/src/openssl34/crypto/rand/prov_seed.c

Source
/*
 * Copyright 2020-2023 The OpenSSL Project Authors. All Rights Reserved.
 *
 * Licensed under the Apache License 2.0 (the "License").  You may not use
 * this file except in compliance with the License.  You can obtain a copy
 * in the file LICENSE in the source distribution or at
 * https://www.openssl.org/source/license.html
 */

#include "rand_local.h"
#include "crypto/evp.h"
#include "crypto/rand.h"
#include "crypto/rand_pool.h"
#include "internal/core.h"
#include <openssl/core_dispatch.h>
#include <openssl/err.h>

size_t ossl_rand_get_entropy(ossl_unused OSSL_LIB_CTX *ctx,
    unsigned char **pout, int entropy,
    size_t min_len, size_t max_len)
{
    size_t ret = 0;
    size_t entropy_available;
    RAND_POOL *pool;

    pool = ossl_rand_pool_new(entropy, 1, min_len, max_len);
    if (pool == NULL) {
        ERR_raise(ERR_LIB_RAND, ERR_R_RAND_LIB);
        return 0;
    }

    /* Get entropy by polling system entropy sources. */
    entropy_available = ossl_pool_acquire_entropy(pool);

    if (entropy_available > 0) {
        ret = ossl_rand_pool_length(pool);
        *pout = ossl_rand_pool_detach(pool);
    }

    ossl_rand_pool_free(pool);
    return ret;
}

size_t ossl_rand_get_user_entropy(OSSL_LIB_CTX *ctx,
    unsigned char **pout, int entropy,
    size_t min_len, size_t max_len)
{
    EVP_RAND_CTX *rng = ossl_rand_get0_seed_noncreating(ctx);

    if (rng != NULL && evp_rand_can_seed(rng))
        return evp_rand_get_seed(rng, pout, entropy, min_len, max_len,
            0, NULL, 0);
    else
        return ossl_rand_get_entropy(ctx, pout, entropy, min_len, max_len);
}

void ossl_rand_cleanup_entropy(ossl_unused OSSL_LIB_CTX *ctx,
    unsigned char *buf, size_t len)
{
    OPENSSL_secure_clear_free(buf, len);
}

void ossl_rand_cleanup_user_entropy(OSSL_LIB_CTX *ctx,
    unsigned char *buf, size_t len)
{
    EVP_RAND_CTX *rng = ossl_rand_get0_seed_noncreating(ctx);

    if (rng != NULL && evp_rand_can_seed(rng))
        evp_rand_clear_seed(rng, buf, len);
    else
        OPENSSL_secure_clear_free(buf, len);
}

size_t ossl_rand_get_nonce(ossl_unused OSSL_LIB_CTX *ctx,
    unsigned char **pout,
    size_t min_len, ossl_unused size_t max_len,
    const void *salt, size_t salt_len)
{
    size_t ret = 0;
    RAND_POOL *pool;

    pool = ossl_rand_pool_new(0, 0, min_len, max_len);
    if (pool == NULL) {
        ERR_raise(ERR_LIB_RAND, ERR_R_RAND_LIB);
        return 0;
    }

    if (!ossl_pool_add_nonce_data(pool))
        goto err;

    if (salt != NULL && !ossl_rand_pool_add(pool, salt, salt_len, 0))
        goto err;
    ret = ossl_rand_pool_length(pool);
    *pout = ossl_rand_pool_detach(pool);
err:
    ossl_rand_pool_free(pool);
    return ret;
}

size_t ossl_rand_get_user_nonce(OSSL_LIB_CTX *ctx,
    unsigned char **pout,
    size_t min_len, size_t max_len,
    const void *salt, size_t salt_len)
{
    unsigned char *buf;
    EVP_RAND_CTX *rng = ossl_rand_get0_seed_noncreating(ctx);

    if (rng == NULL)
        return ossl_rand_get_nonce(ctx, pout, min_len, max_len, salt, salt_len);

    if ((buf = OPENSSL_malloc(min_len)) == NULL)
        return 0;

    if (!EVP_RAND_generate(rng, buf, min_len, 0, 0, salt, salt_len)) {
        OPENSSL_free(buf);
        return 0;
    }
    *pout = buf;
    return min_len;
}

void ossl_rand_cleanup_nonce(ossl_unused OSSL_LIB_CTX *ctx,
    unsigned char *buf, size_t len)
{
    OPENSSL_clear_free(buf, len);
}

void ossl_rand_cleanup_user_nonce(ossl_unused OSSL_LIB_CTX *ctx,
    unsigned char *buf, size_t len)
{
    OPENSSL_clear_free(buf, len);
}

