Coverage Report

Created: 2026-02-14 07:20

next uncovered line (L), next uncovered region (R), next uncovered branch (B)
/src/openssl36/providers/implementations/rands/drbg_hmac.c
Line
Count
Source
1
/*
2
 * Copyright 2011-2026 The OpenSSL Project Authors. All Rights Reserved.
3
 *
4
 * Licensed under the Apache License 2.0 (the "License").  You may not use
5
 * this file except in compliance with the License.  You can obtain a copy
6
 * in the file LICENSE in the source distribution or at
7
 * https://www.openssl.org/source/license.html
8
 */
9
/* clang-format off */
10
11
/* clang-format on */
12
13
#include <stdlib.h>
14
#include <string.h>
15
#include <openssl/crypto.h>
16
#include <openssl/err.h>
17
#include <openssl/rand.h>
18
#include <openssl/proverr.h>
19
#include "internal/cryptlib.h"
20
#include "internal/thread_once.h"
21
#include "prov/providercommon.h"
22
#include "prov/implementations.h"
23
#include "prov/provider_ctx.h"
24
#include "prov/hmac_drbg.h"
25
#include "prov/drbg.h"
26
#include "crypto/evp.h"
27
#include "crypto/evp/evp_local.h"
28
#include "internal/provider.h"
29
30
static OSSL_FUNC_rand_newctx_fn drbg_hmac_new_wrapper;
31
static OSSL_FUNC_rand_freectx_fn drbg_hmac_free;
32
static OSSL_FUNC_rand_instantiate_fn drbg_hmac_instantiate_wrapper;
33
static OSSL_FUNC_rand_uninstantiate_fn drbg_hmac_uninstantiate_wrapper;
34
static OSSL_FUNC_rand_generate_fn drbg_hmac_generate_wrapper;
35
static OSSL_FUNC_rand_reseed_fn drbg_hmac_reseed_wrapper;
36
static OSSL_FUNC_rand_settable_ctx_params_fn drbg_hmac_settable_ctx_params;
37
static OSSL_FUNC_rand_set_ctx_params_fn drbg_hmac_set_ctx_params;
38
static OSSL_FUNC_rand_gettable_ctx_params_fn drbg_hmac_gettable_ctx_params;
39
static OSSL_FUNC_rand_get_ctx_params_fn drbg_hmac_get_ctx_params;
40
static OSSL_FUNC_rand_verify_zeroization_fn drbg_hmac_verify_zeroization;
41
42
static int drbg_hmac_set_ctx_params_locked(PROV_DRBG *drbg, const struct drbg_set_ctx_params_st *p);
43
static int drbg_hmac_set_ctx_params_decoder(const OSSL_PARAM params[],
44
    struct drbg_set_ctx_params_st *p);
45
46
/*
47
 * Called twice by SP800-90Ar1 10.1.2.2 HMAC_DRBG_Update_Process.
48
 *
49
 * hmac is an object that holds the input/output Key and Value (K and V).
50
 * inbyte is 0x00 on the first call and 0x01 on the second call.
51
 * in1, in2, in3 are optional inputs that can be NULL.
52
 * in1len, in2len, in3len are the lengths of the input buffers.
53
 *
54
 * The returned K,V is:
55
 *   hmac->K = HMAC(hmac->K, hmac->V || inbyte || [in1] || [in2] || [in3])
56
 *   hmac->V = HMAC(hmac->K, hmac->V)
57
 *
58
 * Returns zero if an error occurs otherwise it returns 1.
59
 */
60
static int do_hmac(PROV_DRBG_HMAC *hmac, unsigned char inbyte,
61
    const unsigned char *in1, size_t in1len,
62
    const unsigned char *in2, size_t in2len,
63
    const unsigned char *in3, size_t in3len)
64
2.25k
{
65
2.25k
    EVP_MAC_CTX *ctx = hmac->ctx;
66
67
2.25k
    if (!EVP_MAC_init(ctx, hmac->K, hmac->blocklen, NULL)
68
        /* K = HMAC(K, V || inbyte || [in1] || [in2] || [in3]) */
69
2.23k
        || !EVP_MAC_update(ctx, hmac->V, hmac->blocklen)
70
2.23k
        || !EVP_MAC_update(ctx, &inbyte, 1)
71
2.23k
        || !(in1 == NULL || in1len == 0 || EVP_MAC_update(ctx, in1, in1len))
72
2.23k
        || !(in2 == NULL || in2len == 0 || EVP_MAC_update(ctx, in2, in2len))
73
2.23k
        || !(in3 == NULL || in3len == 0 || EVP_MAC_update(ctx, in3, in3len))
74
2.23k
        || !EVP_MAC_final(ctx, hmac->K, NULL, sizeof(hmac->K)))
75
20
        return 0;
76
77
    /* V = HMAC(K, V) */
78
2.23k
    return EVP_MAC_init(ctx, hmac->K, hmac->blocklen, NULL)
79
2.23k
        && EVP_MAC_update(ctx, hmac->V, hmac->blocklen)
80
2.23k
        && EVP_MAC_final(ctx, hmac->V, NULL, sizeof(hmac->V));
81
2.25k
}
82
83
/*
84
 * SP800-90Ar1 10.1.2.2 HMAC_DRBG_Update_Process
85
 *
86
 *
87
 * Updates the drbg objects Key(K) and Value(V) using the following algorithm:
88
 *   K,V = do_hmac(hmac, 0, in1, in2, in3)
89
 *   if (any input is not NULL)
90
 *     K,V = do_hmac(hmac, 1, in1, in2, in3)
91
 *
92
 * where in1, in2, in3 are optional input buffers that can be NULL.
93
 *       in1len, in2len, in3len are the lengths of the input buffers.
94
 *
95
 * Returns zero if an error occurs otherwise it returns 1.
96
 */
97
static int drbg_hmac_update(PROV_DRBG_HMAC *hmac,
98
    const unsigned char *in1, size_t in1len,
99
    const unsigned char *in2, size_t in2len,
100
    const unsigned char *in3, size_t in3len)
101
1.40k
{
102
    /* (Steps 1-2) K = HMAC(K, V||0x00||provided_data). V = HMAC(K,V) */
103
1.40k
    if (!do_hmac(hmac, 0x00, in1, in1len, in2, in2len, in3, in3len))
104
20
        return 0;
105
    /* (Step 3) If provided_data == NULL then return (K,V) */
106
1.38k
    if (in1len == 0 && in2len == 0 && in3len == 0)
107
539
        return 1;
108
    /* (Steps 4-5) K = HMAC(K, V||0x01||provided_data). V = HMAC(K,V) */
109
850
    return do_hmac(hmac, 0x01, in1, in1len, in2, in2len, in3, in3len);
110
1.38k
}
111
112
/*
113
 * SP800-90Ar1 10.1.2.3 HMAC_DRBG_Instantiate_Process:
114
 *
115
 * This sets the drbg Key (K) to all zeros, and Value (V) to all 1's.
