/src/openssl/providers/implementations/rands/test_rng.c
Line | Count | Source |
1 | | /* |
2 | | * Copyright 2020-2025 The OpenSSL Project Authors. All Rights Reserved. |
3 | | * |
4 | | * Licensed under the Apache License 2.0 (the "License"). You may not use |
5 | | * this file except in compliance with the License. You can obtain a copy |
6 | | * in the file LICENSE in the source distribution or at |
7 | | * https://www.openssl.org/source/license.html |
8 | | */ |
9 | | |
10 | | #include <string.h> |
11 | | #include <stdlib.h> |
12 | | #include <openssl/core_dispatch.h> |
13 | | #include <openssl/e_os2.h> |
14 | | #include <openssl/params.h> |
15 | | #include <openssl/core_names.h> |
16 | | #include <openssl/evp.h> |
17 | | #include <openssl/err.h> |
18 | | #include <openssl/proverr.h> |
19 | | #include <openssl/randerr.h> |
20 | | #include "internal/common.h" |
21 | | #include "prov/securitycheck.h" |
22 | | #include "prov/providercommon.h" |
23 | | #include "prov/provider_ctx.h" |
24 | | #include "prov/provider_util.h" |
25 | | #include "prov/implementations.h" |
26 | | #include "providers/implementations/rands/test_rng.inc" |
27 | | |
28 | | static OSSL_FUNC_rand_newctx_fn test_rng_new; |
29 | | static OSSL_FUNC_rand_freectx_fn test_rng_free; |
30 | | static OSSL_FUNC_rand_instantiate_fn test_rng_instantiate; |
31 | | static OSSL_FUNC_rand_uninstantiate_fn test_rng_uninstantiate; |
32 | | static OSSL_FUNC_rand_generate_fn test_rng_generate; |
33 | | static OSSL_FUNC_rand_reseed_fn test_rng_reseed; |
34 | | static OSSL_FUNC_rand_nonce_fn test_rng_nonce; |
35 | | static OSSL_FUNC_rand_settable_ctx_params_fn test_rng_settable_ctx_params; |
36 | | static OSSL_FUNC_rand_set_ctx_params_fn test_rng_set_ctx_params; |
37 | | static OSSL_FUNC_rand_gettable_ctx_params_fn test_rng_gettable_ctx_params; |
38 | | static OSSL_FUNC_rand_get_ctx_params_fn test_rng_get_ctx_params; |
39 | | static OSSL_FUNC_rand_verify_zeroization_fn test_rng_verify_zeroization; |
40 | | static OSSL_FUNC_rand_enable_locking_fn test_rng_enable_locking; |
41 | | static OSSL_FUNC_rand_lock_fn test_rng_lock; |
42 | | static OSSL_FUNC_rand_unlock_fn test_rng_unlock; |
43 | | static OSSL_FUNC_rand_get_seed_fn test_rng_get_seed; |
44 | | |
45 | | typedef struct { |
46 | | void *provctx; |
47 | | unsigned int generate; |
48 | | int state; |
49 | | unsigned int strength; |
50 | | size_t max_request; |
51 | | unsigned char *entropy, *nonce; |
52 | | size_t entropy_len, entropy_pos, nonce_len; |
53 | | CRYPTO_RWLOCK *lock; |
54 | | uint32_t seed; |
55 | | } PROV_TEST_RNG; |
56 | | |
57 | | static void *test_rng_new(void *provctx, void *parent, |
58 | | const OSSL_DISPATCH *parent_dispatch) |
59 | 0 | { |
60 | 0 | PROV_TEST_RNG *t; |
61 | |
|
62 | 0 | t = OPENSSL_zalloc(sizeof(*t)); |
63 | 0 | if (t == NULL) |
64 | 0 | return NULL; |
65 | | |
66 | 0 | t->max_request = INT_MAX; |
67 | 0 | t->provctx = provctx; |
68 | 0 | t->state = EVP_RAND_STATE_UNINITIALISED; |
