static void close_accept_socket(void);
static int init_ssl_connection(SSL *s);
static void print_stats(BIO *bp, SSL_CTX *ctx);
-static int generate_session_id(const SSL *ssl, unsigned char *id,
+static int generate_session_id(SSL *ssl, unsigned char *id,
unsigned int *id_len);
static void init_session_cache_ctx(SSL_CTX *sctx);
static void free_sessions(void);
}
#define MAX_SESSION_ID_ATTEMPTS 10
-static int generate_session_id(const SSL *ssl, unsigned char *id,
+static int generate_session_id(SSL *ssl, unsigned char *id,
unsigned int *id_len)
{
unsigned int count = 0;
goto err;
if (parent != NULL) {
+ if (parent->state == DRBG_UNINITIALISED
+ && RAND_DRBG_instantiate(parent, NULL, 0) == 0)
+ goto err;
if (!RAND_DRBG_set_callbacks(drbg, drbg_entropy_from_parent,
drbg_release_entropy,
NULL, NULL)
return NULL;
}
+RAND_DRBG *RAND_DRBG_get0_global(void)
+{
+ return &rand_drbg;
+}
+
/*
* Uninstantiate |drbg| and free all memory.
*/
int prediction_resistance,
const unsigned char *adin, size_t adinlen);
int RAND_DRBG_set_reseed_interval(RAND_DRBG *drbg, int interval);
+RAND_DRBG *RAND_DRBG_get0_global(void);
/*
* EXDATA
* bytes. The callback can alter this length to be less if desired. It is
* also an error for the callback to set the size to zero.
*/
-typedef int (*GEN_SESSION_CB) (const SSL *ssl, unsigned char *id,
+typedef int (*GEN_SESSION_CB) (SSL *ssl, unsigned char *id,
unsigned int *id_len);
# define SSL_SESS_CACHE_OFF 0x0000
*/
SSLerr(SSL_F_TLS1_ENC, ERR_R_INTERNAL_ERROR);
return -1;
- } else if (RAND_bytes(recs[ctr].input, ivlen) <= 0) {
+ } else if (ssl_randbytes(s, recs[ctr].input, ivlen) <= 0) {
SSLerr(SSL_F_TLS1_ENC, ERR_R_INTERNAL_ERROR);
return -1;
}
if (send_time) {
unsigned long Time = (unsigned long)time(NULL);
unsigned char *p = result;
+
l2n(Time, p);
- /* TODO(size_t): Convert this */
- ret = RAND_bytes(p, (int)(len - 4));
+ ret = ssl_randbytes(s, p, len - 4);
} else {
- ret = RAND_bytes(result, (int)len);
+ ret = ssl_randbytes(s, result, len);
}
#ifndef OPENSSL_NO_TLS13DOWNGRADE
if (ret) {
#include <openssl/async.h>
#include <openssl/ct.h>
#include "internal/cryptlib.h"
+#include "internal/rand.h"
const char SSL_version_str[] = OPENSSL_VERSION_TEXT;
goto err;
s->lock = CRYPTO_THREAD_lock_new();
- if (s->lock == NULL) {
- SSLerr(SSL_F_SSL_NEW, ERR_R_MALLOC_FAILURE);
- OPENSSL_free(s);
- return NULL;
+ if (s->lock == NULL)
+ goto err;
+
+ /*
+ * If not using the standard RAND (say for fuzzing), then don't use a
+ * chained DRBG.
