Make update: delete duplicate error code.

[oweals/openssl.git] / crypto / rand / md_rand.c

diff --git a/crypto/rand/md_rand.c b/crypto/rand/md_rand.c
index 9fc98eb0991afb70fc75d15547110a27201fdb21..0f8dd3e00faf3d8afcfc11944577ea579af08d67 100644 (file)
--- a/crypto/rand/md_rand.c
+++ b/crypto/rand/md_rand.c
@@ -56,7 +56,7 @@
  * [including the GNU Public Licence.]
  */
 /* ====================================================================
- * Copyright (c) 1998-2000 The OpenSSL Project.  All rights reserved.
+ * Copyright (c) 1998-2001 The OpenSSL Project.  All rights reserved.
  *
  * Redistribution and use in source and binary forms, with or without
  * modification, are permitted provided that the following conditions
@@ -126,6 +126,10 @@
 
 #include <openssl/crypto.h>
 #include <openssl/err.h>
+#ifdef OPENSSL_FIPS
+#include <openssl/fips.h>
+#endif
+
 
 #ifdef BN_DEBUG
 # define PREDICT
@@ -144,6 +148,7 @@ static int initialized=0;
 static unsigned int crypto_lock_rand = 0; /* may be set only when a thread
                                            * holds CRYPTO_LOCK_RAND
                                            * (to prevent double locking) */
+/* access to lockin_thread is synchronized by CRYPTO_LOCK_RAND2 */
 static unsigned long locking_thread = 0; /* valid iff crypto_lock_rand is set */
 
 
@@ -151,7 +156,7 @@ static unsigned long locking_thread = 0; /* valid iff crypto_lock_rand is set */
 int rand_predictable=0;
 #endif
 
-const char *RAND_version="RAND" OPENSSL_VERSION_PTEXT;
+const char RAND_version[]="RAND" OPENSSL_VERSION_PTEXT;
 
 static void ssleay_rand_cleanup(void);
 static void ssleay_rand_seed(const void *buf, int num);
@@ -176,10 +181,10 @@ RAND_METHOD *RAND_SSLeay(void)
 
 static void ssleay_rand_cleanup(void)
        {
-       memset(state,0,sizeof(state));
+       OPENSSL_cleanse(state,sizeof(state));
        state_num=0;
        state_index=0;
-       memset(md,0,MD_DIGEST_LENGTH);
+       OPENSSL_cleanse(md,MD_DIGEST_LENGTH);
        md_count[0]=0;
        md_count[1]=0;
        entropy=0;
@@ -191,7 +196,7 @@ static void ssleay_rand_add(const void *buf, int num, double add)
        int i,j,k,st_idx;
        long md_c[2];
        unsigned char local_md[MD_DIGEST_LENGTH];
-       MD_CTX m;
+       EVP_MD_CTX m;
        int do_not_lock;
 
        /*
@@ -210,7 +215,14 @@ static void ssleay_rand_add(const void *buf, int num, double add)
         */
 
        /* check if we already have the lock */
-       do_not_lock = crypto_lock_rand && (locking_thread == CRYPTO_thread_id());
+       if (crypto_lock_rand)
+               {
+               CRYPTO_r_lock(CRYPTO_LOCK_RAND2);
+               do_not_lock = (locking_thread == CRYPTO_thread_id());
+               CRYPTO_r_unlock(CRYPTO_LOCK_RAND2);
+               }
+       else
+               do_not_lock = 0;
 
        if (!do_not_lock) CRYPTO_w_lock(CRYPTO_LOCK_RAND);
        st_idx=state_index;
@@ -246,6 +258,7 @@ static void ssleay_rand_add(const void *buf, int num, double add)
 
        if (!do_not_lock) CRYPTO_w_unlock(CRYPTO_LOCK_RAND);
 
+       EVP_MD_CTX_init(&m);
        for (i=0; i<num; i+=MD_DIGEST_LENGTH)
                {
                j=(num-i);
@@ -284,14 +297,14 @@ static void ssleay_rand_add(const void *buf, int num, double add)
                                st_idx=0;
                        }
                }
-       memset((char *)&m,0,sizeof(m));
+       EVP_MD_CTX_cleanup(&m);
 
        if (!do_not_lock) CRYPTO_w_lock(CRYPTO_LOCK_RAND);
        /* Don't just copy back local_md into md -- this could mean that
         * other thread's seeding remains without effect (except for
         * the incremented counter).  By XORing it we keep at least as
         * much entropy as fits into md. */
-       for (k = 0; k < sizeof md; k++)
+       for (k = 0; k < (int)sizeof(md); k++)
                {
                md[k] ^= local_md[k];
                }
@@ -306,7 +319,7 @@ static void ssleay_rand_add(const void *buf, int num, double add)
 