69 | 0 | return t; |
70 | 0 | } |
71 | | |
72 | | static void test_rng_free(void *vtest) |
73 | 0 | { |
74 | 0 | PROV_TEST_RNG *t = (PROV_TEST_RNG *)vtest; |
75 | |
|
76 | 0 | if (t == NULL) |
77 | 0 | return; |
78 | 0 | OPENSSL_free(t->entropy); |
79 | 0 | OPENSSL_free(t->nonce); |
80 | 0 | CRYPTO_THREAD_lock_free(t->lock); |
81 | 0 | OPENSSL_free(t); |
82 | 0 | } |
83 | | |
84 | | static int test_rng_instantiate(void *vtest, unsigned int strength, |
85 | | int prediction_resistance, |
86 | | const unsigned char *pstr, size_t pstr_len, |
87 | | const OSSL_PARAM params[]) |
88 | 0 | { |
89 | 0 | PROV_TEST_RNG *t = (PROV_TEST_RNG *)vtest; |
90 | |
|
91 | 0 | if (!test_rng_set_ctx_params(t, params) || strength > t->strength) |
92 | 0 | return 0; |
93 | | |
94 | 0 | t->state = EVP_RAND_STATE_READY; |
95 | 0 | t->entropy_pos = 0; |
96 | 0 | t->seed = 221953166; /* Value doesn't matter, so long as it isn't zero */ |
97 | |
|
98 | 0 | return 1; |
99 | 0 | } |
100 | | |
101 | | static int test_rng_uninstantiate(void *vtest) |
102 | 0 | { |
103 | 0 | PROV_TEST_RNG *t = (PROV_TEST_RNG *)vtest; |
104 | |
|
105 | 0 | t->entropy_pos = 0; |
106 | 0 | t->state = EVP_RAND_STATE_UNINITIALISED; |
107 | 0 | return 1; |
108 | 0 | } |
109 | | |
110 | | static unsigned char gen_byte(PROV_TEST_RNG *t) |
111 | 0 | { |
112 | 0 | uint32_t n; |
113 | | |
114 | | /* |
115 | | * Implement the 32 bit xorshift as suggested by George Marsaglia in: |
116 | | * https://doi.org/10.18637/jss.v008.i14 |
117 | | * |
118 | | * This is a very fast PRNG so there is no need to extract bytes one at a |
119 | | * time and use the entire value each time. |
120 | | */ |
121 | 0 | n = t->seed; |
122 | 0 | n ^= n << 13; |
123 | 0 | n ^= n >> 17; |
124 | 0 | n ^= n << 5; |
125 | 0 | t->seed = n; |
126 | |
|
127 | 0 | return n & 0xff; |
128 | 0 | } |
129 | | |
130 | | static int test_rng_generate(void *vtest, unsigned char *out, size_t outlen, |
131 | | unsigned int strength, int prediction_resistance, |
132 | | const unsigned char *adin, size_t adin_len) |
133 | 0 | { |
134 | 0 | PROV_TEST_RNG *t = (PROV_TEST_RNG *)vtest; |
135 | 0 | size_t i; |
136 | |
|
137 | 0 | if (strength > t->strength) |
138 | 0 | return 0; |
139 | 0 | if (t->generate) { |
140 | 0 | for (i = 0; i < outlen; i++) |
141 | 0 | out[i] = gen_byte(t); |
142 | 0 | } else { |
143 | 0 | if (t->entropy_len - t->entropy_pos < outlen) |
144 | 0 | return 0; |
145 | | |
146 | 0 | memcpy(out, t->entropy + t->entropy_pos, outlen); |
147 | 0 | t->entropy_pos += outlen; |
148 | 0 | } |
149 | 0 | return 1; |
150 | 0 | } |
151 | | |
152 | | static int test_rng_reseed(ossl_unused void *vtest, |
153 | | ossl_unused int prediction_resistance, |
154 | | ossl_unused const unsigned char *ent, |
155 | | ossl_unused size_t ent_len, |
156 | | ossl_unused const unsigned char *adin, |
157 | | ossl_unused size_t adin_len) |
158 | 0 | { |
159 | 0 | return 1; |
160 | 0 | } |
161 | | |
