Lines Matching refs:drbg
44 static int rand_drbg_restart(PROV_DRBG *drbg);
48 PROV_DRBG *drbg = vctx; in ossl_drbg_lock() local
50 if (drbg == NULL || drbg->lock == NULL) in ossl_drbg_lock()
52 return CRYPTO_THREAD_write_lock(drbg->lock); in ossl_drbg_lock()
57 PROV_DRBG *drbg = vctx; in ossl_drbg_unlock() local
59 if (drbg != NULL && drbg->lock != NULL) in ossl_drbg_unlock()
60 CRYPTO_THREAD_unlock(drbg->lock); in ossl_drbg_unlock()
63 static int ossl_drbg_lock_parent(PROV_DRBG *drbg) in ossl_drbg_lock_parent() argument
65 void *parent = drbg->parent; in ossl_drbg_lock_parent()
68 && drbg->parent_lock != NULL in ossl_drbg_lock_parent()
69 && !drbg->parent_lock(parent)) { in ossl_drbg_lock_parent()
76 static void ossl_drbg_unlock_parent(PROV_DRBG *drbg) in ossl_drbg_unlock_parent() argument
78 void *parent = drbg->parent; in ossl_drbg_unlock_parent()
80 if (parent != NULL && drbg->parent_unlock != NULL) in ossl_drbg_unlock_parent()
81 drbg->parent_unlock(parent); in ossl_drbg_unlock_parent()
84 static int get_parent_strength(PROV_DRBG *drbg, unsigned int *str) in get_parent_strength() argument
87 void *parent = drbg->parent; in get_parent_strength()
90 if (drbg->parent_get_ctx_params == NULL) { in get_parent_strength()
96 if (!ossl_drbg_lock_parent(drbg)) { in get_parent_strength()
100 res = drbg->parent_get_ctx_params(parent, params); in get_parent_strength()
101 ossl_drbg_unlock_parent(drbg); in get_parent_strength()
109 static unsigned int get_parent_reseed_count(PROV_DRBG *drbg) in get_parent_reseed_count() argument
112 void *parent = drbg->parent; in get_parent_reseed_count()
116 if (!ossl_drbg_lock_parent(drbg)) { in get_parent_reseed_count()
120 if (!drbg->parent_get_ctx_params(parent, params)) in get_parent_reseed_count()
122 ossl_drbg_unlock_parent(drbg); in get_parent_reseed_count()
126 r = tsan_load(&drbg->reseed_counter) - 2; in get_parent_reseed_count()
149 PROV_DRBG *drbg = (PROV_DRBG *)vdrbg; in ossl_drbg_get_seed() local
176 if (!ossl_prov_drbg_generate(drbg, buffer, bytes_needed, in ossl_drbg_get_seed()
177 drbg->strength, prediction_resistance, in ossl_drbg_get_seed()
178 (unsigned char *)&drbg, sizeof(drbg))) { in ossl_drbg_get_seed()
194 static size_t get_entropy(PROV_DRBG *drbg, unsigned char **pout, int entropy, in get_entropy() argument
201 if (drbg->parent == NULL) in get_entropy()
203 return ossl_crngt_get_entropy(drbg, pout, entropy, min_len, max_len, in get_entropy()
211 return ossl_prov_get_entropy(drbg->provctx, pout, entropy, min_len, in get_entropy()
215 if (drbg->parent_get_seed == NULL) { in get_entropy()
219 if (!get_parent_strength(drbg, &p_str)) in get_entropy()
221 if (drbg->strength > p_str) { in get_entropy()
235 if (!ossl_drbg_lock_parent(drbg)) in get_entropy()
246 bytes = drbg->parent_get_seed(drbg->parent, pout, drbg->strength, in get_entropy()
248 (unsigned char *)&drbg, sizeof(drbg)); in get_entropy()
249 ossl_drbg_unlock_parent(drbg); in get_entropy()
253 static void cleanup_entropy(PROV_DRBG *drbg, unsigned char *out, size_t outlen) in cleanup_entropy() argument
255 if (drbg->parent == NULL) { in cleanup_entropy()
257 ossl_crngt_cleanup_entropy(drbg, out, outlen); in cleanup_entropy()
259 ossl_prov_cleanup_entropy(drbg->provctx, out, outlen); in cleanup_entropy()