116
 * and then calls (K,V) = drbg_hmac_update() with input parameters:
117
 *   ent = entropy data (Can be NULL) of length ent_len.
118
 *   nonce = nonce data (Can be NULL) of length nonce_len.
119
 *   pstr = personalization data (Can be NULL) of length pstr_len.
120
 *
121
 * Returns zero if an error occurs otherwise it returns 1.
122
 */
123
int ossl_drbg_hmac_init(PROV_DRBG_HMAC *hmac,
124
    const unsigned char *ent, size_t ent_len,
125
    const unsigned char *nonce, size_t nonce_len,
126
    const unsigned char *pstr, size_t pstr_len)
127
587
{
128
587
    if (hmac->ctx == NULL) {
129
0
        ERR_raise(ERR_LIB_PROV, PROV_R_MISSING_MAC);
130
0
        return 0;
131
0
    }
132
133
    /* (Step 2) Key = 0x00 00...00 */
134
587
    memset(hmac->K, 0x00, hmac->blocklen);
135
    /* (Step 3) V = 0x01 01...01 */
136
587
    memset(hmac->V, 0x01, hmac->blocklen);
137
    /* (Step 4) (K,V) = HMAC_DRBG_Update(entropy||nonce||pers string, K, V) */
138
587
    return drbg_hmac_update(hmac, ent, ent_len, nonce, nonce_len, pstr,
139
587
        pstr_len);
140
587
}
141
static int drbg_hmac_instantiate(PROV_DRBG *drbg,
142
    const unsigned char *ent, size_t ent_len,
143
    const unsigned char *nonce, size_t nonce_len,
144
    const unsigned char *pstr, size_t pstr_len)
145
277
{
146
277
    return ossl_drbg_hmac_init((PROV_DRBG_HMAC *)drbg->data, ent, ent_len,
147
277
        nonce, nonce_len, pstr, pstr_len);
148
277
}
149
150
static int drbg_hmac_instantiate_wrapper(void *vdrbg, unsigned int strength,
151
    int prediction_resistance,
152
    const unsigned char *pstr,
153
    size_t pstr_len,
154
    const OSSL_PARAM params[])
155
0
{
156
0
    PROV_DRBG *drbg = (PROV_DRBG *)vdrbg;
157
0
    struct drbg_set_ctx_params_st p;
158
0
    int ret = 0;
159
160
0
    if (drbg == NULL || !drbg_hmac_set_ctx_params_decoder(params, &p))
161
0
        return 0;
162
163
0
    if (drbg->lock != NULL && !CRYPTO_THREAD_write_lock(drbg->lock))
164
0
        return 0;
165
166
0
    if (!ossl_prov_is_running()
167
0
        || !drbg_hmac_set_ctx_params_locked(drbg, &p))
168
0
        goto err;
169
0
    ret = ossl_prov_drbg_instantiate(drbg, strength, prediction_resistance,
170
0
        pstr, pstr_len);
171
0
err:
172
0
    if (drbg->lock != NULL)
173
0
        CRYPTO_THREAD_unlock(drbg->lock);
174
0
    return ret;
175
0
}
176
177
/*
178
 * SP800-90Ar1 10.1.2.4 HMAC_DRBG_Reseed_Process:
179
 *
180
 * Reseeds the drbg's Key (K) and Value (V) by calling
181
 * (K,V) = drbg_hmac_update() with the following input parameters:
182
 *   ent = entropy input data (Can be NULL) of length ent_len.
183
 *   adin = additional input data (Can be NULL) of length adin_len.
184
 *
185
 * Returns zero if an error occurs otherwise it returns 1.
186
 */
187
static int drbg_hmac_reseed(PROV_DRBG *drbg,
188
    const unsigned char *ent, size_t ent_len,
189
    const unsigned char *adin, size_t adin_len)
190
283
{
191
283
    PROV_DRBG_HMAC *hmac = (PROV_DRBG_HMAC *)drbg->data;
192
193
    /* (Step 2) (K,V) = HMAC_DRBG_Update(entropy||additional_input, K, V) */
194
283
    return drbg_hmac_update(hmac, ent, ent_len, adin, adin_len, NULL, 0);
195
283
}
196
197
static int drbg_hmac_reseed_wrapper(void *vdrbg, int prediction_resistance,
198
    const unsigned char *ent, size_t ent_len,
199
    const unsigned char *adin, size_t adin_len)
200
229
{
201
229
    PROV_DRBG *drbg = (PROV_DRBG *)vdrbg;
202
203
229
    return ossl_prov_drbg_reseed(drbg, prediction_resistance, ent, ent_len,
204
229
        adin, adin_len);
205
229
}
206
207
/*
208
 * SP800-90Ar1 10.1.2.5 HMAC_DRBG_Generate_Process:
209
 *
210
 * Generates pseudo random bytes and updates the internal K,V for the drbg.
211
 * out is a buffer to fill with outlen bytes of pseudo random data.
212
 * adin is an additional_input string of size adin_len that may be NULL.
213
 *
214
 * Returns zero if an error occurs otherwise it returns 1.
