Coverage Report

Created: 2025-08-25 06:30

/src/openssl/providers/implementations/rands/drbg_hmac.c
Line
Count
Source (jump to first uncovered line)
1
/*
2
 * Copyright 2011-2025 The OpenSSL Project Authors. All Rights Reserved.
3
 *
4
 * Licensed under the Apache License 2.0 (the "License").  You may not use
5
 * this file except in compliance with the License.  You can obtain a copy
6
 * in the file LICENSE in the source distribution or at
7
 * https://www.openssl.org/source/license.html
8
 */
9
10
11
#include <stdlib.h>
12
#include <string.h>
13
#include <openssl/crypto.h>
14
#include <openssl/err.h>
15
#include <openssl/rand.h>
16
#include <openssl/proverr.h>
17
#include "internal/cryptlib.h"
18
#include "internal/thread_once.h"
19
#include "prov/providercommon.h"
20
#include "prov/implementations.h"
21
#include "prov/provider_ctx.h"
22
#include "prov/hmac_drbg.h"
23
#include "prov/drbg.h"
24
#include "crypto/evp.h"
25
#include "crypto/evp/evp_local.h"
26
#include "internal/provider.h"
27
28
static OSSL_FUNC_rand_newctx_fn drbg_hmac_new_wrapper;
29
static OSSL_FUNC_rand_freectx_fn drbg_hmac_free;
30
static OSSL_FUNC_rand_instantiate_fn drbg_hmac_instantiate_wrapper;
31
static OSSL_FUNC_rand_uninstantiate_fn drbg_hmac_uninstantiate_wrapper;
32
static OSSL_FUNC_rand_generate_fn drbg_hmac_generate_wrapper;
33
static OSSL_FUNC_rand_reseed_fn drbg_hmac_reseed_wrapper;
34
static OSSL_FUNC_rand_settable_ctx_params_fn drbg_hmac_settable_ctx_params;
35
static OSSL_FUNC_rand_set_ctx_params_fn drbg_hmac_set_ctx_params;
36
static OSSL_FUNC_rand_gettable_ctx_params_fn drbg_hmac_gettable_ctx_params;
37
static OSSL_FUNC_rand_get_ctx_params_fn drbg_hmac_get_ctx_params;
38
static OSSL_FUNC_rand_verify_zeroization_fn drbg_hmac_verify_zeroization;
39
40
static int drbg_hmac_set_ctx_params_locked
41
        (PROV_DRBG *drbg, const struct drbg_set_ctx_params_st *p);
42
static int drbg_hmac_set_ctx_params_decoder(const OSSL_PARAM params[],
43
                                            struct drbg_set_ctx_params_st *p);
44
45
/*
46
 * Called twice by SP800-90Ar1 10.1.2.2 HMAC_DRBG_Update_Process.
47
 *
48
 * hmac is an object that holds the input/output Key and Value (K and V).
49
 * inbyte is 0x00 on the first call and 0x01 on the second call.
50
 * in1, in2, in3 are optional inputs that can be NULL.
51
 * in1len, in2len, in3len are the lengths of the input buffers.
52
 *
53
 * The returned K,V is:
54
 *   hmac->K = HMAC(hmac->K, hmac->V || inbyte || [in1] || [in2] || [in3])
55
 *   hmac->V = HMAC(hmac->K, hmac->V)
56
 *
57
 * Returns zero if an error occurs otherwise it returns 1.
58
 */
59
static int do_hmac(PROV_DRBG_HMAC *hmac, unsigned char inbyte,
60
                   const unsigned char *in1, size_t in1len,
61
                   const unsigned char *in2, size_t in2len,
62
                   const unsigned char *in3, size_t in3len)
63
0
{
64
0
    EVP_MAC_CTX *ctx = hmac->ctx;
65
66
0
    if (!EVP_MAC_init(ctx, hmac->K, hmac->blocklen, NULL)
67
            /* K = HMAC(K, V || inbyte || [in1] || [in2] || [in3]) */
68
0
            || !EVP_MAC_update(ctx, hmac->V, hmac->blocklen)
69
0
            || !EVP_MAC_update(ctx, &inbyte, 1)
70
0
            || !(in1 == NULL || in1len == 0 || EVP_MAC_update(ctx, in1, in1len))
71
0
            || !(in2 == NULL || in2len == 0 || EVP_MAC_update(ctx, in2, in2len))
72
0
            || !(in3 == NULL || in3len == 0 || EVP_MAC_update(ctx, in3, in3len))
73
0
            || !EVP_MAC_final(ctx, hmac->K, NULL, sizeof(hmac->K)))
74
0
        return 0;
75
76
   /* V = HMAC(K, V) */
77
0
    return EVP_MAC_init(ctx, hmac->K, hmac->blocklen, NULL)
78
0
           && EVP_MAC_update(ctx, hmac->V, hmac->blocklen)
79
0
           && EVP_MAC_final(ctx, hmac->V, NULL, sizeof(hmac->V));
80
0
}
81
82
/*
83
 * SP800-90Ar1 10.1.2.2 HMAC_DRBG_Update_Process
84
 *
85
 *
86
 * Updates the drbg objects Key(K) and Value(V) using the following algorithm:
87
 *   K,V = do_hmac(hmac, 0, in1, in2, in3)
88
 *   if (any input is not NULL)
89
 *     K,V = do_hmac(hmac, 1, in1, in2, in3)
90
 *
91
 * where in1, in2, in3 are optional input buffers that can be NULL.
92
 *       in1len, in2len, in3len are the lengths of the input buffers.
93
 *
94
 * Returns zero if an error occurs otherwise it returns 1.
95
 */
96
static int drbg_hmac_update(PROV_DRBG_HMAC *hmac,
97
                            const unsigned char *in1, size_t in1len,
98
                            const unsigned char *in2, size_t in2len,
99
                            const unsigned char *in3, size_t in3len)
100
0
{
101
    /* (Steps 1-2) K = HMAC(K, V||0x00||provided_data). V = HMAC(K,V) */
102
0
    if (!do_hmac(hmac, 0x00, in1, in1len, in2, in2len, in3, in3len))
103
0
        return 0;
104
    /* (Step 3) If provided_data == NULL then return (K,V) */
105
0
    if (in1len == 0 && in2len == 0 && in3len == 0)
106
0
        return 1;
107
    /* (Steps 4-5) K = HMAC(K, V||0x01||provided_data). V = HMAC(K,V) */
108
0
    return do_hmac(hmac, 0x01, in1, in1len, in2, in2len, in3, in3len);
109
0
}
110
111
/*
112
 * SP800-90Ar1 10.1.2.3 HMAC_DRBG_Instantiate_Process:
113
 *
114
 * This sets the drbg Key (K) to all zeros, and Value (V) to all 1's.
115
 * and then calls (K,V) = drbg_hmac_update() with input parameters:
116
 *   ent = entropy data (Can be NULL) of length ent_len.
