X-Git-Url: https://git.librecmc.org/?a=blobdiff_plain;f=crypto%2Frand%2Fmd_rand.c;h=0f8dd3e00faf3d8afcfc11944577ea579af08d67;hb=e852835da62e256c9e9873467ab8d9d174c4f2d6;hp=9fc98eb0991afb70fc75d15547110a27201fdb21;hpb=e9ad0d2c31997643e1a7bcacddf8d15a930b5cb8;p=oweals%2Fopenssl.git

diff --git a/crypto/rand/md_rand.c b/crypto/rand/md_rand.c
index 9fc98eb099..0f8dd3e00f 100644
--- a/crypto/rand/md_rand.c
+++ b/crypto/rand/md_rand.c
@@ -56,7 +56,7 @@
  * [including the GNU Public Licence.]
  */
 /* ====================================================================
- * Copyright (c) 1998-2000 The OpenSSL Project.  All rights reserved.
+ * Copyright (c) 1998-2001 The OpenSSL Project.  All rights reserved.
  *
  * Redistribution and use in source and binary forms, with or without
  * modification, are permitted provided that the following conditions
@@ -126,6 +126,10 @@
 
 #include <openssl/crypto.h>
 #include <openssl/err.h>
+#ifdef OPENSSL_FIPS
+#include <openssl/fips.h>
+#endif
+
 
 #ifdef BN_DEBUG
 # define PREDICT
@@ -144,6 +148,7 @@ static int initialized=0;
 static unsigned int crypto_lock_rand = 0; /* may be set only when a thread
                                            * holds CRYPTO_LOCK_RAND
                                            * (to prevent double locking) */
+/* access to lockin_thread is synchronized by CRYPTO_LOCK_RAND2 */
 static unsigned long locking_thread = 0; /* valid iff crypto_lock_rand is set */
 
 
@@ -151,7 +156,7 @@ static unsigned long locking_thread = 0; /* valid iff crypto_lock_rand is set */
 int rand_predictable=0;
 #endif
 
-const char *RAND_version="RAND" OPENSSL_VERSION_PTEXT;
+const char RAND_version[]="RAND" OPENSSL_VERSION_PTEXT;
 
 static void ssleay_rand_cleanup(void);
 static void ssleay_rand_seed(const void *buf, int num);
@@ -176,10 +181,10 @@ RAND_METHOD *RAND_SSLeay(void)
 
 static void ssleay_rand_cleanup(void)
 	{
-	memset(state,0,sizeof(state));
+	OPENSSL_cleanse(state,sizeof(state));
 	state_num=0;
 	state_index=0;
-	memset(md,0,MD_DIGEST_LENGTH);
+	OPENSSL_cleanse(md,MD_DIGEST_LENGTH);
 	md_count[0]=0;
 	md_count[1]=0;
 	entropy=0;
@@ -191,7 +196,7 @@ static void ssleay_rand_add(const void *buf, int num, double add)
 	int i,j,k,st_idx;
 	long md_c[2];
 	unsigned char local_md[MD_DIGEST_LENGTH];
-	MD_CTX m;
+	EVP_MD_CTX m;
 	int do_not_lock;
 
 	/*
@@ -210,7 +215,14 @@ static void ssleay_rand_add(const void *buf, int num, double add)
 	 */
 
 	/* check if we already have the lock */
-	do_not_lock = crypto_lock_rand && (locking_thread == CRYPTO_thread_id());
+	if (crypto_lock_rand)
+		{
+		CRYPTO_r_lock(CRYPTO_LOCK_RAND2);
+		do_not_lock = (locking_thread == CRYPTO_thread_id());
+		CRYPTO_r_unlock(CRYPTO_LOCK_RAND2);
+		}
+	else
+		do_not_lock = 0;
 
 	if (!do_not_lock) CRYPTO_w_lock(CRYPTO_LOCK_RAND);
 	st_idx=state_index;
@@ -246,6 +258,7 @@ static void ssleay_rand_add(const void *buf, int num, double add)
 
 	if (!do_not_lock) CRYPTO_w_unlock(CRYPTO_LOCK_RAND);
 
+	EVP_MD_CTX_init(&m);
 	for (i=0; i<num; i+=MD_DIGEST_LENGTH)
 		{
 		j=(num-i);
@@ -284,14 +297,14 @@ static void ssleay_rand_add(const void *buf, int num, double add)
 				st_idx=0;
 			}
 		}
-	memset((char *)&m,0,sizeof(m));
+	EVP_MD_CTX_cleanup(&m);
 
 	if (!do_not_lock) CRYPTO_w_lock(CRYPTO_LOCK_RAND);
 	/* Don't just copy back local_md into md -- this could mean that
 	 * other thread's seeding remains without effect (except for
 	 * the incremented counter).  By XORing it we keep at least as
 	 * much entropy as fits into md. */
-	for (k = 0; k < sizeof md; k++)
+	for (k = 0; k < (int)sizeof(md); k++)
 		{
 		md[k] ^= local_md[k];
 		}
@@ -306,7 +319,7 @@ static void ssleay_rand_add(const void *buf, int num, double add)
 