215
 */
216
int ossl_drbg_hmac_generate(PROV_DRBG_HMAC *hmac,
217
    unsigned char *out, size_t outlen,
218
    const unsigned char *adin, size_t adin_len)
219
567
{
220
567
    EVP_MAC_CTX *ctx = hmac->ctx;
221
567
    const unsigned char *temp = hmac->V;
222
223
    /* (Step 2) if adin != NULL then (K,V) = HMAC_DRBG_Update(adin, K, V) */
224
567
    if (adin != NULL
225
0
        && adin_len > 0
226
0
        && !drbg_hmac_update(hmac, adin, adin_len, NULL, 0, NULL, 0))
227
0
        return 0;
228
229
    /*
230
     * (Steps 3-5) temp = NULL
231
     *             while (len(temp) < outlen) {
232
     *                 V = HMAC(K, V)
233
     *                 temp = temp || V
234
     *             }
235
     */
236
40.7k
    for (;;) {
237
40.7k
        if (!EVP_MAC_init(ctx, hmac->K, hmac->blocklen, NULL)
238
40.7k
            || !EVP_MAC_update(ctx, temp, hmac->blocklen))
239
0
            return 0;
240
241
40.7k
        if (outlen > hmac->blocklen) {
242
40.1k
            if (!EVP_MAC_final(ctx, out, NULL, outlen))
243
28
                return 0;
244
40.1k
            temp = out;
245
40.1k
        } else {
246
539
            if (!EVP_MAC_final(ctx, hmac->V, NULL, sizeof(hmac->V)))
247
0
                return 0;
248
539
            memcpy(out, hmac->V, outlen);
249
539
            break;
250
539
        }
251
40.1k
        out += hmac->blocklen;
252
40.1k
        outlen -= hmac->blocklen;
253
40.1k
    }
254
    /* (Step 6) (K,V) = HMAC_DRBG_Update(adin, K, V) */
255
539
    if (!drbg_hmac_update(hmac, adin, adin_len, NULL, 0, NULL, 0))
256
0
        return 0;
257
258
539
    return 1;
259
539
}
260
261
static int drbg_hmac_generate(PROV_DRBG *drbg,
262
    unsigned char *out, size_t outlen,
263
    const unsigned char *adin, size_t adin_len)
264
257
{
265
257
    return ossl_drbg_hmac_generate((PROV_DRBG_HMAC *)drbg->data, out, outlen,
266
257
        adin, adin_len);
267
257
}
268
269
static int drbg_hmac_generate_wrapper(void *vdrbg,
270
    unsigned char *out, size_t outlen, unsigned int strength,
271
    int prediction_resistance, const unsigned char *adin, size_t adin_len)
272
277
{
273
277
    PROV_DRBG *drbg = (PROV_DRBG *)vdrbg;
274
275
277
    return ossl_prov_drbg_generate(drbg, out, outlen, strength,
276
277
        prediction_resistance, adin, adin_len);
277
277
}
278
279
static int drbg_hmac_uninstantiate(PROV_DRBG *drbg)
280
0
{
281
0
    PROV_DRBG_HMAC *hmac = (PROV_DRBG_HMAC *)drbg->data;
282
283
0
    OPENSSL_cleanse(hmac->K, sizeof(hmac->K));
284
0
    OPENSSL_cleanse(hmac->V, sizeof(hmac->V));
285
0
    return ossl_prov_drbg_uninstantiate(drbg);
286
0
}
287
288
static int drbg_hmac_uninstantiate_wrapper(void *vdrbg)
289
0
{
290
0
    PROV_DRBG *drbg = (PROV_DRBG *)vdrbg;
291
0
    int ret;
292
293
0
    if (drbg->lock != NULL && !CRYPTO_THREAD_write_lock(drbg->lock))
294
0
        return 0;
295
296
0
    ret = drbg_hmac_uninstantiate(drbg);
297
298
0
    if (drbg->lock != NULL)
299
0
        CRYPTO_THREAD_unlock(drbg->lock);
300
301
0
    return ret;
302
0
}
303
304
static int drbg_hmac_verify_zeroization(void *vdrbg)
305
0
{
306
0
    PROV_DRBG *drbg = (PROV_DRBG *)vdrbg;
307
0
    PROV_DRBG_HMAC *hmac = (PROV_DRBG_HMAC *)drbg->data;
308
0
    int ret = 0;
309
310
0
    if (drbg->lock != NULL && !CRYPTO_THREAD_read_lock(drbg->lock))
311
0
        return 0;
312
313
0
    PROV_DRBG_VERIFY_ZEROIZATION(hmac->K);
314
0
    PROV_DRBG_VERIFY_ZEROIZATION(hmac->V);
315
316
0
    ret = 1;
317
0
err:
318
0
    if (drbg->lock != NULL)
319
0
        CRYPTO_THREAD_unlock(drbg->lock);
320
0
    return ret;
321
0
}
322
323
static int drbg_hmac_new(PROV_DRBG *drbg)
324
430
{
325
430
    PROV_DRBG_HMAC *hmac;
326
327
430
    hmac = OPENSSL_secure_zalloc(sizeof(*hmac));
328
430
    if (hmac == NULL)
329
0
        return 0;
330
331
430
    OSSL_FIPS_IND_INIT(drbg)
332
333
430
    drbg->data = hmac;
334
    /* See SP800-57 Part1 Rev4 5.6.1 Table 3 */
335
430
    drbg->max_entropylen = DRBG_MAX_LENGTH;
336
430
    drbg->max_noncelen = DRBG_MAX_LENGTH;
337
430
    drbg->max_perslen = DRBG_MAX_LENGTH;
338
430
    drbg->max_adinlen = DRBG_MAX_LENGTH;
339
340
    /* Maximum number of bits per request = 2^19  = 2^16 bytes */
341
430
    drbg->max_request = 1 << 16;
342
430
    return 1;
343
430
}
344
345
static void *drbg_hmac_new_wrapper(void *provctx, void *parent,
346
    const OSSL_DISPATCH *parent_dispatch)
347
430
{
348
430
    return ossl_rand_drbg_new(provctx, parent, parent_dispatch,
349
430
        &drbg_hmac_new, &drbg_hmac_free,
350
430
        &drbg_hmac_instantiate, &drbg_hmac_uninstantiate,
351
430
        &drbg_hmac_reseed, &drbg_hmac_generate);
352
430
}
353
354
static void drbg_hmac_free(void *vdrbg)
355
430
{
356
430
    PROV_DRBG *drbg = (PROV_DRBG *)vdrbg;
357
430
    PROV_DRBG_HMAC *hmac;
358
359
430
    if (drbg != NULL && (hmac = (PROV_DRBG_HMAC *)drbg->data) != NULL) {
360
430
        EVP_MAC_CTX_free(hmac->ctx);
361
430
        ossl_prov_digest_reset(&hmac->digest);
362
430
        OPENSSL_secure_clear_free(hmac, sizeof(*hmac));
363
430
    }
364
430
    ossl_rand_drbg_free(drbg);
365
430
}
366
367
#define drbg_hmac_get_ctx_params_st drbg_get_ctx_params_st
368
369
/* clang-format off */
370
/* Machine generated by util/perl/OpenSSL/paramnames.pm */
371
#ifndef drbg_hmac_get_ctx_params_list
372
static const OSSL_PARAM drbg_hmac_get_ctx_params_list[] = {
373
    OSSL_PARAM_utf8_string(OSSL_DRBG_PARAM_MAC, NULL, 0),
374
    OSSL_PARAM_utf8_string(OSSL_DRBG_PARAM_DIGEST, NULL, 0),
375
    OSSL_PARAM_int(OSSL_RAND_PARAM_STATE, NULL),
376
    OSSL_PARAM_uint(OSSL_RAND_PARAM_STRENGTH, NULL),
377
    OSSL_PARAM_size_t(OSSL_RAND_PARAM_MAX_REQUEST, NULL),
378
    OSSL_PARAM_size_t(OSSL_DRBG_PARAM_MIN_ENTROPYLEN, NULL),
379
    OSSL_PARAM_size_t(OSSL_DRBG_PARAM_MAX_ENTROPYLEN, NULL),
380
    OSSL_PARAM_size_t(OSSL_DRBG_PARAM_MIN_NONCELEN, NULL),
381
    OSSL_PARAM_size_t(OSSL_DRBG_PARAM_MAX_NONCELEN, NULL),
382
    OSSL_PARAM_size_t(OSSL_DRBG_PARAM_MAX_PERSLEN, NULL),
383
    OSSL_PARAM_size_t(OSSL_DRBG_PARAM_MAX_ADINLEN, NULL),
384
    OSSL_PARAM_uint(OSSL_DRBG_PARAM_RESEED_COUNTER, NULL),
385
    OSSL_PARAM_time_t(OSSL_DRBG_PARAM_RESEED_TIME, NULL),
386
    OSSL_PARAM_uint(OSSL_DRBG_PARAM_RESEED_REQUESTS, NULL),
387
    OSSL_PARAM_uint64(OSSL_DRBG_PARAM_RESEED_TIME_INTERVAL, NULL),
388
# if defined(FIPS_MODULE)
389
    OSSL_PARAM_int(OSSL_KDF_PARAM_FIPS_APPROVED_INDICATOR, NULL),
390
# endif
391
    OSSL_PARAM_END
392
};
393
#endif
394
395
#ifndef drbg_hmac_get_ctx_params_st
396
struct drbg_hmac_get_ctx_params_st {
397
    OSSL_PARAM *digest;
398
# if defined(FIPS_MODULE)
399
    OSSL_PARAM *ind;
400
# endif
401
    OSSL_PARAM *mac;
402
    OSSL_PARAM *maxadlen;
403
    OSSL_PARAM *maxentlen;
404
    OSSL_PARAM *maxnonlen;
405
    OSSL_PARAM *maxperlen;
406
    OSSL_PARAM *maxreq;
407
    OSSL_PARAM *minentlen;
408
    OSSL_PARAM *minnonlen;
409
    OSSL_PARAM *reseed_cnt;
410
    OSSL_PARAM *reseed_int;
411
    OSSL_PARAM *reseed_req;
412
    OSSL_PARAM *reseed_time;
413
    OSSL_PARAM *state;
414
    OSSL_PARAM *str;
415