117
 *   nonce = nonce data (Can be NULL) of length nonce_len.
118
 *   pstr = personalization data (Can be NULL) of length pstr_len.
119
 *
120
 * Returns zero if an error occurs otherwise it returns 1.
121
 */
122
int ossl_drbg_hmac_init(PROV_DRBG_HMAC *hmac,
123
                        const unsigned char *ent, size_t ent_len,
124
                        const unsigned char *nonce, size_t nonce_len,
125
                        const unsigned char *pstr, size_t pstr_len)
126
0
{
127
0
    if (hmac->ctx == NULL) {
128
0
        ERR_raise(ERR_LIB_PROV, PROV_R_MISSING_MAC);
129
0
        return 0;
130
0
    }
131
132
    /* (Step 2) Key = 0x00 00...00 */
133
0
    memset(hmac->K, 0x00, hmac->blocklen);
134
    /* (Step 3) V = 0x01 01...01 */
135
0
    memset(hmac->V, 0x01, hmac->blocklen);
136
    /* (Step 4) (K,V) = HMAC_DRBG_Update(entropy||nonce||pers string, K, V) */
137
0
    return drbg_hmac_update(hmac, ent, ent_len, nonce, nonce_len, pstr,
138
0
                            pstr_len);
139
0
}
140
static int drbg_hmac_instantiate(PROV_DRBG *drbg,
141
                                 const unsigned char *ent, size_t ent_len,
142
                                 const unsigned char *nonce, size_t nonce_len,
143
                                 const unsigned char *pstr, size_t pstr_len)
144
0
{
145
0
    return ossl_drbg_hmac_init((PROV_DRBG_HMAC *)drbg->data, ent, ent_len,
146
0
                               nonce, nonce_len, pstr, pstr_len);
147
0
}
148
149
static int drbg_hmac_instantiate_wrapper(void *vdrbg, unsigned int strength,
150
                                         int prediction_resistance,
151
                                         const unsigned char *pstr,
152
                                         size_t pstr_len,
153
                                         const OSSL_PARAM params[])
154
0
{
155
0
    PROV_DRBG *drbg = (PROV_DRBG *)vdrbg;
156
0
    struct drbg_set_ctx_params_st p;
157
0
    int ret = 0;
158
159
0
    if (drbg == NULL || !drbg_hmac_set_ctx_params_decoder(params, &p))
160
0
        return 0;
161
162
0
    if (drbg->lock != NULL && !CRYPTO_THREAD_write_lock(drbg->lock))
163
0
        return 0;
164
165
0
    if (!ossl_prov_is_running()
166
0
            || !drbg_hmac_set_ctx_params_locked(drbg, &p))
167
0
        goto err;
168
0
    ret = ossl_prov_drbg_instantiate(drbg, strength, prediction_resistance,
169
0
                                     pstr, pstr_len);
170
0
 err:
171
0
    if (drbg->lock != NULL)
172
0
        CRYPTO_THREAD_unlock(drbg->lock);
173
0
    return ret;
174
0
}
175
176
177
/*
178
 * SP800-90Ar1 10.1.2.4 HMAC_DRBG_Reseed_Process:
179
 *
180
 * Reseeds the drbg's Key (K) and Value (V) by calling
181
 * (K,V) = drbg_hmac_update() with the following input parameters:
182
 *   ent = entropy input data (Can be NULL) of length ent_len.
183
 *   adin = additional input data (Can be NULL) of length adin_len.
184
 *
185
 * Returns zero if an error occurs otherwise it returns 1.
186
 */
187
static int drbg_hmac_reseed(PROV_DRBG *drbg,
188
                            const unsigned char *ent, size_t ent_len,
189
                            const unsigned char *adin, size_t adin_len)
190
0
{
191
0
    PROV_DRBG_HMAC *hmac = (PROV_DRBG_HMAC *)drbg->data;
192
193
    /* (Step 2) (K,V) = HMAC_DRBG_Update(entropy||additional_input, K, V) */
194
0
    return drbg_hmac_update(hmac, ent, ent_len, adin, adin_len, NULL, 0);
195
0
}
196
197
static int drbg_hmac_reseed_wrapper(void *vdrbg, int prediction_resistance,
198
                                    const unsigned char *ent, size_t ent_len,
199
                                    const unsigned char *adin, size_t adin_len)
200
0
{
201
0
    PROV_DRBG *drbg = (PROV_DRBG *)vdrbg;
202
203
0
    return ossl_prov_drbg_reseed(drbg, prediction_resistance, ent, ent_len,
204
0
                                 adin, adin_len);
205
0
}
206
207
/*
208
 * SP800-90Ar1 10.1.2.5 HMAC_DRBG_Generate_Process:
209
 *
210
 * Generates pseudo random bytes and updates the internal K,V for the drbg.
211
 * out is a buffer to fill with outlen bytes of pseudo random data.
212
 * adin is an additional_input string of size adin_len that may be NULL.
213
 *
214
 * Returns zero if an error occurs otherwise it returns 1.