Line	Count	Source
1		/*
2		* Copyright 2020-2023 The OpenSSL Project Authors. All Rights Reserved.
3		*
4		* Licensed under the Apache License 2.0 (the "License"). You may not use
5		* this file except in compliance with the License. You can obtain a copy
6		* in the file LICENSE in the source distribution or at
7		* https://www.openssl.org/source/license.html
8		*/
9
10		#include "rand_local.h"
11		#include "crypto/evp.h"
12		#include "crypto/rand.h"
13		#include "crypto/rand_pool.h"
14		#include "internal/core.h"
15		#include <openssl/core_dispatch.h>
16		#include <openssl/err.h>
17
18		size_t ossl_rand_get_entropy(ossl_unused OSSL_LIB_CTX *ctx,
19		unsigned char **pout, int entropy,
20		size_t min_len, size_t max_len)
21	1.02k	{
22	1.02k	size_t ret = 0;
23	1.02k	size_t entropy_available;
24	1.02k	RAND_POOL *pool;
25
26	1.02k	pool = ossl_rand_pool_new(entropy, 1, min_len, max_len);
27	1.02k	if (pool == NULL) {
28	0	ERR_raise(ERR_LIB_RAND, ERR_R_RAND_LIB);
29	0	return 0;
30	0	}
31
32		/* Get entropy by polling system entropy sources. */
33	1.02k	entropy_available = ossl_pool_acquire_entropy(pool);
34
35	1.02k	if (entropy_available > 0) {
36	1.02k	ret = ossl_rand_pool_length(pool);
37	1.02k	*pout = ossl_rand_pool_detach(pool);
38	1.02k	}
39
40	1.02k	ossl_rand_pool_free(pool);
41	1.02k	return ret;
42	1.02k	}
43
44		size_t ossl_rand_get_user_entropy(OSSL_LIB_CTX *ctx,
45		unsigned char **pout, int entropy,
46		size_t min_len, size_t max_len)
47	1.31k	{
48	1.31k	EVP_RAND_CTX *rng = ossl_rand_get0_seed_noncreating(ctx);
49
50	1.31k	if (rng != NULL && evp_rand_can_seed(rng))
51	294	return evp_rand_get_seed(rng, pout, entropy, min_len, max_len,
52	294	0, NULL, 0);
53	1.02k	else
54	1.02k	return ossl_rand_get_entropy(ctx, pout, entropy, min_len, max_len);
55	1.31k	}
56
57		void ossl_rand_cleanup_entropy(ossl_unused OSSL_LIB_CTX *ctx,
58		unsigned char *buf, size_t len)
59	0	{
60	0	OPENSSL_secure_clear_free(buf, len);
61	0	}
62
63		void ossl_rand_cleanup_user_entropy(OSSL_LIB_CTX *ctx,
64		unsigned char *buf, size_t len)
65	1.31k	{
66	1.31k	EVP_RAND_CTX *rng = ossl_rand_get0_seed_noncreating(ctx);
67
68	1.31k	if (rng != NULL && evp_rand_can_seed(rng))
69	294	evp_rand_clear_seed(rng, buf, len);
70	1.02k	else
71	1.02k	OPENSSL_secure_clear_free(buf, len);
72	1.31k	}
73
74		size_t ossl_rand_get_nonce(ossl_unused OSSL_LIB_CTX *ctx,
75		unsigned char **pout,
76		size_t min_len, ossl_unused size_t max_len,
77		const void *salt, size_t salt_len)
78	504	{
79	504	size_t ret = 0;
80	504	RAND_POOL *pool;
81
82	504	pool = ossl_rand_pool_new(0, 0, min_len, max_len);
83	504	if (pool == NULL) {
84	0	ERR_raise(ERR_LIB_RAND, ERR_R_RAND_LIB);
85	0	return 0;
86	0	}
87
88	504	if (!ossl_pool_add_nonce_data(pool))
89	0	goto err;
90
91	504	if (salt != NULL && !ossl_rand_pool_add(pool, salt, salt_len, 0))
92	0	goto err;
93	504	ret = ossl_rand_pool_length(pool);
94	504	*pout = ossl_rand_pool_detach(pool);
95	504	err:
96	504	ossl_rand_pool_free(pool);
97	504	return ret;
98	504	}
99
100		size_t ossl_rand_get_user_nonce(OSSL_LIB_CTX *ctx,
101		unsigned char **pout,
102		size_t min_len, size_t max_len,
103		const void *salt, size_t salt_len)
104	644	{
105	644	unsigned char *buf;
106	644	EVP_RAND_CTX *rng = ossl_rand_get0_seed_noncreating(ctx);
107
108	644	if (rng == NULL)
109	504	return ossl_rand_get_nonce(ctx, pout, min_len, max_len, salt, salt_len);
110
111	140	if ((buf = OPENSSL_malloc(min_len)) == NULL)
112	0	return 0;
113
114	140	if (!EVP_RAND_generate(rng, buf, min_len, 0, 0, salt, salt_len)) {
115	0	OPENSSL_free(buf);
116	0	return 0;
117	0	}
118	140	*pout = buf;
119	140	return min_len;
120	140	}
121
122		void ossl_rand_cleanup_nonce(ossl_unused OSSL_LIB_CTX *ctx,
123		unsigned char *buf, size_t len)
124	0	{
125	0	OPENSSL_clear_free(buf, len);
126	0	}
127
128		void ossl_rand_cleanup_user_nonce(ossl_unused OSSL_LIB_CTX *ctx,
129		unsigned char *buf, size_t len)
130	644	{
131	644	OPENSSL_clear_free(buf, len);
132	644	}

Coverage Report

Created: 2026-05-24 07:14