND_PARAM_STATE', 'state', 'int'], + ['OSSL_RAND_PARAM_STRENGTH', 'str', 'uint'], + ['OSSL_RAND_PARAM_MAX_REQUEST', 'maxreq', 'size_t'], + ['OSSL_DRBG_PARAM_MIN_ENTROPYLEN', 'minentlen', 'size_t'], + ['OSSL_DRBG_PARAM_MAX_ENTROPYLEN', 'maxentlen', 'size_t'], + ['OSSL_DRBG_PARAM_MIN_NONCELEN', 'minnonlen', 'size_t'], + ['OSSL_DRBG_PARAM_MAX_NONCELEN', 'maxnonlen', 'size_t'], + ['OSSL_DRBG_PARAM_MAX_PERSLEN', 'maxperlen', 'size_t'], + ['OSSL_DRBG_PARAM_MAX_ADINLEN', 'maxadlen', 'size_t'], + ['OSSL_DRBG_PARAM_RESEED_COUNTER', 'reseed_cnt', 'uint'], + ['OSSL_DRBG_PARAM_RESEED_TIME', 'reseed_time', 'time_t'], + ['OSSL_DRBG_PARAM_RESEED_REQUESTS', 'reseed_req', 'uint'], + ['OSSL_DRBG_PARAM_RESEED_TIME_INTERVAL', 'reseed_int', 'uint64'], + ['OSSL_KDF_PARAM_FIPS_APPROVED_INDICATOR', 'ind', 'int', 'fips'], + )); -} + +{- produce_param_decoder('drbg_hmac_set_ctx_params', + (['OSSL_DRBG_PARAM_PROPERTIES', 'propq', 'utf8_string'], + ['OSSL_ALG_PARAM_ENGINE', 'engine', 'utf8_string', 'hidden'], + ['OSSL_DRBG_PARAM_DIGEST', 'digest', 'utf8_string'], + ['OSSL_DRBG_PARAM_MAC', 'mac', 'utf8_string'], + ['OSSL_PROV_PARAM_CORE_PROV_NAME', 'prov', 'utf8_string'], + ['OSSL_DRBG_PARAM_RESEED_REQUESTS', 'reseed_req', 'uint'], + ['OSSL_DRBG_PARAM_RESEED_TIME_INTERVAL', 'reseed_time', 'uint64'], + ['OSSL_KDF_PARAM_FIPS_DIGEST_CHECK', 'ind_d', 'int', 'fips'], + )); -} diff --git a/providers/implementations/rands/fips_crng_test.c.in b/providers/implementations/rands/fips_crng_test.c similarity index 96% rename from providers/implementations/rands/fips_crng_test.c.in rename to providers/implementations/rands/fips_crng_test.c index 4be6aaa3622..df3e4af9a8d 100644 --- a/providers/implementations/rands/fips_crng_test.c.in +++ b/providers/implementations/rands/fips_crng_test.c @@ -10,9 +10,6 @@ /* * Implementation of SP 800-90B section 4.4 Approved Continuous Health Tests. */ -{- -use OpenSSL::paramnames qw(produce_param_decoder); --} #include #include @@ -29,6 +26,7 @@ use OpenSSL::paramnames qw(produce_param_decoder); #include "prov/drbg.h" #include "prov/seeding.h" #include "crypto/context.h" +#include "providers/implementations/rands/fips_crng_test.inc" static OSSL_FUNC_rand_newctx_fn crng_test_new; static OSSL_FUNC_rand_freectx_fn crng_test_free; @@ -365,13 +363,6 @@ static void crng_test_unlock(ossl_unused void *vcrngt) CRYPTO_THREAD_unlock(crngt->lock); } -{- produce_param_decoder('crng_test_get_ctx_params', - (['OSSL_RAND_PARAM_STATE', 'state', 'int'], - ['OSSL_RAND_PARAM_STRENGTH', 'str', 'uint'], - ['OSSL_RAND_PARAM_MAX_REQUEST', 'maxreq', 'size_t'], - ['OSSL_RAND_PARAM_FIPS_APPROVED_INDICATOR', 'ind', 'int', 'fips'], - )); -} - static int crng_test_get_ctx_params(void *vcrngt, OSSL_PARAM params[]) { CRNG_TEST *crngt = (CRNG_TEST *)vcrngt; diff --git a/providers/implementations/rands/fips_crng_test.inc.in b/providers/implementations/rands/fips_crng_test.inc.in new file mode 100644 index 00000000000..4a6ec557199 --- /dev/null +++ b/providers/implementations/rands/fips_crng_test.inc.in @@ -0,0 +1,19 @@ +/* + * Copyright 2025 The OpenSSL Project Authors. All Rights Reserved. + * + * Licensed under the Apache License 2.0 (the \"License\"). You may not use + * this file except in compliance with the License. You can obtain a copy + * in the file LICENSE in the source distribution or at + * https://www.openssl.org/source/license.html + */ + +{- +use OpenSSL::paramnames qw(produce_param_decoder); +-} + +{- produce_param_decoder('crng_test_get_ctx_params', + (['OSSL_RAND_PARAM_STATE', 'state', 'int'], + ['OSSL_RAND_PARAM_STRENGTH', 'str', 'uint'], + ['OSSL_RAND_PARAM_MAX_REQUEST', 'maxreq', 'size_t'], + ['OSSL_RAND_PARAM_FIPS_APPROVED_INDICATOR', 'ind', 'int', 'fips'], + )); -} diff --git a/providers/implementations/rands/seed_src.c.in