215
 */
216
int ossl_drbg_hmac_generate(PROV_DRBG_HMAC *hmac,
217
                            unsigned char *out, size_t outlen,
218
                            const unsigned char *adin, size_t adin_len)
219
0
{
220
0
    EVP_MAC_CTX *ctx = hmac->ctx;
221
0
    const unsigned char *temp = hmac->V;
222
223
    /* (Step 2) if adin != NULL then (K,V) = HMAC_DRBG_Update(adin, K, V) */
224
0
    if (adin != NULL
225
0
            && adin_len > 0
226
0
            && !drbg_hmac_update(hmac, adin, adin_len, NULL, 0, NULL, 0))
227
0
        return 0;
228
229
    /*
230
     * (Steps 3-5) temp = NULL
231
     *             while (len(temp) < outlen) {
232
     *                 V = HMAC(K, V)
233
     *                 temp = temp || V
234
     *             }
235
     */
236
0
    for (;;) {
237
0
        if (!EVP_MAC_init(ctx, hmac->K, hmac->blocklen, NULL)
238
0
            || !EVP_MAC_update(ctx, temp, hmac->blocklen))
239
0
            return 0;
240
241
0
        if (outlen > hmac->blocklen) {
242
0
            if (!EVP_MAC_final(ctx, out, NULL, outlen))
243
0
                return 0;
244
0
            temp = out;
245
0
        } else {
246
0
            if (!EVP_MAC_final(ctx, hmac->V, NULL, sizeof(hmac->V)))
247
0
                return 0;
248
0
            memcpy(out, hmac->V, outlen);
249
0
            break;
250
0
        }
251
0
        out += hmac->blocklen;
252
0
        outlen -= hmac->blocklen;
253
0
    }
254
    /* (Step 6) (K,V) = HMAC_DRBG_Update(adin, K, V) */
255
0
    if (!drbg_hmac_update(hmac, adin, adin_len, NULL, 0, NULL, 0))
256
0
        return 0;
257
258
0
    return 1;
259
0
}
260
261
static int drbg_hmac_generate(PROV_DRBG *drbg,
262
                              unsigned char *out, size_t outlen,
263
                              const unsigned char *adin, size_t adin_len)
264
0
{
265
0
    return ossl_drbg_hmac_generate((PROV_DRBG_HMAC *)drbg->data, out, outlen,
266
0
                                    adin, adin_len);
267
0
}
268
269
static int drbg_hmac_generate_wrapper(void *vdrbg,
270
     unsigned char *out, size_t outlen, unsigned int strength,
271
     int prediction_resistance, const unsigned char *adin, size_t adin_len)
272
0
{
273
0
    PROV_DRBG *drbg = (PROV_DRBG *)vdrbg;
274
275
0
    return ossl_prov_drbg_generate(drbg, out, outlen, strength,
276
0
                                   prediction_resistance, adin, adin_len);
277
0
}
278
279
static int drbg_hmac_uninstantiate(PROV_DRBG *drbg)
280
0
{
281
0
    PROV_DRBG_HMAC *hmac = (PROV_DRBG_HMAC *)drbg->data;
282
283
0
    OPENSSL_cleanse(hmac->K, sizeof(hmac->K));
284
0
    OPENSSL_cleanse(hmac->V, sizeof(hmac->V));
285
0
    return ossl_prov_drbg_uninstantiate(drbg);
286
0
}
287
288
static int drbg_hmac_uninstantiate_wrapper(void *vdrbg)
289
0
{
290
0
    PROV_DRBG *drbg = (PROV_DRBG *)vdrbg;
291
0
    int ret;
292
293
0
    if (drbg->lock != NULL && !CRYPTO_THREAD_write_lock(drbg->lock))
294
0
        return 0;
295
296
0
    ret = drbg_hmac_uninstantiate(drbg);
297
298
0
    if (drbg->lock != NULL)
299
0
        CRYPTO_THREAD_unlock(drbg->lock);
300
301
0
    return ret;
302
0
}
303
304
static int drbg_hmac_verify_zeroization(void *vdrbg)
305
0
{
306
0
    PROV_DRBG *drbg = (PROV_DRBG *)vdrbg;
307
0
    PROV_DRBG_HMAC *hmac = (PROV_DRBG_HMAC *)drbg->data;
308
0
    int ret = 0;
309
310
0
    if (drbg->lock != NULL && !CRYPTO_THREAD_read_lock(drbg->lock))
311
0
        return 0;
312
313
0
    PROV_DRBG_VERIFY_ZEROIZATION(hmac->K);
314
0
    PROV_DRBG_VERIFY_ZEROIZATION(hmac->V);
315
316
0
    ret = 1;
317
0
 err:
318
0
    if (drbg->lock != NULL)
319
0
        CRYPTO_THREAD_unlock(drbg->lock);
320
0
    return ret;
321
0
}
322
323
static int drbg_hmac_new(PROV_DRBG *drbg)
324
0
{
325
0
    PROV_DRBG_HMAC *hmac;
326
327
0
    hmac = OPENSSL_secure_zalloc(sizeof(*hmac));
328
0
    if (hmac == NULL)
329
0
        return 0;
330
331
0
    OSSL_FIPS_IND_INIT(drbg)
332
333
0
    drbg->data = hmac;
334
    /* See SP800-57 Part1 Rev4 5.6.1 Table 3 */
335
0
    drbg->max_entropylen = DRBG_MAX_LENGTH;
336
0
    drbg->max_noncelen = DRBG_MAX_LENGTH;
337
0
    drbg->max_perslen = DRBG_MAX_LENGTH;
338
0
    drbg->max_adinlen = DRBG_MAX_LENGTH;
339
340
    /* Maximum number of bits per request = 2^19  = 2^16 bytes */
341
0
    drbg->max_request = 1 << 16;
342
0
    return 1;
343
0
}
344
345
static void *drbg_hmac_new_wrapper(void *provctx, void *parent,
346
                                   const OSSL_DISPATCH *parent_dispatch)
347
0
{
348
0
    return ossl_rand_drbg_new(provctx, parent, parent_dispatch,
349
0
                              &drbg_hmac_new, &drbg_hmac_free,
350
0
                              &drbg_hmac_instantiate, &drbg_hmac_uninstantiate,
351
0
                              &drbg_hmac_reseed, &drbg_hmac_generate);
352
0
}
353
354
static void drbg_hmac_free(void *vdrbg)
355
0
{
356
0
    PROV_DRBG *drbg = (PROV_DRBG *)vdrbg;
357
0
    PROV_DRBG_HMAC *hmac;
358
359
0
    if (drbg != NULL && (hmac = (PROV_DRBG_HMAC *)drbg->data) != NULL) {
360
0
        EVP_MAC_CTX_free(hmac->ctx);
361
0
        ossl_prov_digest_reset(&hmac->digest);
362
0
        OPENSSL_secure_clear_free(hmac, sizeof(*hmac));
363
0
    }
364
0
    ossl_rand_drbg_free(drbg);
365
0
}
366
367
#define drbg_hmac_get_ctx_params_st  drbg_get_ctx_params_st
368
369
/* Machine generated by util/perl/OpenSSL/paramnames.pm */
370
#ifndef drbg_hmac_get_ctx_params_list
371
static const OSSL_PARAM drbg_hmac_get_ctx_params_list[] = {
372
    OSSL_PARAM_utf8_string(OSSL_DRBG_PARAM_MAC, NULL, 0),
373
    OSSL_PARAM_utf8_string(OSSL_DRBG_PARAM_DIGEST, NULL, 0),
374
    OSSL_PARAM_int(OSSL_RAND_PARAM_STATE, NULL),
375
    OSSL_PARAM_uint(OSSL_RAND_PARAM_STRENGTH, NULL),
376
    OSSL_PARAM_size_t(OSSL_RAND_PARAM_MAX_REQUEST, NULL),
377
    OSSL_PARAM_size_t(OSSL_DRBG_PARAM_MIN_ENTROPYLEN, NULL),
378
    OSSL_PARAM_size_t(OSSL_DRBG_PARAM_MAX_ENTROPYLEN, NULL),
379
    OSSL_PARAM_size_t(OSSL_DRBG_PARAM_MIN_NONCELEN, NULL),
380
    OSSL_PARAM_size_t(OSSL_DRBG_PARAM_MAX_NONCELEN, NULL),
381
    OSSL_PARAM_size_t(OSSL_DRBG_PARAM_MAX_PERSLEN, NULL),
382
    OSSL_PARAM_size_t(OSSL_DRBG_PARAM_MAX_ADINLEN, NULL),
383
    OSSL_PARAM_uint(OSSL_DRBG_PARAM_RESEED_COUNTER, NULL),
384
    OSSL_PARAM_time_t(OSSL_DRBG_PARAM_RESEED_TIME, NULL),
385
    OSSL_PARAM_uint(OSSL_DRBG_PARAM_RESEED_REQUESTS, NULL),
386
    OSSL_PARAM_uint64(OSSL_DRBG_PARAM_RESEED_TIME_INTERVAL, NULL),
387
# if defined(FIPS_MODULE)
388
    OSSL_PARAM_int(OSSL_KDF_PARAM_FIPS_APPROVED_INDICATOR, NULL),
389
# endif
390
    OSSL_PARAM_END
391
};
392
#endif
393
394
#ifndef drbg_hmac_get_ctx_params_st
395
struct drbg_hmac_get_ctx_params_st {
396
    OSSL_PARAM *digest;
397
# if defined(FIPS_MODULE)
398
    OSSL_PARAM *ind;
399
# endif
400
    OSSL_PARAM *mac;
401
    OSSL_PARAM *maxadlen;
402
    OSSL_PARAM *maxentlen;
403
    OSSL_PARAM *maxnonlen;
404
    OSSL_PARAM *maxperlen;
405
    OSSL_PARAM *maxreq;
406
    OSSL_PARAM *minentlen;
407
    OSSL_PARAM *minnonlen;
408
    OSSL_PARAM *reseed_cnt;