};
416
#endif
417
418
#ifndef drbg_hmac_get_ctx_params_decoder
419
static int drbg_hmac_get_ctx_params_decoder
420
    (const OSSL_PARAM *p, struct drbg_hmac_get_ctx_params_st *r)
421
63
{
422
63
    const char *s;
423
424
63
    memset(r, 0, sizeof(*r));
425
63
    if (p != NULL)
426
126
        for (; (s = p->key) != NULL; p++)
427
63
            switch(s[0]) {
428
0
            default:
429
0
                break;
430
0
            case 'd':
431
0
                if (ossl_likely(strcmp("igest", s + 1) == 0)) {
432
                    /* OSSL_DRBG_PARAM_DIGEST */
433
0
                    if (ossl_unlikely(r->digest != NULL)) {
434
0
                        ERR_raise_data(ERR_LIB_PROV, PROV_R_REPEATED_PARAMETER,
435
0
                                       "param %s is repeated", s);
436
0
                        return 0;
437
0
                    }
438
0
                    r->digest = (OSSL_PARAM *)p;
439
0
                }
440
0
                break;
441
0
            case 'f':
442
# if defined(FIPS_MODULE)
443
                if (ossl_likely(strcmp("ips-indicator", s + 1) == 0)) {
444
                    /* OSSL_KDF_PARAM_FIPS_APPROVED_INDICATOR */
445
                    if (ossl_unlikely(r->ind != NULL)) {
446
                        ERR_raise_data(ERR_LIB_PROV, PROV_R_REPEATED_PARAMETER,
447
                                       "param %s is repeated", s);
448
                        return 0;
449
                    }
450
                    r->ind = (OSSL_PARAM *)p;
451
                }
452
# endif
453
0
                break;
454
63
            case 'm':
455
63
                switch(s[1]) {
456
0
                default:
457
0
                    break;
458
63
                case 'a':
459
63
                    switch(s[2]) {
460
0
                    default:
461
0
                        break;
462
0
                    case 'c':
463
0
                        switch(s[3]) {
464
0
                        default:
465
0
                            break;
466
0
                        case '\0':
467
0
                            if (ossl_unlikely(r->mac != NULL)) {
468
0
                                ERR_raise_data(ERR_LIB_PROV, PROV_R_REPEATED_PARAMETER,
469
0
                                               "param %s is repeated", s);
470
0
                                return 0;
471
0
                            }
472
0
                            r->mac = (OSSL_PARAM *)p;
473
0
                        }
474
0
                        break;
475
63
                    case 'x':
476
63
                        switch(s[3]) {
477
0
                        default:
478
0
                            break;
479
63
                        case '_':
480
63
                            switch(s[4]) {
481
0
                            default:
482
0
                                break;
483
0
                            case 'a':
484
0
                                if (ossl_likely(strcmp("dinlen", s + 5) == 0)) {
485
                                    /* OSSL_DRBG_PARAM_MAX_ADINLEN */
486
0
                                    if (ossl_unlikely(r->maxadlen != NULL)) {
487
0
                                        ERR_raise_data(ERR_LIB_PROV, PROV_R_REPEATED_PARAMETER,
488
0
                                                       "param %s is repeated", s);
489
0
                                        return 0;
490
0
                                    }
491
0
                                    r->maxadlen = (OSSL_PARAM *)p;
492
0
                                }
493
0
                                break;
494
0
                            case 'e':
495
0
                                if (ossl_likely(strcmp("ntropylen", s + 5) == 0)) {
496
                                    /* OSSL_DRBG_PARAM_MAX_ENTROPYLEN */
497
0
                                    if (ossl_unlikely(r->maxentlen != NULL)) {
498
0
                                        ERR_raise_data(ERR_LIB_PROV, PROV_R_REPEATED_PARAMETER,
499
0
                                                       "param %s is repeated", s);
500
0
                                        return 0;
501
0
                                    }
502
0
                                    r->maxentlen = (OSSL_PARAM *)p;
503
0
                                }
504
0
                                break;
505
0
                            case 'n':
506
0
                                if (ossl_likely(strcmp("oncelen", s + 5) == 0)) {
507
                                    /* OSSL_DRBG_PARAM_MAX_NONCELEN */
508
0
                                    if (ossl_unlikely(r->maxnonlen != NULL)) {
509
0
                                        ERR_raise_data(ERR_LIB_PROV, PROV_R_REPEATED_PARAMETER,
510
0
                                                       "param %s is repeated", s);
511
0
                                        return 0;
512
0
                                    }
513
0
                                    r->maxnonlen = (OSSL_PARAM *)p;
514
0
                                }
515
0
                                break;
516
0
                            case 'p':
517
0
                                if (ossl_likely(strcmp("erslen", s + 5) == 0)) {
518
                                    /* OSSL_DRBG_PARAM_MAX_PERSLEN */
519
0
                                    if (ossl_unlikely(r->maxperlen != NULL)) {
520
0
                                        ERR_raise_data(ERR_LIB_PROV, PROV_R_REPEATED_PARAMETER,
521
0
                                                       "param %s is repeated", s);
522
0
                                        return 0;
523
0
                                    }
524
0
                                    r->maxperlen = (OSSL_PARAM *)p;
525
0
                                }
526
0
                                break;
527
63
                            case 'r':
528
63
                                if (ossl_likely(strcmp("equest", s + 5) == 0)) {
529
                                    /* OSSL_RAND_PARAM_MAX_REQUEST */
530
63
                                    if (ossl_unlikely(r->maxreq != NULL)) {
531
0
                                        ERR_raise_data(ERR_LIB_PROV, PROV_R_REPEATED_PARAMETER,
532
0
                                                       "param %s is repeated", s);
533
0
                                        return 0;
534
0
                                    }
535
63
                                    r->maxreq = (OSSL_PARAM *)p;
536
63
                                }
537
63
                            }
538
63
                        }
539
63
                    }
540
63
                    break;
541
63
                case 'i':
542
0
                    switch(s[2]) {
543
0
                    default:
544
0
                        break;
545
0
                    case 'n':
546
0
                        switch(s[3]) {
547
0
                        default:
548
0
                            break;
549
0
                        case '_':
550
0
                            switch(s[4]) {
551
0
                            default:
