Commit 52b6ee82 authored by Dr. Stephen Henson's avatar Dr. Stephen Henson
Browse files

Reorganise DRBG API so the entropy and nonce callbacks can return a 

pointer to a buffer instead of copying to a fixed length buffer. This
removes the entropy and nonce length restrictions.
parent bb61a6c8

fips/rand/fips_drbg_ctr.c

+2 −2
Original line number Diff line number Diff line
@@ -404,9 +404,9 @@ int fips_drbg_ctr_init(DRBG_CTX *dctx) 
		AES_set_encrypt_key(df_key, dctx->strength, &cctx->df_ks);



		dctx->min_entropy = cctx->keylen;

		dctx->max_entropy = DRBG_MAX_ENTROPY;

		dctx->max_entropy = DRBG_MAX_LENGTH;

		dctx->min_nonce = dctx->min_entropy / 2;

		dctx->max_nonce = DRBG_MAX_NONCE;

		dctx->max_nonce = DRBG_MAX_LENGTH;

		dctx->max_pers = DRBG_MAX_LENGTH;

		dctx->max_adin = DRBG_MAX_LENGTH;

		}

fips/rand/fips_drbg_hash.c

+2 −2
Original line number Diff line number Diff line
@@ -368,10 +368,10 @@ int fips_drbg_hash_init(DRBG_CTX *dctx) 




	dctx->min_entropy = dctx->strength / 8;

	dctx->max_entropy = DRBG_MAX_ENTROPY;

	dctx->max_entropy = DRBG_MAX_LENGTH;



	dctx->min_nonce = dctx->min_entropy / 2;

	dctx->max_nonce = DRBG_MAX_NONCE;

	dctx->max_nonce = DRBG_MAX_LENGTH;



	dctx->max_pers = DRBG_MAX_LENGTH;

	dctx->max_adin = DRBG_MAX_LENGTH;

fips/rand/fips_drbg_lib.c

+24 −16
Original line number Diff line number Diff line
@@ -121,7 +121,8 @@ void FIPS_drbg_free(DRBG_CTX *dctx) 
int FIPS_drbg_instantiate(DRBG_CTX *dctx,

				const unsigned char *pers, size_t perslen)

	{

	size_t entlen, noncelen;

	size_t entlen = 0, noncelen = 0;

	unsigned char *nonce = NULL, *entropy = NULL;



#if 0

	/* Put here so error script picks them up */
@@ -153,7 +154,7 @@ int FIPS_drbg_instantiate(DRBG_CTX *dctx, 


	dctx->status = DRBG_STATUS_ERROR;



	entlen = dctx->get_entropy(dctx, dctx->entropy, dctx->strength,

	entlen = dctx->get_entropy(dctx, &entropy, dctx->strength,

				dctx->min_entropy, dctx->max_entropy);



	if (entlen < dctx->min_entropy || entlen > dctx->max_entropy)
@@ -164,8 +165,7 @@ int FIPS_drbg_instantiate(DRBG_CTX *dctx, 


	if (dctx->max_nonce > 0)

		{



		noncelen = dctx->get_nonce(dctx, dctx->nonce,

		noncelen = dctx->get_nonce(dctx, &nonce,

					dctx->strength / 2,

					dctx->min_nonce, dctx->max_nonce);
@@ -176,12 +176,10 @@ int FIPS_drbg_instantiate(DRBG_CTX *dctx, 
			}



		}

	else

		noncelen = 0;



	if (!dctx->instantiate(dctx, 

				dctx->entropy, entlen,

				dctx->nonce, noncelen,

				entropy, entlen,

				nonce, noncelen,

				pers, perslen))

		{

		r = FIPS_R_ERROR_INSTANTIATING_DRBG;
@@ -194,8 +192,11 @@ int FIPS_drbg_instantiate(DRBG_CTX *dctx, 


	end:



	OPENSSL_cleanse(dctx->entropy, sizeof(dctx->entropy));