409
    OSSL_PARAM *reseed_int;
410
    OSSL_PARAM *reseed_req;
411
    OSSL_PARAM *reseed_time;
412
    OSSL_PARAM *state;
413
    OSSL_PARAM *str;
414
};
415
#endif
416
417
#ifndef drbg_hmac_get_ctx_params_decoder
418
static int drbg_hmac_get_ctx_params_decoder
419
    (const OSSL_PARAM *p, struct drbg_hmac_get_ctx_params_st *r)
420
0
{
421
0
    const char *s;
422
423
0
    memset(r, 0, sizeof(*r));
424
0
    if (p != NULL)
425
0
        for (; (s = p->key) != NULL; p++)
426
0
            switch(s[0]) {
427
0
            default:
428
0
                break;
429
0
            case 'd':
430
0
                if (ossl_likely(strcmp("igest", s + 1) == 0)) {
431
                    /* DRBG_PARAM_DIGEST */
432
0
                    if (ossl_unlikely(r->digest != NULL)) {
433
0
                        ERR_raise_data(ERR_LIB_PROV, PROV_R_REPEATED_PARAMETER,
434
0
                                       "param %s is repeated", s);
435
0
                        return 0;
436
0
                    }
437
0
                    r->digest = (OSSL_PARAM *)p;
438
0
                }
439
0
                break;
440
0
            case 'f':
441
# if defined(FIPS_MODULE)
442
                if (ossl_likely(strcmp("ips-indicator", s + 1) == 0)) {
443
                    /* KDF_PARAM_FIPS_APPROVED_INDICATOR */
444
                    if (ossl_unlikely(r->ind != NULL)) {
445
                        ERR_raise_data(ERR_LIB_PROV, PROV_R_REPEATED_PARAMETER,
446
                                       "param %s is repeated", s);
447
                        return 0;
448
                    }
449
                    r->ind = (OSSL_PARAM *)p;
450
                }
451
# endif
452
0
                break;
453
0
            case 'm':
454
0
                switch(s[1]) {
455
0
                default:
456
0
                    break;
457
0
                case 'a':
458
0
                    switch(s[2]) {
459
0
                    default:
460
0
                        break;
461
0
                    case 'c':
462
0
                        switch(s[3]) {
463
0
                        default:
464
0
                            break;
465
0
                        case '\0':
466
0
                            if (ossl_unlikely(r->mac != NULL)) {
467
0
                                ERR_raise_data(ERR_LIB_PROV, PROV_R_REPEATED_PARAMETER,
468
0
                                               "param %s is repeated", s);
469
0
                                return 0;
470
0
                            }
471
0
                            r->mac = (OSSL_PARAM *)p;
472
0
                        }
473
0
                        break;
474
0
                    case 'x':
475
0
                        switch(s[3]) {
476
0
                        default:
477
0
                            break;
478
0
                        case '_':
479
0
                            switch(s[4]) {
480
0
                            default:
481
0
                                break;
482
0
                            case 'a':
483
0
                                if (ossl_likely(strcmp("dinlen", s + 5) == 0)) {
484
                                    /* DRBG_PARAM_MAX_ADINLEN */
485
0
                                    if (ossl_unlikely(r->maxadlen != NULL)) {
486
0
                                        ERR_raise_data(ERR_LIB_PROV, PROV_R_REPEATED_PARAMETER,
487
0
                                                       "param %s is repeated", s);
488
0
                                        return 0;
489
0
                                    }
490
0
                                    r->maxadlen = (OSSL_PARAM *)p;
491
0
                                }
492
0
                                break;
493
0
                            case 'e':
494
0
                                if (ossl_likely(strcmp("ntropylen", s + 5) == 0)) {
495
                                    /* DRBG_PARAM_MAX_ENTROPYLEN */
496
0
                                    if (ossl_unlikely(r->maxentlen != NULL)) {
497
0
                                        ERR_raise_data(ERR_LIB_PROV, PROV_R_REPEATED_PARAMETER,
498
0
                                                       "param %s is repeated", s);
499
0
                                        return 0;
500
0
                                    }
501
0
                                    r->maxentlen = (OSSL_PARAM *)p;
502
0
                                }
503
0
                                break;
504
0
                            case 'n':
505
0
                                if (ossl_likely(strcmp("oncelen", s + 5) == 0)) {
506
                                    /* DRBG_PARAM_MAX_NONCELEN */
507
0
                                    if (ossl_unlikely(r->maxnonlen != NULL)) {
508
0
                                        ERR_raise_data(ERR_LIB_PROV, PROV_R_REPEATED_PARAMETER,
509
0
                                                       "param %s is repeated", s);
510
0
                                        return 0;
511
0
                                    }
512
0
                                    r->maxnonlen = (OSSL_PARAM *)p;
513
0
                                }
514
0
                                break;
515
0
                            case 'p':
516
0
                                if (ossl_likely(strcmp("erslen", s + 5) == 0)) {
517
                                    /* DRBG_PARAM_MAX_PERSLEN */
518
0
                                    if (ossl_unlikely(r->maxperlen != NULL)) {
519
0
                                        ERR_raise_data(ERR_LIB_PROV, PROV_R_REPEATED_PARAMETER,
520
0
                                                       "param %s is repeated", s);
521
0
                                        return 0;
522
0
                                    }
523
0
                                    r->maxperlen = (OSSL_PARAM *)p;
524
0
                                }
525
0
                                break;
526
0
                            case 'r':
527
0
                                if (ossl_likely(strcmp("equest", s + 5) == 0)) {
528
                                    /* RAND_PARAM_MAX_REQUEST */
529
0
                                    if (ossl_unlikely(r->maxreq != NULL)) {
530
0
                                        ERR_raise_data(ERR_LIB_PROV, PROV_R_REPEATED_PARAMETER,
531
0
                                                       "param %s is repeated", s);
532
0
                                        return 0;
533
0
                                    }
534
0
                                    r->maxreq = (OSSL_PARAM *)p;
535
0
                                }
536
0
                            }
537
0
                        }
538
0
                    }
539
0
                    break;
540
0
                case 'i':
541
0
                    switch(s[2]) {
542
0
                    default:
543
0
                        break;
544
0
                    case 'n':
545
0
                        switch(s[3]) {
546
0
                        default:
547
0