552
0
                                break;
553
0
                            case 'e':
554
0
                                if (ossl_likely(strcmp("ntropylen", s + 5) == 0)) {
555
                                    /* OSSL_DRBG_PARAM_MIN_ENTROPYLEN */
556
0
                                    if (ossl_unlikely(r->minentlen != NULL)) {
557
0
                                        ERR_raise_data(ERR_LIB_PROV, PROV_R_REPEATED_PARAMETER,
558
0
                                                       "param %s is repeated", s);
559
0
                                        return 0;
560
0
                                    }
561
0
                                    r->minentlen = (OSSL_PARAM *)p;
562
0
                                }
563
0
                                break;
564
0
                            case 'n':
565
0
                                if (ossl_likely(strcmp("oncelen", s + 5) == 0)) {
566
                                    /* OSSL_DRBG_PARAM_MIN_NONCELEN */
567
0
                                    if (ossl_unlikely(r->minnonlen != NULL)) {
568
0
                                        ERR_raise_data(ERR_LIB_PROV, PROV_R_REPEATED_PARAMETER,
569
0
                                                       "param %s is repeated", s);
570
0
                                        return 0;
571
0
                                    }
572
0
                                    r->minnonlen = (OSSL_PARAM *)p;
573
0
                                }
574
0
                            }
575
0
                        }
576
0
                    }
577
63
                }
578
63
                break;
579
63
            case 'r':
580
0
                switch(s[1]) {
581
0
                default:
582
0
                    break;
583
0
                case 'e':
584
0
                    switch(s[2]) {
585
0
                    default:
586
0
                        break;
587
0
                    case 's':
588
0
                        switch(s[3]) {
589
0
                        default:
590
0
                            break;
591
0
                        case 'e':
592
0
                            switch(s[4]) {
593
0
                            default:
594
0
                                break;
595
0
                            case 'e':
596
0
                                switch(s[5]) {
597
0
                                default:
598
0
                                    break;
599
0
                                case 'd':
600
0
                                    switch(s[6]) {
601
0
                                    default:
602
0
                                        break;
603
0
                                    case '_':
604
0
                                        switch(s[7]) {
605
0
                                        default:
606
0
                                            break;
607
0
                                        case 'c':
608
0
                                            if (ossl_likely(strcmp("ounter", s + 8) == 0)) {
609
                                                /* OSSL_DRBG_PARAM_RESEED_COUNTER */
610
0
                                                if (ossl_unlikely(r->reseed_cnt != NULL)) {
611
0
                                                    ERR_raise_data(ERR_LIB_PROV, PROV_R_REPEATED_PARAMETER,
612
0
                                                                   "param %s is repeated", s);
613
0
                                                    return 0;
614
0
                                                }
615
0
                                                r->reseed_cnt = (OSSL_PARAM *)p;
616
0
                                            }
617
0
                                            break;
618
0
                                        case 'r':
619
0
                                            if (ossl_likely(strcmp("equests", s + 8) == 0)) {
620
                                                /* OSSL_DRBG_PARAM_RESEED_REQUESTS */
621
0
                                                if (ossl_unlikely(r->reseed_req != NULL)) {
622
0
                                                    ERR_raise_data(ERR_LIB_PROV, PROV_R_REPEATED_PARAMETER,
623
0
                                                                   "param %s is repeated", s);
624
0
                                                    return 0;
625
0
                                                }
626
0
                                                r->reseed_req = (OSSL_PARAM *)p;
627
0
                                            }
628
0
                                            break;
629
0
                                        case 't':
630
0
                                            switch(s[8]) {
631
0
                                            default:
632
0
                                                break;
633
0
                                            case 'i':
634
0
                                                switch(s[9]) {
635
0
                                                default:
636
0
                                                    break;
637
0
                                                case 'm':
638
0
                                                    switch(s[10]) {
639
0
                                                    default:
640
0
                                                        break;
641
0
                                                    case 'e':
642
0
                                                        switch(s[11]) {
643
0
                                                        default:
644
0
                                                            break;
645
0
                                                        case '_':
646
0
                                                            if (ossl_likely(strcmp("interval", s + 12) == 0)) {
647
                                                                /* OSSL_DRBG_PARAM_RESEED_TIME_INTERVAL */
648
0
                                                                if (ossl_unlikely(r->reseed_int != NULL)) {
649
0
                                                                    ERR_raise_data(ERR_LIB_PROV, PROV_R_REPEATED_PARAMETER,
650
0
                                                                                   "param %s is repeated", s);
651
0
                                                                    return 0;
652
0
                                                                }
653
0
                                                                r->reseed_int = (OSSL_PARAM *)p;
654
0
                                                            }
655
0
                                                            break;
656
0
                                                        case '\0':
657
0
                                                            if (ossl_unlikely(r->reseed_time != NULL)) {
658
0
                                                                ERR_raise_data(ERR_LIB_PROV, PROV_R_REPEATED_PARAMETER,
659