	OPENSSL_cleanse(dctx->nonce, sizeof(dctx->nonce));

	if (entropy && dctx->cleanup_entropy)

		dctx->cleanup_entropy(dctx, entropy, entlen);



	if (nonce && dctx->cleanup_nonce)

		dctx->cleanup_nonce(dctx, nonce, noncelen);



	if (dctx->status == DRBG_STATUS_READY)

		return 1;
@@ -210,6 +211,7 @@ int FIPS_drbg_instantiate(DRBG_CTX *dctx, 
int FIPS_drbg_reseed(DRBG_CTX *dctx,

			const unsigned char *adin, size_t adinlen)

	{

	unsigned char *entropy = NULL;

	size_t entlen;

	int r = 0;
@@ -237,7 +239,7 @@ int FIPS_drbg_reseed(DRBG_CTX *dctx, 


	dctx->status = DRBG_STATUS_ERROR;



	entlen = dctx->get_entropy(dctx, dctx->entropy, dctx->strength,

	entlen = dctx->get_entropy(dctx, &entropy, dctx->strength,

				dctx->min_entropy, dctx->max_entropy);



	if (entlen < dctx->min_entropy || entlen > dctx->max_entropy)
@@ -246,13 +248,15 @@ int FIPS_drbg_reseed(DRBG_CTX *dctx, 
		goto end;

		}



	if (!dctx->reseed(dctx, dctx->entropy, entlen, adin, adinlen))

	if (!dctx->reseed(dctx, entropy, entlen, adin, adinlen))

		goto end;



	dctx->status = DRBG_STATUS_READY;

	dctx->reseed_counter = 1;

	end:

	OPENSSL_cleanse(dctx->entropy, sizeof(dctx->entropy));



	if (entropy && dctx->cleanup_entropy)

		dctx->cleanup_entropy(dctx, entropy, entlen);



	if (dctx->status == DRBG_STATUS_READY)

		return 1;
@@ -401,15 +405,19 @@ int FIPS_drbg_uninstantiate(DRBG_CTX *dctx) 
	}



int FIPS_drbg_set_callbacks(DRBG_CTX *dctx,

	size_t (*get_entropy)(DRBG_CTX *ctx, unsigned char *out,

	size_t (*get_entropy)(DRBG_CTX *ctx, unsigned char **pout,

				int entropy, size_t min_len, size_t max_len),

	void (*cleanup_entropy)(DRBG_CTX *ctx, unsigned char *out, size_t olen),

	size_t (*get_nonce)(DRBG_CTX *ctx, unsigned char **pout,

				int entropy, size_t min_len, size_t max_len),

	size_t (*get_nonce)(DRBG_CTX *ctx, unsigned char *out,

				int entropy, size_t min_len, size_t max_len))

	void (*cleanup_nonce)(DRBG_CTX *ctx, unsigned char *out, size_t olen))

	{

	if (dctx->status != DRBG_STATUS_UNINITIALISED)

		return 0;

	dctx->get_entropy = get_entropy;

	dctx->cleanup_entropy = cleanup_entropy;

	dctx->get_nonce = get_nonce;

	dctx->cleanup_nonce = cleanup_nonce;

	return 1;

	}

fips/rand/fips_drbg_selftest.c

+8 −8
Original line number Diff line number Diff line
@@ -732,20 +732,20 @@ typedef struct 
	int noncecnt;

	} TEST_ENT;



static size_t test_entropy(DRBG_CTX *dctx, unsigned char *out,

static size_t test_entropy(DRBG_CTX *dctx, unsigned char **pout,

                                int entropy, size_t min_len, size_t max_len)

	{

	TEST_ENT *t = FIPS_drbg_get_app_data(dctx);

	memcpy(out, t->ent, t->entlen);

	*pout = (unsigned char *)t->ent;

	t->entcnt++;

	return t->entlen;

	}



static size_t test_nonce(DRBG_CTX *dctx, unsigned char *out,

static size_t test_nonce(DRBG_CTX *dctx, unsigned char **pout,

                                int entropy, size_t min_len, size_t max_len)

	{

	TEST_ENT *t = FIPS_drbg_get_app_data(dctx);

	memcpy(out, t->nonce, t->noncelen);