                            break;
548
0
                        case '_':
549
0
                            switch(s[4]) {
550
0
                            default:
551
0
                                break;
552
0
                            case 'e':
553
0
                                if (ossl_likely(strcmp("ntropylen", s + 5) == 0)) {
554
                                    /* DRBG_PARAM_MIN_ENTROPYLEN */
555
0
                                    if (ossl_unlikely(r->minentlen != NULL)) {
556
0
                                        ERR_raise_data(ERR_LIB_PROV, PROV_R_REPEATED_PARAMETER,
557
0
                                                       "param %s is repeated", s);
558
0
                                        return 0;
559
0
                                    }
560
0
                                    r->minentlen = (OSSL_PARAM *)p;
561
0
                                }
562
0
                                break;
563
0
                            case 'n':
564
0
                                if (ossl_likely(strcmp("oncelen", s + 5) == 0)) {
565
                                    /* DRBG_PARAM_MIN_NONCELEN */
566
0
                                    if (ossl_unlikely(r->minnonlen != NULL)) {
567
0
                                        ERR_raise_data(ERR_LIB_PROV, PROV_R_REPEATED_PARAMETER,
568
0
                                                       "param %s is repeated", s);
569
0
                                        return 0;
570
0
                                    }
571
0
                                    r->minnonlen = (OSSL_PARAM *)p;
572
0
                                }
573
0
                            }
574
0
                        }
575
0
                    }
576
0
                }
577
0
                break;
578
0
            case 'r':
579
0
                switch(s[1]) {
580
0
                default:
581
0
                    break;
582
0
                case 'e':
583
0
                    switch(s[2]) {
584
0
                    default:
585
0
                        break;
586
0
                    case 's':
587
0
                        switch(s[3]) {
588
0
                        default:
589
0
                            break;
590
0
                        case 'e':
591
0
                            switch(s[4]) {
592
0
                            default:
593
0
                                break;
594
0
                            case 'e':
595
0
                                switch(s[5]) {
596
0
                                default:
597
0
                                    break;
598
0
                                case 'd':
599
0
                                    switch(s[6]) {
600
0
                                    default:
601
0
                                        break;
602
0
                                    case '_':
603
0
                                        switch(s[7]) {
604
0
                                        default:
605
0
                                            break;
606
0
                                        case 'c':
607
0
                                            if (ossl_likely(strcmp("ounter", s + 8) == 0)) {
608
                                                /* DRBG_PARAM_RESEED_COUNTER */
609
0
                                                if (ossl_unlikely(r->reseed_cnt != NULL)) {
610
0
                                                    ERR_raise_data(ERR_LIB_PROV, PROV_R_REPEATED_PARAMETER,
611
0
                                                                   "param %s is repeated", s);
612
0
                                                    return 0;
613
0
                                                }
614
0
                                                r->reseed_cnt = (OSSL_PARAM *)p;
615
0
                                            }
616
0
                                            break;
617
0
                                        case 'r':
618
0
                                            if (ossl_likely(strcmp("equests", s + 8) == 0)) {
619
                                                /* DRBG_PARAM_RESEED_REQUESTS */
620
0
                                                if (ossl_unlikely(r->reseed_req != NULL)) {
621
0
                                                    ERR_raise_data(ERR_LIB_PROV, PROV_R_REPEATED_PARAMETER,
622
0
                                                                   "param %s is repeated", s);
623
0
                                                    return 0;
624
0
                                                }
625
0
                                                r->reseed_req = (OSSL_PARAM *)p;
626
0
                                            }
627
0
                                            break;
628
0
                                        case 't':
629
0
                                            switch(s[8]) {
630
0
                                            default:
631
0
                                                break;
632
0
                                            case 'i':
633
0
                                                switch(s[9]) {
634
0
                                                default:
635
0
                                                    break;
636
0
                                                case 'm':
637
0
                                                    switch(s[10]) {
638
0
                                                    default:
639
0
                                                        break;
640
0
                                                    case 'e':
641
0
                                                        switch(s[11]) {
642
0
                                                        default:
643
0
                                                            break;
644
0
                                                        case '_':
645
0
                                                            if (ossl_likely(strcmp("interval", s + 12) == 0)) {
646
                                                                /* DRBG_PARAM_RESEED_TIME_INTERVAL */
647
0
                                                                if (ossl_unlikely(r->reseed_int != NULL)) {
648
0
                                                                    ERR_raise_data(ERR_LIB_PROV, PROV_R_REPEATED_PARAMETER,
649
0
                                                                                   "param %s is repeated", s);
650
0
                                                                    return 0;
651
0
                                                                }
652
0
                                                                r->reseed_int = (OSSL_PARAM *)p;
653
0
                                                            }
654
0
                                                            break;
655
0
                                                        case '\0':
656
0