0
                                                                               "param %s is repeated", s);
660
0
                                                                return 0;
661
0
                                                            }
662
0
                                                            r->reseed_time = (OSSL_PARAM *)p;
663
0
                                                        }
664
0
                                                    }
665
0
                                                }
666
0
                                            }
667
0
                                        }
668
0
                                    }
669
0
                                }
670
0
                            }
671
0
                        }
672
0
                    }
673
0
                }
674
0
                break;
675
0
            case 's':
676
0
                switch(s[1]) {
677
0
                default:
678
0
                    break;
679
0
                case 't':
680
0
                    switch(s[2]) {
681
0
                    default:
682
0
                        break;
683
0
                    case 'a':
684
0
                        if (ossl_likely(strcmp("te", s + 3) == 0)) {
685
                            /* OSSL_RAND_PARAM_STATE */
686
0
                            if (ossl_unlikely(r->state != NULL)) {
687
0
                                ERR_raise_data(ERR_LIB_PROV, PROV_R_REPEATED_PARAMETER,
688
0
                                               "param %s is repeated", s);
689
0
                                return 0;
690
0
                            }
691
0
                            r->state = (OSSL_PARAM *)p;
692
0
                        }
693
0
                        break;
694
0
                    case 'r':
695
0
                        if (ossl_likely(strcmp("ength", s + 3) == 0)) {
696
                            /* OSSL_RAND_PARAM_STRENGTH */
697
0
                            if (ossl_unlikely(r->str != NULL)) {
698
0
                                ERR_raise_data(ERR_LIB_PROV, PROV_R_REPEATED_PARAMETER,
699
0
                                               "param %s is repeated", s);
700
0
                                return 0;
701
0
                            }
702
0
                            r->str = (OSSL_PARAM *)p;
703
0
                        }
704
0
                    }
705
0
                }
706
63
            }
707
63
    return 1;
708
63
}
709
#endif
710
/* End of machine generated */
711
/* clang-format on */
712
713
static int drbg_hmac_get_ctx_params(void *vdrbg, OSSL_PARAM params[])
714
63
{
715
63
    PROV_DRBG *drbg = (PROV_DRBG *)vdrbg;
716
63
    PROV_DRBG_HMAC *hmac;
717
63
    const char *name;
718
63
    const EVP_MD *md;
719
63
    struct drbg_get_ctx_params_st p;
720
63
    int ret = 0, complete = 0;
721
722
63
    if (drbg == NULL || !drbg_hmac_get_ctx_params_decoder(params, &p))
723
0
        return 0;
724
725
63
    if (!ossl_drbg_get_ctx_params_no_lock(drbg, &p, params, &complete))
726
0
        return 0;
727
728
63
    if (complete)
729
63
        return 1;
730
731
0
    hmac = (PROV_DRBG_HMAC *)drbg->data;
732
733
0
    if (drbg->lock != NULL && !CRYPTO_THREAD_read_lock(drbg->lock))
734
0
        return 0;
735
736
0
    if (p.mac != NULL) {
737
0
        if (hmac->ctx == NULL)
738
0
            goto err;
739
0
        name = EVP_MAC_get0_name(EVP_MAC_CTX_get0_mac(hmac->ctx));
740
0
        if (!OSSL_PARAM_set_utf8_string(p.mac, name))
741
0
            goto err;
742
0
    }
743
744
0
    if (p.digest != NULL) {
745
0
        md = ossl_prov_digest_md(&hmac->digest);
746
0
        if (md == NULL
747
0
            || !OSSL_PARAM_set_utf8_string(p.digest, EVP_MD_get0_name(md)))
748
0
            goto err;
749
0
    }
750
751
0
    ret = ossl_drbg_get_ctx_params(drbg, &p);
752
0
err:
753
0
    if (drbg->lock != NULL)
754
0
        CRYPTO_THREAD_unlock(drbg->lock);
755
756
0
    return ret;
757
0
}
758
759
static const OSSL_PARAM *drbg_hmac_gettable_ctx_params(ossl_unused void *vctx,
760
    ossl_unused void *p_ctx)
761
0
{
762
0
    return drbg_hmac_get_ctx_params_list;
763
0
}
764
765
static int drbg_fetch_algs_from_prov(const struct drbg_set_ctx_params_st *p,
766
    OSSL_LIB_CTX *libctx,
767
    EVP_MAC_CTX **macctx,
768
    EVP_MD **digest)
769
113
{
770
113
    OSSL_PROVIDER *prov = NULL;
771
113
    EVP_MD *md = NULL;
772
113
    EVP_MAC *mac = NULL;
773
113
    int ret = 0;
774
775
113
    if (macctx == NULL || digest == NULL)
776
0
        return 0;
777
778
113
    if (p->prov == NULL || p->prov->data_type != OSSL_PARAM_UTF8_STRING)
779
0
        return 0;
780
113
    if ((prov = ossl_provider_find(libctx, (const char *)p->prov->data, 1)) == NULL)
781
96
        return 0;
782
783
17
    if (p->digest != NULL) {
784
17
        if (p->digest->data_type != OSSL_PARAM_UTF8_STRING)
785
0
            goto done;
786
787
17
        md = evp_digest_fetch_from_prov(prov, (const char *)p->digest->data, NULL);
788
17
        if (md) {
789
9
            EVP_MD_free(*digest);
790
9
            *digest = md;
791
9
        } else {
792
8
            goto done;
793
8
        }
794
17
    }
795
796
9
    if (p->mac == NULL) {
797
0
        ret = 1;
798
0
        goto done;
799
0
    }
800
801
9
    if (p->mac->data_type != OSSL_PARAM_UTF8_STRING)
802
0
        goto done;
803
804
9
    EVP_MAC_CTX_free(*macctx);
805
9
    *macctx = NULL;
806
807
9
    mac = evp_mac_fetch_from_prov(prov, (const char *)p->mac->data, NULL);
808
9
    if (mac) {
809
8
        *macctx = EVP_MAC_CTX_new(mac);
810
        /* The context holds on to the MAC */
811
8
        EVP_MAC_free(mac);
812
8
        ret = 1;
813
8
    }
814
815
17
done:
816
17
    ossl_provider_free(prov);
817
17
    return ret;
818
9
}
819
820
static int drbg_hmac_set_ctx_params_locked(PROV_DRBG *ctx, const struct drbg_set_ctx_params_st *p)
821
113
{
822
113
    PROV_DRBG_HMAC *hmac = (PROV_DRBG_HMAC *)ctx->data;
823
113
    OSSL_LIB_CTX *libctx = PROV_LIBCTX_OF(ctx->provctx);
824
113
    EVP_MD *prov_md = NULL;
825
113
    const EVP_MD *md;
826
113
    int md_size;
827
828
113
    if (!OSSL_FIPS_IND_SET_CTX_FROM_PARAM(ctx, OSSL_FIPS_IND_SETTABLE0, p->ind_d))
829
0
        return 0;
830
831
    /* try to fetch mac and digest from provider */
832
113
    (void)ERR_set_mark();
833
113
    if (!drbg_fetch_algs_from_prov(p, libctx, &hmac->ctx, &prov_md)) {
834
105
        (void)ERR_pop_to_mark();
835
        /* fall back to full implementation search */
836
105
        if (!ossl_prov_digest_load(&hmac->digest, p->digest, p->propq,
837
105
                p->engine, libctx))
838
27
            return 0;
839
840
78
        if (!ossl_prov_macctx_load(&hmac->ctx, p->mac, NULL, p->digest,
841
78
                p->propq, p->engine,
842
78
                NULL, NULL, NULL, libctx))
843
19
            return 0;
844
78
    } else {
845
8
        (void)ERR_clear_last_mark();
846
8
        if (prov_md)
847
8
            ossl_prov_digest_set_md(&hmac->digest, prov_md);
848
8
        if (!ossl_prov_macctx_load(&hmac->ctx, p->mac, NULL, p->digest,
