wbrawner/openssl
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

RAND_DRBG: add a function for setting the default DRBG type and flags

Browse source 
This commit adds a new api RAND_DRBG_set_defaults() which sets the
default type and flags for new DRBG instances. See also #5576.

Reviewed-by: Richard Levitte <levitte@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/5632)
This commit is contained in:
Dr. Matthias St. Pierre 2018-03-15 19:48:43 +01:00
parent 80f2787717
commit 31393fd906
9 changed files with 69 additions and 12 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

2
crypto/err/openssl.txt
View file

@ -916,6 +916,7 @@ RAND_F_RAND_DRBG_NEW:109:RAND_DRBG_new
RAND_F_RAND_DRBG_RESEED:110:RAND_DRBG_reseed
RAND_F_RAND_DRBG_RESTART:102:rand_drbg_restart
RAND_F_RAND_DRBG_SET:104:RAND_DRBG_set
RAND_F_RAND_DRBG_SET_DEFAULTS:121:RAND_DRBG_set_defaults
RAND_F_RAND_DRBG_UNINSTANTIATE:118:RAND_DRBG_uninstantiate
RAND_F_RAND_LOAD_FILE:111:RAND_load_file
RAND_F_RAND_POOL_ADD:103:rand_pool_add
@ -2314,6 +2315,7 @@ RAND_R_RANDOM_POOL_OVERFLOW:125:random pool overflow
RAND_R_REQUEST_TOO_LARGE_FOR_DRBG:117:request too large for drbg
RAND_R_RESEED_ERROR:118:reseed error
RAND_R_SELFTEST_FAILURE:119:selftest failure
RAND_R_UNSUPPORTED_DRBG_FLAGS:132:unsupported drbg flags
RAND_R_UNSUPPORTED_DRBG_TYPE:120:unsupported drbg type
RSA_R_ALGORITHM_MISMATCH:100:algorithm mismatch
RSA_R_BAD_E_VALUE:101:bad e value

2
crypto/rand/drbg_ctr.c
View file

@ -317,7 +317,7 @@ int drbg_ctr_init(RAND_DRBG *drbg)
RAND_DRBG_CTR *ctr = &drbg->data.ctr;
size_t keylen;
switch (drbg->nid) {
switch (drbg->type) {
default:
/* This can't happen, but silence the compiler warning. */
return 0;