261 } else if (drbg->parent_clear_seed != NULL) { in cleanup_entropy()
262 if (!ossl_drbg_lock_parent(drbg)) in cleanup_entropy()
264 drbg->parent_clear_seed(drbg->parent, out, outlen); in cleanup_entropy()
265 ossl_drbg_unlock_parent(drbg); in cleanup_entropy()
317 static size_t prov_drbg_get_nonce(PROV_DRBG *drbg, unsigned char **pout, in prov_drbg_get_nonce() argument
322 OSSL_LIB_CTX *libctx = ossl_prov_ctx_get0_libctx(drbg->provctx); in prov_drbg_get_nonce()
327 void *drbg; in prov_drbg_get_nonce() member
334 if (drbg->parent != NULL && drbg->parent_nonce != NULL) { in prov_drbg_get_nonce()
335 n = drbg->parent_nonce(drbg->parent, NULL, 0, drbg->min_noncelen, in prov_drbg_get_nonce()
336 drbg->max_noncelen); in prov_drbg_get_nonce()
338 ret = drbg->parent_nonce(drbg->parent, buf, 0, in prov_drbg_get_nonce()
339 drbg->min_noncelen, drbg->max_noncelen); in prov_drbg_get_nonce()
350 data.drbg = drbg; in prov_drbg_get_nonce()
353 return ossl_prov_get_nonce(drbg->provctx, pout, min_len, max_len, in prov_drbg_get_nonce()
366 int ossl_prov_drbg_instantiate(PROV_DRBG *drbg, unsigned int strength, in ossl_prov_drbg_instantiate() argument
374 if (strength > drbg->strength) { in ossl_prov_drbg_instantiate()
378 min_entropy = drbg->strength; in ossl_prov_drbg_instantiate()
379 min_entropylen = drbg->min_entropylen; in ossl_prov_drbg_instantiate()
380 max_entropylen = drbg->max_entropylen; in ossl_prov_drbg_instantiate()
386 if (perslen > drbg->max_perslen) { in ossl_prov_drbg_instantiate()
391 if (drbg->state != EVP_RAND_STATE_UNINITIALISED) { in ossl_prov_drbg_instantiate()
392 if (drbg->state == EVP_RAND_STATE_ERROR) in ossl_prov_drbg_instantiate()
399 drbg->state = EVP_RAND_STATE_ERROR; in ossl_prov_drbg_instantiate()
401 if (drbg->min_noncelen > 0) { in ossl_prov_drbg_instantiate()
402 if (drbg->parent_nonce != NULL) { in ossl_prov_drbg_instantiate()
403 noncelen = drbg->parent_nonce(drbg->parent, NULL, drbg->strength, in ossl_prov_drbg_instantiate()
404 drbg->min_noncelen, in ossl_prov_drbg_instantiate()
405 drbg->max_noncelen); in ossl_prov_drbg_instantiate()
415 if (noncelen != drbg->parent_nonce(drbg->parent, nonce, in ossl_prov_drbg_instantiate()
416 drbg->strength, in ossl_prov_drbg_instantiate()
417 drbg->min_noncelen, in ossl_prov_drbg_instantiate()
418 drbg->max_noncelen)) { in ossl_prov_drbg_instantiate()
423 } else if (drbg->parent != NULL) { in ossl_prov_drbg_instantiate()
432 min_entropy += drbg->strength / 2; in ossl_prov_drbg_instantiate()
433 min_entropylen += drbg->min_noncelen; in ossl_prov_drbg_instantiate()
434 max_entropylen += drbg->max_noncelen; in ossl_prov_drbg_instantiate()
438 noncelen = prov_drbg_get_nonce(drbg, &nonce, drbg->min_noncelen, in ossl_prov_drbg_instantiate()
439 drbg->max_noncelen); in ossl_prov_drbg_instantiate()
440 if (noncelen < drbg->min_noncelen in ossl_prov_drbg_instantiate()
441 || noncelen > drbg->max_noncelen) { in ossl_prov_drbg_instantiate()
449 drbg->reseed_next_counter = tsan_load(&drbg->reseed_counter); in ossl_prov_drbg_instantiate()
450 if (drbg->reseed_next_counter) { in ossl_prov_drbg_instantiate()
451 drbg->reseed_next_counter++; in ossl_prov_drbg_instantiate()
452 if (!drbg->reseed_next_counter) in ossl_prov_drbg_instantiate()
453 drbg->reseed_next_counter = 1; in ossl_prov_drbg_instantiate()