b/providers/implementations/rands/seed_src.c similarity index 95% rename from providers/implementations/rands/seed_src.c.in rename to providers/implementations/rands/seed_src.c index 36c8d70a987..10f03f9dd32 100644 --- a/providers/implementations/rands/seed_src.c.in +++ b/providers/implementations/rands/seed_src.c @@ -6,9 +6,6 @@ * in the file LICENSE in the source distribution or at * https://www.openssl.org/source/license.html */ -{- -use OpenSSL::paramnames qw(produce_param_decoder); --} #include #include @@ -25,6 +22,7 @@ use OpenSSL::paramnames qw(produce_param_decoder); #include "prov/provider_ctx.h" #include "crypto/rand.h" #include "crypto/rand_pool.h" +#include "providers/implementations/rands/seed_src.inc" static OSSL_FUNC_rand_newctx_fn seed_src_new; static OSSL_FUNC_rand_freectx_fn seed_src_free; @@ -145,12 +143,6 @@ static int seed_src_reseed(void *vseed, return 1; } -{- produce_param_decoder('seed_src_get_ctx_params', - (['OSSL_RAND_PARAM_STATE', 'state', 'int'], - ['OSSL_RAND_PARAM_STRENGTH', 'str', 'uint'], - ['OSSL_RAND_PARAM_MAX_REQUEST', 'maxreq', 'size_t'], - )); -} - static int seed_src_get_ctx_params(void *vseed, OSSL_PARAM params[]) { PROV_SEED_SRC *s = (PROV_SEED_SRC *)vseed; diff --git a/providers/implementations/rands/seed_src.inc.in b/providers/implementations/rands/seed_src.inc.in new file mode 100644 index 00000000000..7eb708b1e2a --- /dev/null +++ b/providers/implementations/rands/seed_src.inc.in @@ -0,0 +1,18 @@ +/* + * Copyright 2025 The OpenSSL Project Authors. All Rights Reserved. + * + * Licensed under the Apache License 2.0 (the \"License\"). You may not use + * this file except in compliance with the License. You can obtain a copy + * in the file LICENSE in the source distribution or at + * https://www.openssl.org/source/license.html + */ + +{- +use OpenSSL::paramnames qw(produce_param_decoder); +-} + +{- produce_param_decoder('seed_src_get_ctx_params', + (['OSSL_RAND_PARAM_STATE', 'state', 'int'], + ['OSSL_RAND_PARAM_STRENGTH', 'str', 'uint'], + ['OSSL_RAND_PARAM_MAX_REQUEST', 'maxreq', 'size_t'], + )); -} diff --git a/providers/implementations/rands/seed_src_jitter.c.in b/providers/implementations/rands/seed_src_jitter.c similarity index 96% rename from providers/implementations/rands/seed_src_jitter.c.in rename to providers/implementations/rands/seed_src_jitter.c index 4d73f075741..fe2bdedfb16 100644 --- a/providers/implementations/rands/seed_src_jitter.c.in +++ b/providers/implementations/rands/seed_src_jitter.c @@ -6,9 +6,6 @@ * in the file LICENSE in the source distribution or at * https://www.openssl.org/source/license.html */ -{- -use OpenSSL::paramnames qw(produce_param_decoder); --} #include #include @@ -30,6 +27,7 @@ use OpenSSL::paramnames qw(produce_param_decoder); #ifndef OPENSSL_NO_JITTER # include +# include "providers/implementations/rands/seed_src_jitter.inc" # define JITTER_MAX_NUM_TRIES 3 @@ -231,12 +229,6 @@ static int jitter_reseed(void *vseed, return 1; } -{- produce_param_decoder('jitter_get_ctx_params', - (['OSSL_RAND_PARAM_STATE', 'state', 'int'], - ['OSSL_RAND_PARAM_STRENGTH', 'str', 'uint'], - ['OSSL_RAND_PARAM_MAX_REQUEST', 'maxreq', 'size_t'], - )); -} - static int jitter_get_ctx_params(void *vseed, OSSL_PARAM params[]) { PROV_JITTER *s = (PROV_JITTER *)vseed; diff --git a/providers/implementations/rands/seed_src_jitter.inc.in b/providers/implementations/rands/seed_src_jitter.inc.in new file mode 100644 index 00000000000..4dd0f200bcd --- /dev/null +++ b/providers/implementations/rands/seed_src_jitter.inc.in @@ -0,0 +1,18 @@ +/* + * Copyright 2025 The OpenSSL Project Authors. All Rights Reserved. + * + * Licensed under the Apache License 2.0 (the \"License\"). You may not use + * this file except in