	*pout = (unsigned char *)t->nonce;

	t->noncecnt++;

	return t->noncelen;

	}
@@ -762,7 +762,7 @@ static int fips_drbg_single_kat(DRBG_CTX *dctx, DRBG_SELFTEST_DATA *td) 
	unsigned char randout[1024];

	if (!FIPS_drbg_init(dctx, td->nid, td->flags))

		return 0;

	if (!FIPS_drbg_set_callbacks(dctx, test_entropy, test_nonce))

	if (!FIPS_drbg_set_callbacks(dctx, test_entropy, 0, test_nonce, 0))

		return 0;



	FIPS_drbg_set_app_data(dctx, &t);
@@ -818,7 +818,7 @@ static int fips_drbg_health_check(DRBG_CTX *dctx, DRBG_SELFTEST_DATA *td) 
	if (!FIPS_drbg_init(dctx, td->nid, td->flags))

		goto err;



	if (!FIPS_drbg_set_callbacks(dctx, test_entropy, test_nonce))

	if (!FIPS_drbg_set_callbacks(dctx, test_entropy, 0, test_nonce, 0))

		goto err;



	FIPS_drbg_set_app_data(dctx, &t);
@@ -860,7 +860,7 @@ static int fips_drbg_health_check(DRBG_CTX *dctx, DRBG_SELFTEST_DATA *td) 
	/* Instantiate with valid data. NB: errors now reported again */

	if (!FIPS_drbg_init(dctx, td->nid, td->flags))

		goto err;

	if (!FIPS_drbg_set_callbacks(dctx, test_entropy, test_nonce))

	if (!FIPS_drbg_set_callbacks(dctx, test_entropy, 0, test_nonce, 0))

		goto err;

	FIPS_drbg_set_app_data(dctx, &t);
@@ -914,7 +914,7 @@ static int fips_drbg_health_check(DRBG_CTX *dctx, DRBG_SELFTEST_DATA *td) 


	if (!FIPS_drbg_init(dctx, td->nid, td->flags))

		goto err;

	if (!FIPS_drbg_set_callbacks(dctx, test_entropy, test_nonce))

	if (!FIPS_drbg_set_callbacks(dctx, test_entropy, 0, test_nonce, 0))

		goto err;

	FIPS_drbg_set_app_data(dctx, &t);

fips/rand/fips_drbgvs.c

+6 −5
Original line number Diff line number Diff line
@@ -135,19 +135,19 @@ typedef struct 
	size_t noncelen;

	} TEST_ENT;



static size_t test_entropy(DRBG_CTX *dctx, unsigned char *out,

static size_t test_entropy(DRBG_CTX *dctx, unsigned char **pout,

                                int entropy, size_t min_len, size_t max_len)

	{

	TEST_ENT *t = FIPS_drbg_get_app_data(dctx);

	memcpy(out, t->ent, t->entlen);

	*pout = (unsigned char *)t->ent;

	return t->entlen;

	}



static size_t test_nonce(DRBG_CTX *dctx, unsigned char *out,

static size_t test_nonce(DRBG_CTX *dctx, unsigned char **pout,

                                int entropy, size_t min_len, size_t max_len)

	{

	TEST_ENT *t = FIPS_drbg_get_app_data(dctx);

	memcpy(out, t->nonce, t->noncelen);

	*pout = (unsigned char *)t->nonce;

	return t->noncelen;

	}
@@ -248,7 +248,8 @@ int main(int argc,char **argv) 
			dctx = FIPS_drbg_new(nid, df | DRBG_FLAG_TEST);

			if (!dctx)

				exit (1);

			FIPS_drbg_set_callbacks(dctx, test_entropy, test_nonce);

			FIPS_drbg_set_callbacks(dctx, test_entropy, 0,

							test_nonce, 0);

			FIPS_drbg_set_app_data(dctx, &t);

			randoutlen = (int)FIPS_drbg_get_blocklength(dctx);

			r = FIPS_drbg_instantiate(dctx, pers, perslen);