162 | | static size_t test_rng_nonce(void *vtest, unsigned char *out, |
163 | | unsigned int strength, size_t min_noncelen, |
164 | | size_t max_noncelen) |
165 | 0 | { |
166 | 0 | PROV_TEST_RNG *t = (PROV_TEST_RNG *)vtest; |
167 | 0 | size_t i; |
168 | |
|
169 | 0 | if (strength > t->strength) |
170 | 0 | return 0; |
171 | | |
172 | 0 | if (t->generate) { |
173 | 0 | for (i = 0; i < min_noncelen; i++) |
174 | 0 | out[i] = gen_byte(t); |
175 | 0 | return min_noncelen; |
176 | 0 | } |
177 | | |
178 | 0 | if (t->nonce == NULL) |
179 | 0 | return 0; |
180 | 0 | i = t->nonce_len > max_noncelen ? max_noncelen : t->nonce_len; |
181 | 0 | if (out != NULL) |
182 | 0 | memcpy(out, t->nonce, i); |
183 | 0 | return i; |
184 | 0 | } |
185 | | |
186 | | static int test_rng_get_ctx_params(void *vtest, OSSL_PARAM params[]) |
187 | 0 | { |
188 | 0 | PROV_TEST_RNG *t = (PROV_TEST_RNG *)vtest; |
189 | 0 | struct test_rng_get_ctx_params_st p; |
190 | |
|
191 | 0 | if (t == NULL || !test_rng_get_ctx_params_decoder(params, &p)) |
192 | 0 | return 0; |
193 | | |
194 | 0 | if (p.state != NULL && !OSSL_PARAM_set_int(p.state, t->state)) |
195 | 0 | return 0; |
196 | | |
197 | 0 | if (p.str != NULL && !OSSL_PARAM_set_uint(p.str, t->strength)) |
198 | 0 | return 0; |
199 | | |
200 | 0 | if (p.maxreq != NULL && !OSSL_PARAM_set_size_t(p.maxreq, t->max_request)) |
201 | 0 | return 0; |
202 | | |
203 | 0 | if (p.gen != NULL && !OSSL_PARAM_set_uint(p.gen, t->generate)) |
204 | 0 | return 0; |
205 | | |
206 | | #ifdef FIPS_MODULE |
207 | | if (p.ind != NULL && !OSSL_PARAM_set_int(p.ind, 0)) |
208 | | return 0; |
209 | | #endif /* FIPS_MODULE */ |
210 | | |
211 | 0 | return 1; |
212 | 0 | } |
213 | | |
214 | | static const OSSL_PARAM *test_rng_gettable_ctx_params(ossl_unused void *vtest, |
215 | | ossl_unused void *provctx) |
216 | 0 | { |
217 | 0 | return test_rng_get_ctx_params_list; |
218 | 0 | } |
219 | | |
220 | | static int test_rng_set_ctx_params(void *vtest, const OSSL_PARAM params[]) |
221 | 0 | { |
222 | 0 | PROV_TEST_RNG *t = (PROV_TEST_RNG *)vtest; |
223 | 0 | struct test_rng_set_ctx_params_st p; |
224 | 0 | void *ptr = NULL; |
225 | 0 | size_t size = 0; |
226 | |
|
227 | 0 | if (t == NULL || !test_rng_set_ctx_params_decoder(params, &p)) |
228 | 0 | return 0; |
229 | | |
230 | 0 | if (p.str != NULL && !OSSL_PARAM_get_uint(p.str, &t->strength)) |
231 | 0 | return 0; |
232 | | |
233 | 0 | if (p.ent != NULL) { |
234 | 0 | if (!OSSL_PARAM_get_octet_string(p.ent, &ptr, 0, &size)) |
235 | 0 | return 0; |
236 | 0 | OPENSSL_free(t->entropy); |
237 | 0 | t->entropy = ptr; |
238 | 0 | t->entropy_len = size; |
239 | 0 | t->entropy_pos = 0; |
240 | 0 | ptr = NULL; |
241 | 0 | } |
242 | | |
243 | 0 | if (p.nonce != NULL) { |
244 | 0 | if (!OSSL_PARAM_get_octet_string(p.nonce, &ptr, 0, &size)) |
245 | 0 | return 0; |
246 | 0 | OPENSSL_free(t->nonce); |
247 | 0 | t->nonce = ptr; |
248 | 0 | t->nonce_len = size; |
249 | 0 | } |