+ */
+ if (RAND_get_rand_method() == RAND_OpenSSL()) {
+ s->drbg = RAND_DRBG_new(NID_aes_128_ctr, RAND_DRBG_FLAG_CTR_USE_DF,
+ RAND_DRBG_get0_global());
+ if (s->drbg == NULL) {
+ CRYPTO_THREAD_lock_free(s->lock);
+ goto err;
+ }
}
RECORD_LAYER_init(&s->rlayer, s);
sk_SRTP_PROTECTION_PROFILE_free(s->srtp_profiles);
#endif
+ RAND_DRBG_free(s->drbg);
CRYPTO_THREAD_lock_free(s->lock);
OPENSSL_free(s);
{
return s->max_early_data;
}
+
+int ssl_randbytes(SSL *s, unsigned char *rnd, size_t size)
+{
+ if (s->drbg != NULL)
+ return RAND_DRBG_generate(s->drbg, rnd, size, 0, NULL, 0);
+ return RAND_bytes(rnd, (int)size);
+}
size_t block_padding;
CRYPTO_RWLOCK *lock;
+ RAND_DRBG *drbg;
};
/*
__owur int ssl_cert_set_cert_store(CERT *c, X509_STORE *store, int chain,
int ref);
+__owur int ssl_randbytes(SSL *s, unsigned char *buf, size_t num);
__owur int ssl_security(const SSL *s, int op, int bits, int nid, void *other);
__owur int ssl_ctx_security(const SSL_CTX *ctx, int op, int bits, int nid,
void *other);
*/
#define MAX_SESS_ID_ATTEMPTS 10
-static int def_generate_session_id(const SSL *ssl, unsigned char *id,
+static int def_generate_session_id(SSL *ssl, unsigned char *id,
unsigned int *id_len)
{
unsigned int retry = 0;
do
- if (RAND_bytes(id, *id_len) <= 0)
+ if (ssl_randbytes(ssl, id, *id_len) <= 0)
return 0;
while (SSL_has_matching_session_id(ssl, id, *id_len) &&
(++retry < MAX_SESS_ID_ATTEMPTS)) ;
pms[0] = s->client_version >> 8;
pms[1] = s->client_version & 0xff;
/* TODO(size_t): Convert this function */
- if (RAND_bytes(pms + 2, (int)(pmslen - 2)) <= 0) {
+ if (ssl_randbytes(s, pms + 2, (int)(pmslen - 2)) <= 0) {
goto err;
}
/* Generate session key
* TODO(size_t): Convert this function
*/
- || RAND_bytes(pms, (int)pmslen) <= 0) {
+ || ssl_randbytes(s, pms, (int)pmslen) <= 0) {
*al = SSL_AD_INTERNAL_ERROR;
SSLerr(SSL_F_TLS_CONSTRUCT_CKE_GOST, ERR_R_INTERNAL_ERROR);
goto err;
* fails. See https://tools.ietf.org/html/rfc5246#section-7.4.7.1
*/
- if (RAND_bytes(rand_premaster_secret, sizeof(rand_premaster_secret)) <= 0)
+ if (ssl_randbytes(s, rand_premaster_secret, sizeof(rand_premaster_secret)) <= 0)
goto err;
/*
} age_add_u;
if (SSL_IS_TLS13(s)) {
- if (RAND_bytes(age_add_u.age_add_c, sizeof(age_add_u)) <= 0)
+ if (ssl_randbytes(s, age_add_u.age_add_c, sizeof(age_add_u)) <= 0)
goto err;
s->session->ext.tick_age_add = age_add_u.age_add;
/*
const EVP_CIPHER *cipher = EVP_aes_256_cbc();
iv_len = EVP_CIPHER_iv_length(cipher);
- if (RAND_bytes(iv, iv_len) <= 0)
+ if (ssl_randbytes(s, iv, iv_len) <= 0)
goto err;
if (!EVP_EncryptInit_ex(ctx, cipher, NULL,
tctx->ext.tick_aes_key, iv))
(s->srp_ctx.s == NULL) || (s->srp_ctx.v == NULL))
return SSL3_AL_FATAL;
- if (RAND_bytes(b, sizeof(b)) <= 0)
+ if (ssl_randbytes(s, b, sizeof(b)) <= 0)
return SSL3_AL_FATAL;
s->srp_ctx.b = BN_bin2bn(b, sizeof(b), NULL);
OPENSSL_cleanse(b, sizeof(b));
{
unsigned char rnd[SSL_MAX_MASTER_KEY_LENGTH];
- if (RAND_bytes(rnd, sizeof(rnd)) <= 0)
+ if (ssl_randbytes(s, rnd, sizeof(rnd)) <= 0)
return 0;
s->srp_ctx.a = BN_bin2bn(rnd, sizeof(rnd), s->srp_ctx.a);
OPENSSL_cleanse(rnd, sizeof(rnd));
EVP_PKEY_meth_get0 4316 1_1_1 EXIST::FUNCTION:
EVP_PKEY_meth_get_count 4317 1_1_1 EXIST::FUNCTION:
RAND_poll_ex 4318 1_1_1 EXIST::FUNCTION:
+RAND_DRBG_get0_global 4319 1_1_1 EXIST::FUNCTION:
projects / oweals / openssl.git / commitdiff