55
crypto/rand/drbg_lib.c
View file

@ -113,6 +113,11 @@ static const char ossl_pers_string[] = "OpenSSL NIST SP 800-90A DRBG";
static CRYPTO_ONCE rand_drbg_init = CRYPTO_ONCE_STATIC_INIT;
static int rand_drbg_type = RAND_DRBG_TYPE;
static unsigned int rand_drbg_flags = RAND_DRBG_FLAGS;
static unsigned int master_reseed_interval = MASTER_RESEED_INTERVAL;
static unsigned int slave_reseed_interval = SLAVE_RESEED_INTERVAL;
@ -127,19 +132,26 @@ static RAND_DRBG *rand_drbg_new(int secure,
RAND_DRBG *parent);
/*
* Set/initialize |drbg| to be of type |nid|, with optional |flags|.
* Set/initialize |drbg| to be of type |type|, with optional |flags|.
*
* If |type| and |flags| are zero, use the defaults
*
* Returns 1 on success, 0 on failure.
*/
int RAND_DRBG_set(RAND_DRBG *drbg, int nid, unsigned int flags)
int RAND_DRBG_set(RAND_DRBG *drbg, int type, unsigned int flags)
{
int ret = 1;
if (type == 0 && flags == 0) {
type = rand_drbg_type;
flags = rand_drbg_flags;
}
drbg->state = DRBG_UNINITIALISED;
drbg->flags = flags;
drbg->nid = nid;
drbg->type = type;
switch (nid) {
switch (type) {
default:
RANDerr(RAND_F_RAND_DRBG_SET, RAND_R_UNSUPPORTED_DRBG_TYPE);
return 0;
@ -158,6 +170,37 @@ int RAND_DRBG_set(RAND_DRBG *drbg, int nid, unsigned int flags)
return ret;
}
/*
* Set/initialize default |type| and |flag| for new drbg instances.
*
* Returns 1 on success, 0 on failure.
*/
int RAND_DRBG_set_defaults(int type, unsigned int flags)
{
int ret = 1;
switch (type) {
default:
RANDerr(RAND_F_RAND_DRBG_SET_DEFAULTS, RAND_R_UNSUPPORTED_DRBG_TYPE);
return 0;
case NID_aes_128_ctr:
case NID_aes_192_ctr:
case NID_aes_256_ctr:
break;
}
if ((flags & ~RAND_DRBG_USED_FLAGS) != 0) {
RANDerr(RAND_F_RAND_DRBG_SET_DEFAULTS, RAND_R_UNSUPPORTED_DRBG_FLAGS);
return 0;
}
rand_drbg_type = type;
rand_drbg_flags = flags;
return ret;
}
/*
* Allocate memory and initialize a new DRBG. The DRBG is allocated on
* the secure heap if |secure| is nonzero and the secure heap is enabled.
@ -357,7 +400,7 @@ int RAND_DRBG_uninstantiate(RAND_DRBG *drbg)
* initial values.
*/
drbg->meth->uninstantiate(drbg);
return RAND_DRBG_set(drbg, drbg->nid, drbg->flags);
return RAND_DRBG_set(drbg, drbg->type, drbg->flags);
}
/*
@ -849,7 +892,7 @@ static RAND_DRBG *drbg_setup(RAND_DRBG *parent)
{
RAND_DRBG *drbg;
drbg = RAND_DRBG_secure_new(RAND_DRBG_NID, 0, parent);
drbg = RAND_DRBG_secure_new(rand_drbg_type, rand_drbg_flags, parent);
if (drbg == NULL)
return NULL;

4
crypto/rand/rand_err.c
View file

@ -31,6 +31,8 @@ static const ERR_STRING_DATA RAND_str_functs[] = {
{ERR_PACK(ERR_LIB_RAND, RAND_F_RAND_DRBG_RESEED, 0), "RAND_DRBG_reseed"},
{ERR_PACK(ERR_LIB_RAND, RAND_F_RAND_DRBG_RESTART, 0), "rand_drbg_restart"},
{ERR_PACK(ERR_LIB_RAND, RAND_F_RAND_DRBG_SET, 0), "RAND_DRBG_set"},
{ERR_PACK(ERR_LIB_RAND, RAND_F_RAND_DRBG_SET_DEFAULTS, 0),
"RAND_DRBG_set_defaults"},
{ERR_PACK(ERR_LIB_RAND, RAND_F_RAND_DRBG_UNINSTANTIATE, 0),
"RAND_DRBG_uninstantiate"},
{ERR_PACK(ERR_LIB_RAND, RAND_F_RAND_LOAD_FILE, 0), "RAND_load_file"},
@ -99,6 +101,8 @@ static const ERR_STRING_DATA RAND_str_reasons[] = {
"request too large for drbg"},
{ERR_PACK(ERR_LIB_RAND, 0, RAND_R_RESEED_ERROR), "reseed error"},
{ERR_PACK(ERR_LIB_RAND, 0, RAND_R_SELFTEST_FAILURE), "selftest failure"},
{ERR_PACK(ERR_LIB_RAND, 0, RAND_R_UNSUPPORTED_DRBG_FLAGS),
"unsupported drbg flags"},
{ERR_PACK(ERR_LIB_RAND, 0, RAND_R_UNSUPPORTED_DRBG_TYPE),
"unsupported drbg type"},
{0, NULL}

2
crypto/rand/rand_lcl.h
View file

@ -116,7 +116,7 @@ struct rand_drbg_st {
CRYPTO_RWLOCK *lock;
RAND_DRBG *parent;
int secure; /* 1: allocated on the secure heap, 0: otherwise */
int nid; /* the underlying algorithm */
int type; /* the nid of the underlying algorithm */
int fork_count;
unsigned short flags; /* various external flags */