849
8
                p->propq, p->engine,
850
8
                NULL, NULL, NULL, libctx))
851
1
            return 0;
852
8
    }
853
854
66
    md = ossl_prov_digest_md(&hmac->digest);
855
66
    if (md != NULL && !ossl_drbg_verify_digest(ctx, libctx, md))
856
2
        return 0; /* Error already raised for us */
857
858
64
    if (md != NULL && hmac->ctx != NULL) {
859
        /* These are taken from SP 800-90 10.1 Table 2 */
860
64
        md_size = EVP_MD_get_size(md);
861
64
        if (md_size <= 0)
862
1
            return 0;
863
63
        hmac->blocklen = (size_t)md_size;
864
        /* See SP800-57 Part1 Rev4 5.6.1 Table 3 */
865
63
        ctx->strength = 64 * (int)(hmac->blocklen >> 3);
866
63
        if (ctx->strength > 256)
867
8
            ctx->strength = 256;
868
63
        ctx->seedlen = hmac->blocklen;
869
63
        ctx->min_entropylen = ctx->strength / 8;
870
63
        ctx->min_noncelen = ctx->min_entropylen / 2;
871
63
    }
872
873
63
    return ossl_drbg_set_ctx_params(ctx, p);
874
64
}
875
876
#define drbg_hmac_set_ctx_params_st drbg_set_ctx_params_st
877
878
/* clang-format off */
879
/* Machine generated by util/perl/OpenSSL/paramnames.pm */
880
#ifndef drbg_hmac_set_ctx_params_list
881
static const OSSL_PARAM drbg_hmac_set_ctx_params_list[] = {
882
    OSSL_PARAM_utf8_string(OSSL_DRBG_PARAM_PROPERTIES, NULL, 0),
883
    OSSL_PARAM_utf8_string(OSSL_DRBG_PARAM_DIGEST, NULL, 0),
884
    OSSL_PARAM_utf8_string(OSSL_DRBG_PARAM_MAC, NULL, 0),
885
    OSSL_PARAM_utf8_string(OSSL_PROV_PARAM_CORE_PROV_NAME, NULL, 0),
886
    OSSL_PARAM_uint(OSSL_DRBG_PARAM_RESEED_REQUESTS, NULL),
887
    OSSL_PARAM_uint64(OSSL_DRBG_PARAM_RESEED_TIME_INTERVAL, NULL),
888
# if defined(FIPS_MODULE)
889
    OSSL_PARAM_int(OSSL_KDF_PARAM_FIPS_DIGEST_CHECK, NULL),
890
# endif
891
    OSSL_PARAM_END
892
};
893
#endif
894
895
#ifndef drbg_hmac_set_ctx_params_st
896
struct drbg_hmac_set_ctx_params_st {
897
    OSSL_PARAM *digest;
898
    OSSL_PARAM *engine;
899
# if defined(FIPS_MODULE)
900
    OSSL_PARAM *ind_d;
901
# endif
902
    OSSL_PARAM *mac;
903
    OSSL_PARAM *propq;
904
    OSSL_PARAM *prov;
905
    OSSL_PARAM *reseed_req;
906
    OSSL_PARAM *reseed_time;
907
};
908
#endif
909
910
#ifndef drbg_hmac_set_ctx_params_decoder
911
static int drbg_hmac_set_ctx_params_decoder
912
    (const OSSL_PARAM *p, struct drbg_hmac_set_ctx_params_st *r)
913
113
{
914
113
    const char *s;
915
916
113
    memset(r, 0, sizeof(*r));
917
113
    if (p != NULL)
918
791
        for (; (s = p->key) != NULL; p++)
919
678
            switch(s[0]) {
920
0
            default:
921
0
                break;
922
113
            case 'd':
923
113
                switch(s[1]) {
924
0
                default:
925
0
                    break;
926
113
                case 'i':
927
113
                    switch(s[2]) {
928
0
                    default:
929
0
                        break;
930
113
                    case 'g':
931
113
                        switch(s[3]) {
932
0
                        default:
933
0
                            break;
934
113
                        case 'e':
935
113
                            switch(s[4]) {
936
0
                            default:
937
0
                                break;
938
113
                            case 's':
939
113
                                switch(s[5]) {
940
0
                                default:
941
0
                                    break;
942
113
                                case 't':
943
113
                                    switch(s[6]) {
944
0
                                    default:
945
0
                                        break;
946
0
                                    case '-':
947
# if defined(FIPS_MODULE)
948
                                        if (ossl_likely(strcmp("check", s + 7) == 0)) {
949
                                            /* OSSL_KDF_PARAM_FIPS_DIGEST_CHECK */
950
                                            if (ossl_unlikely(r->ind_d != NULL)) {
951
                                                ERR_raise_data(ERR_LIB_PROV, PROV_R_REPEATED_PARAMETER,
952
                                                               "param %s is repeated", s);
953
                                                return 0;
954
                                            }
955
                                            r->ind_d = (OSSL_PARAM *)p;
956
                                        }
957
# endif
958
0
                                        break;
959
113
                                    case '\0':
960
113
                                        if (ossl_unlikely(r->digest != NULL)) {
961
0
                                            ERR_raise_data(ERR_LIB_PROV, PROV_R_REPEATED_PARAMETER,
962
0
                                                           "param %s is repeated", s);
963
0
                                            return 0;
964
0
                                        }
965
113
                                        r->digest = (OSSL_PARAM *)p;
966
113
                                    }
967
113
                                }
968
113
                            }
969
113
                        }
970
113
                    }
971
113
                }
972
113
                break;
973
113
            case 'e':
974
0
                if (ossl_likely(strcmp("ngine", s + 1) == 0)) {
975
                    /* OSSL_ALG_PARAM_ENGINE */
976
0
                    if (ossl_unlikely(r->engine != NULL)) {
977
0
                        ERR_raise_data(ERR_LIB_PROV, PROV_R_REPEATED_PARAMETER,
978
0
                                       "param %s is repeated", s);
979
0
                        return 0;
980
0
                    }
981
0
                    r->engine = (OSSL_PARAM *)p;
982
0
                }
983
0
                break;
984
113
            case 'm':
985
113
                if (ossl_likely(strcmp("ac", s + 1) == 0)) {
986
                    /* OSSL_DRBG_PARAM_MAC */
987
113
                    if (ossl_unlikely(r->mac != NULL)) {
988
0
                        ERR_raise_data(ERR_LIB_PROV, PROV_R_REPEATED_PARAMETER,
989
0
                                       "param %s is repeated", s);
990
0
                        return 0;
991
0
                    }
992
113
                    r->mac = (OSSL_PARAM *)p;
993
113
                }
994
113
                break;
995
226
            case 'p':
996
226
                switch(s[1]) {
997
0
                default:
998
0
                    break;
999
226
                case 'r':
1000
226
                    switch(s[2]) {
1001
0
                    default:
1002
0
                        break;
1003
226
                    case 'o':
1004
226
                        switch(s[3]) {
1005
0
                        default:
1006
0
                            break;
1007
113
                        case 'p':
1008
113
                            if (ossl_likely(strcmp("erties", s + 4) == 0)) {
1009
                                /* OSSL_DRBG_PARAM_PROPERTIES */