                                                            if (ossl_unlikely(r->reseed_time != NULL)) {
657
0
                                                                ERR_raise_data(ERR_LIB_PROV, PROV_R_REPEATED_PARAMETER,
658
0
                                                                               "param %s is repeated", s);
659
0
                                                                return 0;
660
0
                                                            }
661
0
                                                            r->reseed_time = (OSSL_PARAM *)p;
662
0
                                                        }
663
0
                                                    }
664
0
                                                }
665
0
                                            }
666
0
                                        }
667
0
                                    }
668
0
                                }
669
0
                            }
670
0
                        }
671
0
                    }
672
0
                }
673
0
                break;
674
0
            case 's':
675
0
                switch(s[1]) {
676
0
                default:
677
0
                    break;
678
0
                case 't':
679
0
                    switch(s[2]) {
680
0
                    default:
681
0
                        break;
682
0
                    case 'a':
683
0
                        if (ossl_likely(strcmp("te", s + 3) == 0)) {
684
                            /* RAND_PARAM_STATE */
685
0
                            if (ossl_unlikely(r->state != NULL)) {
686
0
                                ERR_raise_data(ERR_LIB_PROV, PROV_R_REPEATED_PARAMETER,
687
0
                                               "param %s is repeated", s);
688
0
                                return 0;
689
0
                            }
690
0
                            r->state = (OSSL_PARAM *)p;
691
0
                        }
692
0
                        break;
693
0
                    case 'r':
694
0
                        if (ossl_likely(strcmp("ength", s + 3) == 0)) {
695
                            /* RAND_PARAM_STRENGTH */
696
0
                            if (ossl_unlikely(r->str != NULL)) {
697
0
                                ERR_raise_data(ERR_LIB_PROV, PROV_R_REPEATED_PARAMETER,
698
0
                                               "param %s is repeated", s);
699
0
                                return 0;
700
0
                            }
701
0
                            r->str = (OSSL_PARAM *)p;
702
0
                        }
703
0
                    }
704
0
                }
705
0
            }
706
0
    return 1;
707
0
}
708
#endif
709
/* End of machine generated */
710
711
static int drbg_hmac_get_ctx_params(void *vdrbg, OSSL_PARAM params[])
712
0
{
713
0
    PROV_DRBG *drbg = (PROV_DRBG *)vdrbg;
714
0
    PROV_DRBG_HMAC *hmac;
715
0
    const char *name;
716
0
    const EVP_MD *md;
717
0
    struct drbg_get_ctx_params_st p;
718
0
    int ret = 0, complete = 0;
719
720
0
    if (drbg == NULL || !drbg_hmac_get_ctx_params_decoder(params, &p))
721
0
        return 0;
722
723
0
    if (!ossl_drbg_get_ctx_params_no_lock(drbg, &p, params, &complete))
724
0
        return 0;
725
726
0
    if (complete)
727
0
        return 1;
728
729
0
    hmac = (PROV_DRBG_HMAC *)drbg->data;
730
731
0
    if (drbg->lock != NULL && !CRYPTO_THREAD_read_lock(drbg->lock))
732
0
        return 0;
733
734
0
    if (p.mac != NULL) {
735
0
        if (hmac->ctx == NULL)
736
0
            goto err;
737
0
        name = EVP_MAC_get0_name(EVP_MAC_CTX_get0_mac(hmac->ctx));
738
0
        if (!OSSL_PARAM_set_utf8_string(p.mac, name))
739
0
            goto err;
740
0
    }
741
742
0
    if (p.digest != NULL) {
743
0
        md = ossl_prov_digest_md(&hmac->digest);
744
0
        if (md == NULL
745
0
                || !OSSL_PARAM_set_utf8_string(p.digest, EVP_MD_get0_name(md)))
746
0
            goto err;
747
0
    }
748
749
0
    ret = ossl_drbg_get_ctx_params(drbg, &p);
750
0
 err:
751
0
    if (drbg->lock != NULL)
752
0
        CRYPTO_THREAD_unlock(drbg->lock);
753
754
0
    return ret;
755
0
}
756
757
static const OSSL_PARAM *drbg_hmac_gettable_ctx_params(ossl_unused void *vctx,
758
                                                       ossl_unused void *p_ctx)
759
0
{
760
0
    return drbg_hmac_get_ctx_params_list;
761
0
}
762
763
static int drbg_fetch_algs_from_prov(const struct drbg_set_ctx_params_st *p,
764
                                     OSSL_LIB_CTX *libctx,
765
                                     EVP_MAC_CTX **macctx,
766
                                     EVP_MD **digest)
767
0
{
768
0
    OSSL_PROVIDER *prov = NULL;
769
0
    EVP_MD *md = NULL;
770
0
    EVP_MAC *mac = NULL;
771
0
    int ret = 0;
772
773
0
    if (macctx == NULL || digest == NULL)
774
0
        return 0;
775
776
0
    if (p->prov == NULL || p->prov->data_type != OSSL_PARAM_UTF8_STRING)
777
0
        return 0;
778
0
    if ((prov = ossl_provider_find(libctx, (const char *)p->prov->data, 1)) == NULL)
779
0
        return 0;
780
781
0
    if (p->digest != NULL) {
782
0
        if (p->digest->data_type != OSSL_PARAM_UTF8_STRING)
783
0
            goto done;
784
785
0
        md = evp_digest_fetch_from_prov(prov, (const char *)p->digest->data, NULL);
786
0
        if (md) {
787
0
            EVP_MD_free(*digest);
788
0
            *digest = md;
789
0
        } else {
790
0
            goto done;
791
0
        }
792
0
    }
793
794
0
    if (p->mac == NULL) {
795
0
        ret = 1;
796
0
        goto done;
797
0
    }
798
799
0
    if (p->mac->data_type != OSSL_PARAM_UTF8_STRING)
800
0
        goto done;
801
802
0
    EVP_MAC_CTX_free(*macctx);
803
0
    *macctx = NULL;
804
805
0
    mac = evp_mac_fetch_from_prov(prov, (const char *)p->mac->data, NULL);
806
0
    if (mac) {
807
0
        *macctx = EVP_MAC_CTX_new(mac);
808
        /* The context holds on to the MAC */
809
0
        EVP_MAC_free(mac);
810
0
        ret = 1;
811
0
    }
812
813
0
done:
814
0
    ossl_provider_free(prov);
815
0
    return ret;
816
0
}
817
818
static int drbg_hmac_set_ctx_params_locked
819
        (PROV_DRBG *ctx, const struct drbg_set_ctx_params_st *p)
820
0
{
821
0
    PROV_DRBG_HMAC *hmac = (PROV_DRBG_HMAC *)ctx->data;
822
0
    OSSL_LIB_CTX *libctx = PROV_LIBCTX_OF(ctx->provctx);
823
0
    EVP_MD *prov_md = NULL;
824
0
    const EVP_MD *md;
825
0
    int md_size;
826
827
0
    if (!OSSL_FIPS_IND_SET_CTX_FROM_PARAM(ctx, OSSL_FIPS_IND_SETTABLE0, p->ind_d))
828
0
        return 0;
829
830
    /* try to fetch mac and digest from provider */
831
0
    (void)ERR_set_mark();
832
0
    if (!drbg_fetch_algs_from_prov(p, libctx, &hmac->ctx, &prov_md)) {
833
0
        (void)ERR_pop_to_mark();
834
        /* fall back to full implementation search */
835
0
        if (!ossl_prov_digest_load(&hmac->digest, p->digest, p->propq,
836
0
                                   p->engine, libctx))
837
0
            return 0;
838
839
0
        if (!ossl_prov_macctx_load(&hmac->ctx, p->mac, NULL, p->digest,