456 entropylen = get_entropy(drbg, &entropy, min_entropy, in ossl_prov_drbg_instantiate()
465 if (!drbg->instantiate(drbg, entropy, entropylen, nonce, noncelen, in ossl_prov_drbg_instantiate()
467 cleanup_entropy(drbg, entropy, entropylen); in ossl_prov_drbg_instantiate()
471 cleanup_entropy(drbg, entropy, entropylen); in ossl_prov_drbg_instantiate()
473 drbg->state = EVP_RAND_STATE_READY; in ossl_prov_drbg_instantiate()
474 drbg->generate_counter = 1; in ossl_prov_drbg_instantiate()
475 drbg->reseed_time = time(NULL); in ossl_prov_drbg_instantiate()
476 tsan_store(&drbg->reseed_counter, drbg->reseed_next_counter); in ossl_prov_drbg_instantiate()
480 ossl_prov_cleanup_nonce(drbg->provctx, nonce, noncelen); in ossl_prov_drbg_instantiate()
481 if (drbg->state == EVP_RAND_STATE_READY) in ossl_prov_drbg_instantiate()
493 int ossl_prov_drbg_uninstantiate(PROV_DRBG *drbg) in ossl_prov_drbg_uninstantiate() argument
495 drbg->state = EVP_RAND_STATE_UNINITIALISED; in ossl_prov_drbg_uninstantiate()
506 int ossl_prov_drbg_reseed(PROV_DRBG *drbg, int prediction_resistance, in ossl_prov_drbg_reseed() argument
516 if (drbg->state != EVP_RAND_STATE_READY) { in ossl_prov_drbg_reseed()
518 rand_drbg_restart(drbg); in ossl_prov_drbg_reseed()
520 if (drbg->state == EVP_RAND_STATE_ERROR) { in ossl_prov_drbg_reseed()
524 if (drbg->state == EVP_RAND_STATE_UNINITIALISED) { in ossl_prov_drbg_reseed()
531 if (ent_len < drbg->min_entropylen) { in ossl_prov_drbg_reseed()
533 drbg->state = EVP_RAND_STATE_ERROR; in ossl_prov_drbg_reseed()
536 if (ent_len > drbg->max_entropylen) { in ossl_prov_drbg_reseed()
538 drbg->state = EVP_RAND_STATE_ERROR; in ossl_prov_drbg_reseed()
545 } else if (adinlen > drbg->max_adinlen) { in ossl_prov_drbg_reseed()
550 drbg->state = EVP_RAND_STATE_ERROR; in ossl_prov_drbg_reseed()
552 drbg->reseed_next_counter = tsan_load(&drbg->reseed_counter); in ossl_prov_drbg_reseed()
553 if (drbg->reseed_next_counter) { in ossl_prov_drbg_reseed()
554 drbg->reseed_next_counter++; in ossl_prov_drbg_reseed()
555 if (!drbg->reseed_next_counter) in ossl_prov_drbg_reseed()
556 drbg->reseed_next_counter = 1; in ossl_prov_drbg_reseed()
568 if (!drbg->reseed(drbg, NULL, 0, ent, ent_len)) { in ossl_prov_drbg_reseed()
573 if (!drbg->reseed(drbg, ent, ent_len, adin, adinlen)) { in ossl_prov_drbg_reseed()
584 entropylen = get_entropy(drbg, &entropy, drbg->strength, in ossl_prov_drbg_reseed()
585 drbg->min_entropylen, drbg->max_entropylen, in ossl_prov_drbg_reseed()
587 if (entropylen < drbg->min_entropylen in ossl_prov_drbg_reseed()
588 || entropylen > drbg->max_entropylen) { in ossl_prov_drbg_reseed()
593 if (!drbg->reseed(drbg, entropy, entropylen, adin, adinlen)) in ossl_prov_drbg_reseed()
596 drbg->state = EVP_RAND_STATE_READY; in ossl_prov_drbg_reseed()
597 drbg->generate_counter = 1; in ossl_prov_drbg_reseed()
598 drbg->reseed_time = time(NULL); in ossl_prov_drbg_reseed()
599 tsan_store(&drbg->reseed_counter, drbg->reseed_next_counter); in ossl_prov_drbg_reseed()
600 if (drbg->parent != NULL) in ossl_prov_drbg_reseed()
601 drbg->parent_reseed_counter = get_parent_reseed_count(drbg); in ossl_prov_drbg_reseed()
604 cleanup_entropy(drbg, entropy, entropylen); in ossl_prov_drbg_reseed()
605 if (drbg->state == EVP_RAND_STATE_READY) in ossl_prov_drbg_reseed()