 static void ssleay_rand_seed(const void *buf, int num)
        {
-       ssleay_rand_add(buf, num, num);
+       ssleay_rand_add(buf, num, (double)num);
        }
 
 static int ssleay_rand_bytes(unsigned char *buf, int num)
@@ -317,12 +330,20 @@ static int ssleay_rand_bytes(unsigned char *buf, int num)
        int ok;
        long md_c[2];
        unsigned char local_md[MD_DIGEST_LENGTH];
-       MD_CTX m;
+       EVP_MD_CTX m;
 #ifndef GETPID_IS_MEANINGLESS
        pid_t curr_pid = getpid();
 #endif
        int do_stir_pool = 0;
 
+#ifdef OPENSSL_FIPS
+       if(FIPS_mode())
+           {
+           FIPSerr(FIPS_F_SSLEAY_RAND_BYTES,FIPS_R_NON_FIPS_METHOD);
+           return 0;
+           }
+#endif
+
 #ifdef PREDICT
        if (rand_predictable)
                {
@@ -336,7 +357,8 @@ static int ssleay_rand_bytes(unsigned char *buf, int num)
 
        if (num <= 0)
                return 1;
-       
+
+       EVP_MD_CTX_init(&m);
        /* round upwards to multiple of MD_DIGEST_LENGTH/2 */
        num_ceil = (1 + (num-1)/(MD_DIGEST_LENGTH/2)) * (MD_DIGEST_LENGTH/2);
 
@@ -361,8 +383,10 @@ static int ssleay_rand_bytes(unsigned char *buf, int num)
        CRYPTO_w_lock(CRYPTO_LOCK_RAND);
 
        /* prevent ssleay_rand_bytes() from trying to obtain the lock again */
-       crypto_lock_rand = 1;
+       CRYPTO_w_lock(CRYPTO_LOCK_RAND2);
        locking_thread = CRYPTO_thread_id();
+       CRYPTO_w_unlock(CRYPTO_LOCK_RAND2);
+       crypto_lock_rand = 1;
 
        if (!initialized)
                {
@@ -435,7 +459,6 @@ static int ssleay_rand_bytes(unsigned char *buf, int num)
 
        /* before unlocking, we must clear 'crypto_lock_rand' */
        crypto_lock_rand = 0;
-       locking_thread = 0;
        CRYPTO_w_unlock(CRYPTO_LOCK_RAND);
 
        while (num > 0)
@@ -484,7 +507,7 @@ static int ssleay_rand_bytes(unsigned char *buf, int num)
        MD_Final(&m,md);
        CRYPTO_w_unlock(CRYPTO_LOCK_RAND);
 
-       memset(&m,0,sizeof(m));
+       EVP_MD_CTX_cleanup(&m);
        if (ok)
                return(1);
        else
@@ -509,7 +532,7 @@ static int ssleay_rand_pseudo_bytes(unsigned char *buf, int num)
                err = ERR_peek_error();
                if (ERR_GET_LIB(err) == ERR_LIB_RAND &&
                    ERR_GET_REASON(err) == RAND_R_PRNG_NOT_SEEDED)
-                       (void)ERR_get_error();
+                       ERR_clear_error();
                }
        return (ret);
        }
@@ -521,15 +544,24 @@ static int ssleay_rand_status(void)
 
        /* check if we already have the lock
         * (could happen if a RAND_poll() implementation calls RAND_status()) */
-       do_not_lock = crypto_lock_rand && (locking_thread == CRYPTO_thread_id());
+       if (crypto_lock_rand)
+               {
+               CRYPTO_r_lock(CRYPTO_LOCK_RAND2);
+               do_not_lock = (locking_thread == CRYPTO_thread_id());
+               CRYPTO_r_unlock(CRYPTO_LOCK_RAND2);
+               }
+       else
+               do_not_lock = 0;
        
        if (!do_not_lock)
                {
                CRYPTO_w_lock(CRYPTO_LOCK_RAND);
                
                /* prevent ssleay_rand_bytes() from trying to obtain the lock again */
-               crypto_lock_rand = 1;
+               CRYPTO_w_lock(CRYPTO_LOCK_RAND2);
                locking_thread = CRYPTO_thread_id();
+               CRYPTO_w_unlock(CRYPTO_LOCK_RAND2);
+               crypto_lock_rand = 1;
                }
        
        if (!initialized)
@@ -544,7 +576,6 @@ static int ssleay_rand_status(void)
                {
                /* before unlocking, we must clear 'crypto_lock_rand' */
                crypto_lock_rand = 0;
-               locking_thread = 0;
                
                CRYPTO_w_unlock(CRYPTO_LOCK_RAND);
                }