 static void ssleay_rand_seed(const void *buf, int num)
 	{
-	ssleay_rand_add(buf, num, num);
+	ssleay_rand_add(buf, num, (double)num);
 	}
 
 static int ssleay_rand_bytes(unsigned char *buf, int num)
@@ -317,12 +330,20 @@ static int ssleay_rand_bytes(unsigned char *buf, int num)
 	int ok;
 	long md_c[2];
 	unsigned char local_md[MD_DIGEST_LENGTH];
-	MD_CTX m;
+	EVP_MD_CTX m;
 #ifndef GETPID_IS_MEANINGLESS
 	pid_t curr_pid = getpid();
 #endif
 	int do_stir_pool = 0;
 
+#ifdef OPENSSL_FIPS
+	if(FIPS_mode())
+	    {
+	    FIPSerr(FIPS_F_SSLEAY_RAND_BYTES,FIPS_R_NON_FIPS_METHOD);
+	    return 0;
+	    }
+#endif
+
 #ifdef PREDICT
 	if (rand_predictable)
 		{
@@ -336,7 +357,8 @@ static int ssleay_rand_bytes(unsigned char *buf, int num)
 
 	if (num <= 0)
 		return 1;
-	
+
+	EVP_MD_CTX_init(&m);
 	/* round upwards to multiple of MD_DIGEST_LENGTH/2 */
 	num_ceil = (1 + (num-1)/(MD_DIGEST_LENGTH/2)) * (MD_DIGEST_LENGTH/2);
 
@@ -361,8 +383,10 @@ static int ssleay_rand_bytes(unsigned char *buf, int num)
 	CRYPTO_w_lock(CRYPTO_LOCK_RAND);
 
 	/* prevent ssleay_rand_bytes() from trying to obtain the lock again */
-	crypto_lock_rand = 1;
+	CRYPTO_w_lock(CRYPTO_LOCK_RAND2);
 	locking_thread = CRYPTO_thread_id();
+	CRYPTO_w_unlock(CRYPTO_LOCK_RAND2);
+	crypto_lock_rand = 1;
 
 	if (!initialized)
 		{
@@ -435,7 +459,6 @@ static int ssleay_rand_bytes(unsigned char *buf, int num)
 
 	/* before unlocking, we must clear 'crypto_lock_rand' */
 	crypto_lock_rand = 0;
-	locking_thread = 0;
 	CRYPTO_w_unlock(CRYPTO_LOCK_RAND);
 
 	while (num > 0)
@@ -484,7 +507,7 @@ static int ssleay_rand_bytes(unsigned char *buf, int num)
 	MD_Final(&m,md);
 	CRYPTO_w_unlock(CRYPTO_LOCK_RAND);
 
-	memset(&m,0,sizeof(m));
+	EVP_MD_CTX_cleanup(&m);
 	if (ok)
 		return(1);
 	else
@@ -509,7 +532,7 @@ static int ssleay_rand_pseudo_bytes(unsigned char *buf, int num)
 		err = ERR_peek_error();
 		if (ERR_GET_LIB(err) == ERR_LIB_RAND &&
 		    ERR_GET_REASON(err) == RAND_R_PRNG_NOT_SEEDED)
-			(void)ERR_get_error();
+			ERR_clear_error();
 		}
 	return (ret);
 	}
@@ -521,15 +544,24 @@ static int ssleay_rand_status(void)
 
 	/* check if we already have the lock
 	 * (could happen if a RAND_poll() implementation calls RAND_status()) */
-	do_not_lock = crypto_lock_rand && (locking_thread == CRYPTO_thread_id());
+	if (crypto_lock_rand)
+		{
+		CRYPTO_r_lock(CRYPTO_LOCK_RAND2);
+		do_not_lock = (locking_thread == CRYPTO_thread_id());
+		CRYPTO_r_unlock(CRYPTO_LOCK_RAND2);
+		}
+	else
+		do_not_lock = 0;
 	
 	if (!do_not_lock)
 		{
 		CRYPTO_w_lock(CRYPTO_LOCK_RAND);
 		
 		/* prevent ssleay_rand_bytes() from trying to obtain the lock again */
-		crypto_lock_rand = 1;
+		CRYPTO_w_lock(CRYPTO_LOCK_RAND2);
 		locking_thread = CRYPTO_thread_id();
+		CRYPTO_w_unlock(CRYPTO_LOCK_RAND2);
+		crypto_lock_rand = 1;
 		}
 	
 	if (!initialized)
@@ -544,7 +576,6 @@ static int ssleay_rand_status(void)
 		{
 		/* before unlocking, we must clear 'crypto_lock_rand' */
 		crypto_lock_rand = 0;
-		locking_thread = 0;
 		
 		CRYPTO_w_unlock(CRYPTO_LOCK_RAND);
 		}