620 int ossl_prov_drbg_generate(PROV_DRBG *drbg, unsigned char *out, size_t outlen, in ossl_prov_drbg_generate() argument
630 if (drbg->state != EVP_RAND_STATE_READY) { in ossl_prov_drbg_generate()
632 rand_drbg_restart(drbg); in ossl_prov_drbg_generate()
634 if (drbg->state == EVP_RAND_STATE_ERROR) { in ossl_prov_drbg_generate()
638 if (drbg->state == EVP_RAND_STATE_UNINITIALISED) { in ossl_prov_drbg_generate()
643 if (strength > drbg->strength) { in ossl_prov_drbg_generate()
648 if (outlen > drbg->max_request) { in ossl_prov_drbg_generate()
652 if (adinlen > drbg->max_adinlen) { in ossl_prov_drbg_generate()
659 if (drbg->fork_id != fork_id) { in ossl_prov_drbg_generate()
660 drbg->fork_id = fork_id; in ossl_prov_drbg_generate()
664 if (drbg->reseed_interval > 0) { in ossl_prov_drbg_generate()
665 if (drbg->generate_counter >= drbg->reseed_interval) in ossl_prov_drbg_generate()
668 if (drbg->reseed_time_interval > 0) { in ossl_prov_drbg_generate()
670 if (now < drbg->reseed_time in ossl_prov_drbg_generate()
671 || now - drbg->reseed_time >= drbg->reseed_time_interval) in ossl_prov_drbg_generate()
674 if (drbg->parent != NULL in ossl_prov_drbg_generate()
675 && get_parent_reseed_count(drbg) != drbg->parent_reseed_counter) in ossl_prov_drbg_generate()
679 if (!ossl_prov_drbg_reseed(drbg, prediction_resistance, NULL, 0, in ossl_prov_drbg_generate()
688 if (!drbg->generate(drbg, out, outlen, adin, adinlen)) { in ossl_prov_drbg_generate()
689 drbg->state = EVP_RAND_STATE_ERROR; in ossl_prov_drbg_generate()
694 drbg->generate_counter++; in ossl_prov_drbg_generate()
716 static int rand_drbg_restart(PROV_DRBG *drbg) in rand_drbg_restart() argument
719 if (drbg->state == EVP_RAND_STATE_ERROR) in rand_drbg_restart()
720 drbg->uninstantiate(drbg); in rand_drbg_restart()
723 if (drbg->state == EVP_RAND_STATE_UNINITIALISED) in rand_drbg_restart()
725 ossl_prov_drbg_instantiate(drbg, drbg->strength, 0, NULL, 0); in rand_drbg_restart()
727 return drbg->state == EVP_RAND_STATE_READY; in rand_drbg_restart()
745 PROV_DRBG *drbg = vctx; in ossl_drbg_enable_locking() local
747 if (drbg != NULL && drbg->lock == NULL) { in ossl_drbg_enable_locking()
748 if (drbg->parent_enable_locking != NULL) in ossl_drbg_enable_locking()
749 if (!drbg->parent_enable_locking(drbg->parent)) { in ossl_drbg_enable_locking()
753 drbg->lock = CRYPTO_THREAD_lock_new(); in ossl_drbg_enable_locking()
754 if (drbg->lock == NULL) { in ossl_drbg_enable_locking()
774 int (*instantiate)(PROV_DRBG *drbg, in ossl_rand_drbg_new() argument
779 int (*reseed)(PROV_DRBG *drbg, const unsigned char *ent, size_t ent_len, in ossl_rand_drbg_new() argument
784 PROV_DRBG *drbg; in ossl_rand_drbg_new() local
791 drbg = OPENSSL_zalloc(sizeof(*drbg)); in ossl_rand_drbg_new()
792 if (drbg == NULL) { in ossl_rand_drbg_new()
797 drbg->provctx = provctx; in ossl_rand_drbg_new()
798 drbg->instantiate = instantiate; in ossl_rand_drbg_new()
799 drbg->uninstantiate = uninstantiate; in ossl_rand_drbg_new()
800 drbg->reseed = reseed; in ossl_rand_drbg_new()
801 drbg->generate = generate; in ossl_rand_drbg_new()
802 drbg->fork_id = openssl_get_fork_id(); in ossl_rand_drbg_new()
805 drbg->parent = parent; in ossl_rand_drbg_new()
807 drbg->parent_enable_locking = OSSL_FUNC_rand_enable_locking(pfunc); in ossl_rand_drbg_new()