840
0
                                   p->propq, p->engine,
841
0
                                   NULL, NULL, NULL, libctx))
842
0
            return 0;
843
0
    } else {
844
0
        (void)ERR_clear_last_mark();
845
0
        if (prov_md)
846
0
            ossl_prov_digest_set_md(&hmac->digest, prov_md);
847
0
    }
848
849
0
    md = ossl_prov_digest_md(&hmac->digest);
850
0
    if (md != NULL && !ossl_drbg_verify_digest(ctx, libctx, md))
851
0
        return 0;   /* Error already raised for us */
852
853
0
    if (md != NULL && hmac->ctx != NULL) {
854
        /* These are taken from SP 800-90 10.1 Table 2 */
855
0
        md_size = EVP_MD_get_size(md);
856
0
        if (md_size <= 0)
857
0
            return 0;
858
0
        hmac->blocklen = (size_t)md_size;
859
        /* See SP800-57 Part1 Rev4 5.6.1 Table 3 */
860
0
        ctx->strength = 64 * (int)(hmac->blocklen >> 3);
861
0
        if (ctx->strength > 256)
862
0
            ctx->strength = 256;
863
0
        ctx->seedlen = hmac->blocklen;
864
0
        ctx->min_entropylen = ctx->strength / 8;
865
0
        ctx->min_noncelen = ctx->min_entropylen / 2;
866
0
    }
867
868
0
    return ossl_drbg_set_ctx_params(ctx, p);
869
0
}
870
871
#define drbg_hmac_set_ctx_params_st  drbg_set_ctx_params_st
872
873
/* Machine generated by util/perl/OpenSSL/paramnames.pm */
874
#ifndef drbg_hmac_set_ctx_params_list
875
static const OSSL_PARAM drbg_hmac_set_ctx_params_list[] = {
876
    OSSL_PARAM_utf8_string(OSSL_DRBG_PARAM_PROPERTIES, NULL, 0),
877
    OSSL_PARAM_utf8_string(OSSL_DRBG_PARAM_DIGEST, NULL, 0),
878
    OSSL_PARAM_utf8_string(OSSL_DRBG_PARAM_MAC, NULL, 0),
879
    OSSL_PARAM_utf8_string(OSSL_PROV_PARAM_CORE_PROV_NAME, NULL, 0),
880
    OSSL_PARAM_uint(OSSL_DRBG_PARAM_RESEED_REQUESTS, NULL),
881
    OSSL_PARAM_uint64(OSSL_DRBG_PARAM_RESEED_TIME_INTERVAL, NULL),
882
# if defined(FIPS_MODULE)
883
    OSSL_PARAM_int(OSSL_KDF_PARAM_FIPS_DIGEST_CHECK, NULL),
884
# endif
885
    OSSL_PARAM_END
886
};
887
#endif
888
889
#ifndef drbg_hmac_set_ctx_params_st
890
struct drbg_hmac_set_ctx_params_st {
891
    OSSL_PARAM *digest;
892
    OSSL_PARAM *engine;
893
# if defined(FIPS_MODULE)
894
    OSSL_PARAM *ind_d;
895
# endif
896
    OSSL_PARAM *mac;
897
    OSSL_PARAM *propq;
898
    OSSL_PARAM *prov;
899
    OSSL_PARAM *reseed_req;
900
    OSSL_PARAM *reseed_time;
901
};
902
#endif
903
904
#ifndef drbg_hmac_set_ctx_params_decoder
905
static int drbg_hmac_set_ctx_params_decoder
906
    (const OSSL_PARAM *p, struct drbg_hmac_set_ctx_params_st *r)
907
0
{
908
0
    const char *s;
909
910
0
    memset(r, 0, sizeof(*r));
911
0
    if (p != NULL)
912
0
        for (; (s = p->key) != NULL; p++)
913
0
            switch(s[0]) {
914
0
            default:
915
0
                break;
916
0
            case 'd':
917
0
                switch(s[1]) {
918
0
                default:
919
0
                    break;
920
0
                case 'i':
921
0
                    switch(s[2]) {
922
0
                    default:
923
0
                        break;
924
0
                    case 'g':
925
0
                        switch(s[3]) {
926
0
                        default:
927
0
                            break;
928
0
                        case 'e':
929
0
                            switch(s[4]) {
930
0
                            default:
931
0
                                break;
932
0
                            case 's':
933
0
                                switch(s[5]) {
934
0
                                default:
935
0
                                    break;
936
0
                                case 't':
937
0
                                    switch(s[6]) {
938
0
                                    default:
939
0
                                        break;
940
0
                                    case '-':
941
# if defined(FIPS_MODULE)
942
                                        if (ossl_likely(strcmp("check", s + 7) == 0)) {
943
                                            /* KDF_PARAM_FIPS_DIGEST_CHECK */
944
                                            if (ossl_unlikely(r->ind_d != NULL)) {
945
                                                ERR_raise_data(ERR_LIB_PROV, PROV_R_REPEATED_PARAMETER,
946
                                                               "param %s is repeated", s);
947
                                                return 0;
948
                                            }
949
                                            r->ind_d = (OSSL_PARAM *)p;
950
                                        }
951
# endif
952
0
                                        break;
953
0
                                    case '\0':
954
0
                                        if (ossl_unlikely(r->digest != NULL)) {
955
0
                                            ERR_raise_data(ERR_LIB_PROV, PROV_R_REPEATED_PARAMETER,
956
0
                                                           "param %s is repeated", s);
957
0
                                            return 0;
958
0
                                        }
959
0
                                        r->digest = (OSSL_PARAM *)p;
960
0
                                    }
961
0
                                }
962
0
                            }
963
0
                        }
964
0
                    }
965
0
                }
966
0
                break;
967
0
            case 'e':
968
0
                if (ossl_likely(strcmp("ngine", s + 1) == 0)) {
969
                    /* ALG_PARAM_ENGINE */
970
0
                    if (ossl_unlikely(r->engine != NULL)) {
971
0
                        ERR_raise_data(ERR_LIB_PROV, PROV_R_REPEATED_PARAMETER,
972
0
                                       "param %s is repeated", s);
973
0
                        return 0;
974
0
                    }
975
0
                    r->engine = (OSSL_PARAM *)p;
976
0
                }
977
0
                break;
978
0
            case 'm':
979
0
                if (ossl_likely(strcmp("ac", s + 1) == 0)) {
980
                    /* DRBG_PARAM_MAC */
981
0
                    if (ossl_unlikely(r->mac != NULL)) {
982
0
                        ERR_raise_data(ERR_LIB_PROV, PROV_R_REPEATED_PARAMETER,
983
0
                                       "param %s is repeated", s);
984
0
                        return 0;
985
0
                    }
986
0
                    r->mac = (OSSL_PARAM *)p;
987
0
                }
988
0
                break;
989
0
            case 'p':
990
0
                switch(s[1]) {
991
0
                default:
992
0
                    break;
993
0
                case 'r':
994
0
                    switch(s[2]) {
995
0
                    default:
996
0
                        break;
997
0
                    case 'o':
998
0
                        switch(s[3]) {
999
0
                        default:
1000
0
                            break;
1001
0
                        case 'p':
1002
0
                            if (ossl_likely(strcmp("erties", s + 4) == 0)) {