compliance with the License. You can obtain a copy + * in the file LICENSE in the source distribution or at + * https://www.openssl.org/source/license.html + */ + +{- +use OpenSSL::paramnames qw(produce_param_decoder); +-} + +{- produce_param_decoder('jitter_get_ctx_params', + (['OSSL_RAND_PARAM_STATE', 'state', 'int'], + ['OSSL_RAND_PARAM_STRENGTH', 'str', 'uint'], + ['OSSL_RAND_PARAM_MAX_REQUEST', 'maxreq', 'size_t'], + )); -} diff --git a/providers/implementations/rands/test_rng.c.in b/providers/implementations/rands/test_rng.c similarity index 90% rename from providers/implementations/rands/test_rng.c.in rename to providers/implementations/rands/test_rng.c index f6389d36621..90c2843787b 100644 --- a/providers/implementations/rands/test_rng.c.in +++ b/providers/implementations/rands/test_rng.c @@ -6,9 +6,6 @@ * in the file LICENSE in the source distribution or at * https://www.openssl.org/source/license.html */ -{- -use OpenSSL::paramnames qw(produce_param_decoder); --} #include #include @@ -26,6 +23,7 @@ use OpenSSL::paramnames qw(produce_param_decoder); #include "prov/provider_ctx.h" #include "prov/provider_util.h" #include "prov/implementations.h" +#include "providers/implementations/rands/test_rng.inc" static OSSL_FUNC_rand_newctx_fn test_rng_new; static OSSL_FUNC_rand_freectx_fn test_rng_free; @@ -185,14 +183,6 @@ static size_t test_rng_nonce(void *vtest, unsigned char *out, return i; } -{- produce_param_decoder('test_rng_get_ctx_params', - (['OSSL_RAND_PARAM_STATE', 'state', 'int'], - ['OSSL_RAND_PARAM_STRENGTH', 'str', 'uint'], - ['OSSL_RAND_PARAM_MAX_REQUEST', 'maxreq', 'size_t'], - ['OSSL_RAND_PARAM_GENERATE', 'gen', 'uint'], - ['OSSL_RAND_PARAM_FIPS_APPROVED_INDICATOR', 'ind', 'int', 'fips'], - )); -} - static int test_rng_get_ctx_params(void *vtest, OSSL_PARAM params[]) { PROV_TEST_RNG *t = (PROV_TEST_RNG *)vtest; @@ -227,14 +217,6 @@ static const OSSL_PARAM *test_rng_gettable_ctx_params(ossl_unused void *vtest, return test_rng_get_ctx_params_list; } -{- produce_param_decoder('test_rng_set_ctx_params', - (['OSSL_RAND_PARAM_TEST_ENTROPY', 'ent', 'octet_string'], - ['OSSL_RAND_PARAM_TEST_NONCE', 'nonce', 'octet_string'], - ['OSSL_RAND_PARAM_STRENGTH', 'str', 'uint'], - ['OSSL_RAND_PARAM_MAX_REQUEST', 'maxreq', 'size_t'], - ['OSSL_RAND_PARAM_GENERATE', 'gen', 'uint'], - )); -} - static int test_rng_set_ctx_params(void *vtest, const OSSL_PARAM params[]) { PROV_TEST_RNG *t = (PROV_TEST_RNG *)vtest; diff --git a/providers/implementations/rands/test_rng.inc.in b/providers/implementations/rands/test_rng.inc.in new file mode 100644 index 00000000000..180a323db87 --- /dev/null +++ b/providers/implementations/rands/test_rng.inc.in @@ -0,0 +1,28 @@ +/* + * Copyright 2025 The OpenSSL Project Authors. All Rights Reserved. + * + * Licensed under the Apache License 2.0 (the \"License\"). You may not use + * this file except in compliance with the License. You can obtain a copy + * in the file LICENSE in the source distribution or at + * https://www.openssl.org/source/license.html + */ + +{- +use OpenSSL::paramnames qw(produce_param_decoder); +-} + +{- produce_param_decoder('test_rng_get_ctx_params', + (['OSSL_RAND_PARAM_STATE', 'state', 'int'], + ['OSSL_RAND_PARAM_STRENGTH', 'str', 'uint'], + ['OSSL_RAND_PARAM_MAX_REQUEST', 'maxreq', 'size_t'], + ['OSSL_RAND_PARAM_GENERATE', 'gen', 'uint'], + ['OSSL_RAND_PARAM_FIPS_APPROVED_INDICATOR', 'ind', 'int', 'fips'], + )); -} + +{- produce_param_decoder('test_rng_set_ctx_params', + (['OSSL_RAND_PARAM_TEST_ENTROPY', 'ent', 'octet_string'], + ['OSSL_RAND_PARAM_TEST_NONCE', 'nonce', 'octet_string'], + ['OSSL_RAND_PARAM_STRENGTH', 'str', 'uint'], + ['OSSL_RAND_PARAM_MAX_REQUEST', 'maxreq', 'size_t'], + ['OSSL_RAND_PARAM_GENERATE', 'gen', 'uint'], + )); -}