809 drbg->parent_lock = OSSL_FUNC_rand_lock(pfunc); in ossl_rand_drbg_new()
811 drbg->parent_unlock = OSSL_FUNC_rand_unlock(pfunc); in ossl_rand_drbg_new()
813 drbg->parent_get_ctx_params = OSSL_FUNC_rand_get_ctx_params(pfunc); in ossl_rand_drbg_new()
815 drbg->parent_nonce = OSSL_FUNC_rand_nonce(pfunc); in ossl_rand_drbg_new()
817 drbg->parent_get_seed = OSSL_FUNC_rand_get_seed(pfunc); in ossl_rand_drbg_new()
819 drbg->parent_clear_seed = OSSL_FUNC_rand_clear_seed(pfunc); in ossl_rand_drbg_new()
822 drbg->max_entropylen = DRBG_MAX_LENGTH; in ossl_rand_drbg_new()
823 drbg->max_noncelen = DRBG_MAX_LENGTH; in ossl_rand_drbg_new()
824 drbg->max_perslen = DRBG_MAX_LENGTH; in ossl_rand_drbg_new()
825 drbg->max_adinlen = DRBG_MAX_LENGTH; in ossl_rand_drbg_new()
826 drbg->generate_counter = 1; in ossl_rand_drbg_new()
827 drbg->reseed_counter = 1; in ossl_rand_drbg_new()
828 drbg->reseed_interval = RESEED_INTERVAL; in ossl_rand_drbg_new()
829 drbg->reseed_time_interval = TIME_INTERVAL; in ossl_rand_drbg_new()
831 if (!dnew(drbg)) in ossl_rand_drbg_new()
835 if (!get_parent_strength(drbg, &p_str)) in ossl_rand_drbg_new()
837 if (drbg->strength > p_str) { in ossl_rand_drbg_new()
847 if (!ossl_drbg_enable_locking(drbg)) in ossl_rand_drbg_new()
850 return drbg; in ossl_rand_drbg_new()
853 dfree(drbg); in ossl_rand_drbg_new()
857 void ossl_rand_drbg_free(PROV_DRBG *drbg) in ossl_rand_drbg_free() argument
859 if (drbg == NULL) in ossl_rand_drbg_free()
862 CRYPTO_THREAD_lock_free(drbg->lock); in ossl_rand_drbg_free()
863 OPENSSL_free(drbg); in ossl_rand_drbg_free()
866 int ossl_drbg_get_ctx_params(PROV_DRBG *drbg, OSSL_PARAM params[]) in ossl_drbg_get_ctx_params() argument
871 if (p != NULL && !OSSL_PARAM_set_int(p, drbg->state)) in ossl_drbg_get_ctx_params()
875 if (p != NULL && !OSSL_PARAM_set_int(p, drbg->strength)) in ossl_drbg_get_ctx_params()
879 if (p != NULL && !OSSL_PARAM_set_size_t(p, drbg->max_request)) in ossl_drbg_get_ctx_params()
883 if (p != NULL && !OSSL_PARAM_set_size_t(p, drbg->min_entropylen)) in ossl_drbg_get_ctx_params()
887 if (p != NULL && !OSSL_PARAM_set_size_t(p, drbg->max_entropylen)) in ossl_drbg_get_ctx_params()
891 if (p != NULL && !OSSL_PARAM_set_size_t(p, drbg->min_noncelen)) in ossl_drbg_get_ctx_params()
895 if (p != NULL && !OSSL_PARAM_set_size_t(p, drbg->max_noncelen)) in ossl_drbg_get_ctx_params()
899 if (p != NULL && !OSSL_PARAM_set_size_t(p, drbg->max_perslen)) in ossl_drbg_get_ctx_params()
903 if (p != NULL && !OSSL_PARAM_set_size_t(p, drbg->max_adinlen)) in ossl_drbg_get_ctx_params()
907 if (p != NULL && !OSSL_PARAM_set_uint(p, drbg->reseed_interval)) in ossl_drbg_get_ctx_params()
911 if (p != NULL && !OSSL_PARAM_set_time_t(p, drbg->reseed_time)) in ossl_drbg_get_ctx_params()
915 if (p != NULL && !OSSL_PARAM_set_time_t(p, drbg->reseed_time_interval)) in ossl_drbg_get_ctx_params()
920 && !OSSL_PARAM_set_uint(p, tsan_load(&drbg->reseed_counter))) in ossl_drbg_get_ctx_params()
925 int ossl_drbg_set_ctx_params(PROV_DRBG *drbg, const OSSL_PARAM params[]) in ossl_drbg_set_ctx_params() argument
933 if (p != NULL && !OSSL_PARAM_get_uint(p, &drbg->reseed_interval)) in ossl_drbg_set_ctx_params()
937 if (p != NULL && !OSSL_PARAM_get_time_t(p, &drbg->reseed_time_interval)) in ossl_drbg_set_ctx_params()