11
include/openssl/rand_drbg.h
View file

@ -17,6 +17,11 @@
/* In CTR mode, disable derivation function ctr_df */
# define RAND_DRBG_FLAG_CTR_NO_DF 0x1
/* A logical OR of all used flag bits (currently there is only one) */
# define RAND_DRBG_USED_FLAGS ( \
RAND_DRBG_FLAG_CTR_NO_DF \
)
/*
* Default security strength (in the sense of [NIST SP 800-90Ar1])
*
@ -30,11 +35,10 @@
*
* Currently supported ciphers are: NID_aes_128_ctr, NID_aes_192_ctr and
* NID_aes_256_ctr
*
* TODO(DRBG): would be nice to have the NID and strength configurable
*/
# define RAND_DRBG_STRENGTH 256
# define RAND_DRBG_NID NID_aes_256_ctr
# define RAND_DRBG_TYPE NID_aes_256_ctr
# define RAND_DRBG_FLAGS 0
# ifdef __cplusplus
@ -47,6 +51,7 @@ extern "C" {
RAND_DRBG *RAND_DRBG_new(int type, unsigned int flags, RAND_DRBG *parent);
RAND_DRBG *RAND_DRBG_secure_new(int type, unsigned int flags, RAND_DRBG *parent);
int RAND_DRBG_set(RAND_DRBG *drbg, int type, unsigned int flags);
int RAND_DRBG_set_defaults(int type, unsigned int flags);
int RAND_DRBG_instantiate(RAND_DRBG *drbg,
const unsigned char *pers, size_t perslen);
int RAND_DRBG_uninstantiate(RAND_DRBG *drbg);

2
include/openssl/randerr.h
View file

@ -32,6 +32,7 @@ int ERR_load_RAND_strings(void);
# define RAND_F_RAND_DRBG_RESEED 110
# define RAND_F_RAND_DRBG_RESTART 102
# define RAND_F_RAND_DRBG_SET 104
# define RAND_F_RAND_DRBG_SET_DEFAULTS 121
# define RAND_F_RAND_DRBG_UNINSTANTIATE 118
# define RAND_F_RAND_LOAD_FILE 111
# define RAND_F_RAND_POOL_ADD 103
@ -75,6 +76,7 @@ int ERR_load_RAND_strings(void);
# define RAND_R_REQUEST_TOO_LARGE_FOR_DRBG 117
# define RAND_R_RESEED_ERROR 118
# define RAND_R_SELFTEST_FAILURE 119
# define RAND_R_UNSUPPORTED_DRBG_FLAGS 132
# define RAND_R_UNSUPPORTED_DRBG_TYPE 120
#endif

2
ssl/ssl_lib.c
View file

@ -696,7 +696,7 @@ SSL *SSL_new(SSL_CTX *ctx)
*/
if (RAND_get_rand_method() == RAND_OpenSSL()) {
s->drbg =
RAND_DRBG_new(RAND_DRBG_NID, 0, RAND_DRBG_get0_public());
RAND_DRBG_new(0, 0, RAND_DRBG_get0_public());
if (s->drbg == NULL
|| RAND_DRBG_instantiate(s->drbg,
(const unsigned char *) SSL_version_str,

1
util/libcrypto.num
View file

@ -4513,3 +4513,4 @@ EVP_PKEY_new_raw_public_key 4454 1_1_1 EXIST::FUNCTION:
EVP_PKEY_new_CMAC_key 4455 1_1_1 EXIST::FUNCTION:
EVP_PKEY_asn1_set_set_priv_key 4456 1_1_1 EXIST::FUNCTION:
EVP_PKEY_asn1_set_set_pub_key 4457 1_1_1 EXIST::FUNCTION:
RAND_DRBG_set_defaults 4458 1_1_1 EXIST::FUNCTION: