From a32f4770e970e3f99715157d49e30fd73133f334 Mon Sep 17 00:00:00 2001 From: "Dr. Stephen Henson" Date: Tue, 14 Aug 2007 13:17:28 +0000 Subject: [PATCH] Ensure seed does not match key and fixup error codes. --- fips-1.0/rand/fips_rand.c | 26 ++++++++++++++++++++++++-- 1 file changed, 24 insertions(+), 2 deletions(-) diff --git a/fips-1.0/rand/fips_rand.c b/fips-1.0/rand/fips_rand.c index 9735394aaf..b4e83bca9e 100644 --- a/fips-1.0/rand/fips_rand.c +++ b/fips-1.0/rand/fips_rand.c @@ -97,6 +97,8 @@ typedef struct unsigned long counter; AES_KEY ks; int vpos; + /* Temporary storage for key if it equals seed length */ + unsigned char tmp_key[AES_BLOCK_LENGTH]; unsigned char V[AES_BLOCK_LENGTH]; unsigned char DT[AES_BLOCK_LENGTH]; unsigned char last[AES_BLOCK_LENGTH]; @@ -128,7 +130,13 @@ static int fips_set_prng_key(FIPS_PRNG_CTX *ctx, return 0; } AES_set_encrypt_key(key, keylen << 3, &ctx->ks); - ctx->keyed = 1; + if (keylen == 16) + { + memcpy(ctx->tmp_key, key, 16); + ctx->keyed = 2; + } + else + ctx->keyed = 1; ctx->seeded = 0; ctx->second = 0; return 1; @@ -156,6 +164,20 @@ static int fips_set_prng_seed(FIPS_PRNG_CTX *ctx, if (ctx->vpos == AES_BLOCK_LENGTH) { ctx->vpos = 0; + /* Special case if first seed and key length equals + * block size check key and seed do not match. + */ + if (ctx->keyed == 2) + { + if (!memcmp(ctx->tmp_key, ctx->V, 16)) + { + RANDerr(RAND_F_FIPS_SET_PRNG_SEED, + RAND_R_PRNG_SEED_MUST_NOT_MATCH_KEY); + return 0; + } + OPENSSL_cleanse(ctx->tmp_key, 16); + ctx->keyed = 1; + } ctx->seeded = 1; } } @@ -182,7 +204,7 @@ int FIPS_rand_set_dt(unsigned char *dt) { if (!sctx.test_mode) { - RANDerr(RAND_F_FIPS_SET_DT,RAND_R_NOT_IN_TEST_MODE); + RANDerr(RAND_F_FIPS_RAND_SET_DT,RAND_R_NOT_IN_TEST_MODE); return 0; } memcpy(sctx.DT, dt, AES_BLOCK_LENGTH);