1003
                                /* DRBG_PARAM_PROPERTIES */
1004
0
                                if (ossl_unlikely(r->propq != NULL)) {
1005
0
                                    ERR_raise_data(ERR_LIB_PROV, PROV_R_REPEATED_PARAMETER,
1006
0
                                                   "param %s is repeated", s);
1007
0
                                    return 0;
1008
0
                                }
1009
0
                                r->propq = (OSSL_PARAM *)p;
1010
0
                            }
1011
0
                            break;
1012
0
                        case 'v':
1013
0
                            if (ossl_likely(strcmp("ider-name", s + 4) == 0)) {
1014
                                /* PROV_PARAM_CORE_PROV_NAME */
1015
0
                                if (ossl_unlikely(r->prov != NULL)) {
1016
0
                                    ERR_raise_data(ERR_LIB_PROV, PROV_R_REPEATED_PARAMETER,
1017
0
                                                   "param %s is repeated", s);
1018
0
                                    return 0;
1019
0
                                }
1020
0
                                r->prov = (OSSL_PARAM *)p;
1021
0
                            }
1022
0
                        }
1023
0
                    }
1024
0
                }
1025
0
                break;
1026
0
            case 'r':
1027
0
                switch(s[1]) {
1028
0
                default:
1029
0
                    break;
1030
0
                case 'e':
1031
0
                    switch(s[2]) {
1032
0
                    default:
1033
0
                        break;
1034
0
                    case 's':
1035
0
                        switch(s[3]) {
1036
0
                        default:
1037
0
                            break;
1038
0
                        case 'e':
1039
0
                            switch(s[4]) {
1040
0
                            default:
1041
0
                                break;
1042
0
                            case 'e':
1043
0
                                switch(s[5]) {
1044
0
                                default:
1045
0
                                    break;
1046
0
                                case 'd':
1047
0
                                    switch(s[6]) {
1048
0
                                    default:
1049
0
                                        break;
1050
0
                                    case '_':
1051
0
                                        switch(s[7]) {
1052
0
                                        default:
1053
0
                                            break;
1054
0
                                        case 'r':
1055
0
                                            if (ossl_likely(strcmp("equests", s + 8) == 0)) {
1056
                                                /* DRBG_PARAM_RESEED_REQUESTS */
1057
0
                                                if (ossl_unlikely(r->reseed_req != NULL)) {
1058
0
                                                    ERR_raise_data(ERR_LIB_PROV, PROV_R_REPEATED_PARAMETER,
1059
0
                                                                   "param %s is repeated", s);
1060
0
                                                    return 0;
1061
0
                                                }
1062
0
                                                r->reseed_req = (OSSL_PARAM *)p;
1063
0
                                            }
1064
0
                                            break;
1065
0
                                        case 't':
1066
0
                                            if (ossl_likely(strcmp("ime_interval", s + 8) == 0)) {
1067
                                                /* DRBG_PARAM_RESEED_TIME_INTERVAL */
1068
0
                                                if (ossl_unlikely(r->reseed_time != NULL)) {
1069
0
                                                    ERR_raise_data(ERR_LIB_PROV, PROV_R_REPEATED_PARAMETER,
1070
0
                                                                   "param %s is repeated", s);
1071
0
                                                    return 0;
1072
0
                                                }
1073
0
                                                r->reseed_time = (OSSL_PARAM *)p;
1074
0
                                            }
1075
0
                                        }
1076
0
                                    }
1077
0
                                }
1078
0
                            }
1079
0
                        }
1080
0
                    }
1081
0
                }
1082
0
            }
1083
0
    return 1;
1084
0
}
1085
#endif
1086
/* End of machine generated */
1087
1088
static int drbg_hmac_set_ctx_params(void *vctx, const OSSL_PARAM params[])
1089
0
{
1090
0
    PROV_DRBG *drbg = (PROV_DRBG *)vctx;
1091
0
    struct drbg_set_ctx_params_st p;
1092
0
    int ret;
1093
1094
0
    if (drbg == NULL || !drbg_hmac_set_ctx_params_decoder(params, &p))
1095
0
        return 0;
1096
1097
0
    if (drbg->lock != NULL && !CRYPTO_THREAD_write_lock(drbg->lock))
1098
0
        return 0;
1099
1100
0
    ret = drbg_hmac_set_ctx_params_locked(drbg, &p);
1101
1102
0
    if (drbg->lock != NULL)
1103
0
        CRYPTO_THREAD_unlock(drbg->lock);
1104
1105
0
    return ret;
1106
0
}
1107
1108
static const OSSL_PARAM *drbg_hmac_settable_ctx_params(ossl_unused void *vctx,
1109
                                                       ossl_unused void *p_ctx)
1110
0
{
1111
0
    return drbg_hmac_set_ctx_params_list;
1112
0
}
1113
1114
const OSSL_DISPATCH ossl_drbg_ossl_hmac_functions[] = {
1115
    { OSSL_FUNC_RAND_NEWCTX, (void(*)(void))drbg_hmac_new_wrapper },
1116
    { OSSL_FUNC_RAND_FREECTX, (void(*)(void))drbg_hmac_free },
1117
    { OSSL_FUNC_RAND_INSTANTIATE,
1118
      (void(*)(void))drbg_hmac_instantiate_wrapper },
1119
    { OSSL_FUNC_RAND_UNINSTANTIATE,
1120
      (void(*)(void))drbg_hmac_uninstantiate_wrapper },
1121
    { OSSL_FUNC_RAND_GENERATE, (void(*)(void))drbg_hmac_generate_wrapper },
1122
    { OSSL_FUNC_RAND_RESEED, (void(*)(void))drbg_hmac_reseed_wrapper },
1123
    { OSSL_FUNC_RAND_ENABLE_LOCKING, (void(*)(void))ossl_drbg_enable_locking },
1124
    { OSSL_FUNC_RAND_LOCK, (void(*)(void))ossl_drbg_lock },
1125
    { OSSL_FUNC_RAND_UNLOCK, (void(*)(void))ossl_drbg_unlock },
1126
    { OSSL_FUNC_RAND_SETTABLE_CTX_PARAMS,
1127
      (void(*)(void))drbg_hmac_settable_ctx_params },
1128
    { OSSL_FUNC_RAND_SET_CTX_PARAMS, (void(*)(void))drbg_hmac_set_ctx_params },
1129
    { OSSL_FUNC_RAND_GETTABLE_CTX_PARAMS,
1130
      (void(*)(void))drbg_hmac_gettable_ctx_params },
1131
    { OSSL_FUNC_RAND_GET_CTX_PARAMS, (void(*)(void))drbg_hmac_get_ctx_params },
1132
    { OSSL_FUNC_RAND_VERIFY_ZEROIZATION,
1133
      (void(*)(void))drbg_hmac_verify_zeroization },
1134
    { OSSL_FUNC_RAND_GET_SEED, (void(*)(void))ossl_drbg_get_seed },
1135
    { OSSL_FUNC_RAND_CLEAR_SEED, (void(*)(void))ossl_drbg_clear_seed },
1136
    OSSL_DISPATCH_END
1137
};