1010
113
                                if (ossl_unlikely(r->propq != NULL)) {
1011
0
                                    ERR_raise_data(ERR_LIB_PROV, PROV_R_REPEATED_PARAMETER,
1012
0
                                                   "param %s is repeated", s);
1013
0
                                    return 0;
1014
0
                                }
1015
113
                                r->propq = (OSSL_PARAM *)p;
1016
113
                            }
1017
113
                            break;
1018
113
                        case 'v':
1019
113
                            if (ossl_likely(strcmp("ider-name", s + 4) == 0)) {
1020
                                /* OSSL_PROV_PARAM_CORE_PROV_NAME */
1021
113
                                if (ossl_unlikely(r->prov != NULL)) {
1022
0
                                    ERR_raise_data(ERR_LIB_PROV, PROV_R_REPEATED_PARAMETER,
1023
0
                                                   "param %s is repeated", s);
1024
0
                                    return 0;
1025
0
                                }
1026
113
                                r->prov = (OSSL_PARAM *)p;
1027
113
                            }
1028
226
                        }
1029
226
                    }
1030
226
                }
1031
226
                break;
1032
226
            case 'r':
1033
226
                switch(s[1]) {
1034
0
                default:
1035
0
                    break;
1036
226
                case 'e':
1037
226
                    switch(s[2]) {
1038
0
                    default:
1039
0
                        break;
1040
226
                    case 's':
1041
226
                        switch(s[3]) {
1042
0
                        default:
1043
0
                            break;
1044
226
                        case 'e':
1045
226
                            switch(s[4]) {
1046
0
                            default:
1047
0
                                break;
1048
226
                            case 'e':
1049
226
                                switch(s[5]) {
1050
0
                                default:
1051
0
                                    break;
1052
226
                                case 'd':
1053
226
                                    switch(s[6]) {
1054
0
                                    default:
1055
0
                                        break;
1056
226
                                    case '_':
1057
226
                                        switch(s[7]) {
1058
0
                                        default:
1059
0
                                            break;
1060
113
                                        case 'r':
1061
113
                                            if (ossl_likely(strcmp("equests", s + 8) == 0)) {
1062
                                                /* OSSL_DRBG_PARAM_RESEED_REQUESTS */
1063
113
                                                if (ossl_unlikely(r->reseed_req != NULL)) {
1064
0
                                                    ERR_raise_data(ERR_LIB_PROV, PROV_R_REPEATED_PARAMETER,
1065
0
                                                                   "param %s is repeated", s);
1066
0
                                                    return 0;
1067
0
                                                }
1068
113
                                                r->reseed_req = (OSSL_PARAM *)p;
1069
113
                                            }
1070
113
                                            break;
1071
113
                                        case 't':
1072
113
                                            if (ossl_likely(strcmp("ime_interval", s + 8) == 0)) {
1073
                                                /* OSSL_DRBG_PARAM_RESEED_TIME_INTERVAL */
1074
113
                                                if (ossl_unlikely(r->reseed_time != NULL)) {
1075
0
                                                    ERR_raise_data(ERR_LIB_PROV, PROV_R_REPEATED_PARAMETER,
1076
0
                                                                   "param %s is repeated", s);
1077
0
                                                    return 0;
1078
0
                                                }
1079
113
                                                r->reseed_time = (OSSL_PARAM *)p;
1080
113
                                            }
1081
226
                                        }
1082
226
                                    }
1083
226
                                }
1084
226
                            }
1085
226
                        }
1086
226
                    }
1087
226
                }
1088
678
            }
1089
113
    return 1;
1090
113
}
1091
#endif
1092
/* End of machine generated */
1093
/* clang-format on */
1094
1095
static int drbg_hmac_set_ctx_params(void *vctx, const OSSL_PARAM params[])
1096
274
{
1097
274
    PROV_DRBG *drbg = (PROV_DRBG *)vctx;
1098
274
    struct drbg_set_ctx_params_st p;
1099
274
    int ret;
1100
1101
274
    if (drbg == NULL || !drbg_hmac_set_ctx_params_decoder(params, &p))
1102
0
        return 0;
1103
1104
274
    if (drbg->lock != NULL && !CRYPTO_THREAD_write_lock(drbg->lock))
1105
0
        return 0;
1106
1107
274
    ret = drbg_hmac_set_ctx_params_locked(drbg, &p);
1108
1109
274
    if (drbg->lock != NULL)
1110
0
        CRYPTO_THREAD_unlock(drbg->lock);
1111
1112
274
    return ret;
1113
274
}
1114
1115
static const OSSL_PARAM *drbg_hmac_settable_ctx_params(ossl_unused void *vctx,
1116
    ossl_unused void *p_ctx)
1117
430
{
1118
430
    return drbg_hmac_set_ctx_params_list;
1119
430
}
1120
1121
const OSSL_DISPATCH ossl_drbg_ossl_hmac_functions[] = {
1122
    { OSSL_FUNC_RAND_NEWCTX, (void (*)(void))drbg_hmac_new_wrapper },
1123
    { OSSL_FUNC_RAND_FREECTX, (void (*)(void))drbg_hmac_free },
1124
    { OSSL_FUNC_RAND_INSTANTIATE,
1125
        (void (*)(void))drbg_hmac_instantiate_wrapper },
1126
    { OSSL_FUNC_RAND_UNINSTANTIATE,
1127
        (void (*)(void))drbg_hmac_uninstantiate_wrapper },
1128
    { OSSL_FUNC_RAND_GENERATE, (void (*)(void))drbg_hmac_generate_wrapper },
1129
    { OSSL_FUNC_RAND_RESEED, (void (*)(void))drbg_hmac_reseed_wrapper },
1130
    { OSSL_FUNC_RAND_ENABLE_LOCKING, (void (*)(void))ossl_drbg_enable_locking },
1131
    { OSSL_FUNC_RAND_LOCK, (void (*)(void))ossl_drbg_lock },
1132
    { OSSL_FUNC_RAND_UNLOCK, (void (*)(void))ossl_drbg_unlock },
1133
    { OSSL_FUNC_RAND_SETTABLE_CTX_PARAMS,
1134
        (void (*)(void))drbg_hmac_settable_ctx_params },
1135
    { OSSL_FUNC_RAND_SET_CTX_PARAMS, (void (*)(void))drbg_hmac_set_ctx_params },
1136
    { OSSL_FUNC_RAND_GETTABLE_CTX_PARAMS,
1137
        (void (*)(void))drbg_hmac_gettable_ctx_params },
1138
    { OSSL_FUNC_RAND_GET_CTX_PARAMS, (void (*)(void))drbg_hmac_get_ctx_params },
1139
    { OSSL_FUNC_RAND_VERIFY_ZEROIZATION,
1140
        (void (*)(void))drbg_hmac_verify_zeroization },
1141
    { OSSL_FUNC_RAND_GET_SEED, (void (*)(void))ossl_drbg_get_seed },
1142
    { OSSL_FUNC_RAND_CLEAR_SEED, (void (*)(void))ossl_drbg_clear_seed },
1143
    OSSL_DISPATCH_END
1144
};