250 | | |
251 | 0 | if (p.maxreq != NULL && !OSSL_PARAM_get_size_t(p.maxreq, &t->max_request)) |
252 | 0 | return 0; |
253 | | |
254 | 0 | if (p.gen != NULL && !OSSL_PARAM_get_uint(p.gen, &t->generate)) |
255 | 0 | return 0; |
256 | 0 | return 1; |
257 | 0 | } |
258 | | |
259 | | static const OSSL_PARAM *test_rng_settable_ctx_params(ossl_unused void *vtest, |
260 | | ossl_unused void *provctx) |
261 | 0 | { |
262 | 0 | return test_rng_set_ctx_params_list; |
263 | 0 | } |
264 | | |
265 | | static int test_rng_verify_zeroization(ossl_unused void *vtest) |
266 | 0 | { |
267 | 0 | return 1; |
268 | 0 | } |
269 | | |
270 | | static size_t test_rng_get_seed(void *vtest, unsigned char **pout, |
271 | | int entropy, size_t min_len, size_t max_len, |
272 | | ossl_unused int prediction_resistance, |
273 | | ossl_unused const unsigned char *adin, |
274 | | ossl_unused size_t adin_len) |
275 | 0 | { |
276 | 0 | PROV_TEST_RNG *t = (PROV_TEST_RNG *)vtest; |
277 | |
|
278 | 0 | *pout = t->entropy; |
279 | 0 | return t->entropy_len > max_len ? max_len : t->entropy_len; |
280 | 0 | } |
281 | | |
282 | | static int test_rng_enable_locking(void *vtest) |
283 | 0 | { |
284 | 0 | PROV_TEST_RNG *t = (PROV_TEST_RNG *)vtest; |
285 | |
|
286 | 0 | if (t != NULL && t->lock == NULL) { |
287 | 0 | t->lock = CRYPTO_THREAD_lock_new(); |
288 | 0 | if (t->lock == NULL) { |
289 | 0 | ERR_raise(ERR_LIB_PROV, RAND_R_FAILED_TO_CREATE_LOCK); |
290 | 0 | return 0; |
291 | 0 | } |
292 | 0 | } |
293 | 0 | return 1; |
294 | 0 | } |
295 | | |
296 | | static int test_rng_lock(void *vtest) |
297 | 0 | { |
298 | 0 | PROV_TEST_RNG *t = (PROV_TEST_RNG *)vtest; |
299 | |
|
300 | 0 | if (t == NULL || t->lock == NULL) |
301 | 0 | return 1; |
302 | 0 | return CRYPTO_THREAD_write_lock(t->lock); |
303 | 0 | } |
304 | | |
305 | | static void test_rng_unlock(void *vtest) |
306 | 0 | { |
307 | 0 | PROV_TEST_RNG *t = (PROV_TEST_RNG *)vtest; |
308 | |
|
309 | 0 | if (t != NULL && t->lock != NULL) |
310 | 0 | CRYPTO_THREAD_unlock(t->lock); |
311 | 0 | } |
312 | | |
313 | | const OSSL_DISPATCH ossl_test_rng_functions[] = { |
314 | | { OSSL_FUNC_RAND_NEWCTX, (void(*)(void))test_rng_new }, |
315 | | { OSSL_FUNC_RAND_FREECTX, (void(*)(void))test_rng_free }, |
316 | | { OSSL_FUNC_RAND_INSTANTIATE, |
317 | | (void(*)(void))test_rng_instantiate }, |
318 | | { OSSL_FUNC_RAND_UNINSTANTIATE, |
319 | | (void(*)(void))test_rng_uninstantiate }, |
320 | | { OSSL_FUNC_RAND_GENERATE, (void(*)(void))test_rng_generate }, |
321 | | { OSSL_FUNC_RAND_RESEED, (void(*)(void))test_rng_reseed }, |
322 | | { OSSL_FUNC_RAND_NONCE, (void(*)(void))test_rng_nonce }, |
323 | | { OSSL_FUNC_RAND_ENABLE_LOCKING, (void(*)(void))test_rng_enable_locking }, |
324 | | { OSSL_FUNC_RAND_LOCK, (void(*)(void))test_rng_lock }, |
325 | | { OSSL_FUNC_RAND_UNLOCK, (void(*)(void))test_rng_unlock }, |
326 | | { OSSL_FUNC_RAND_SETTABLE_CTX_PARAMS, |
327 | | (void(*)(void))test_rng_settable_ctx_params }, |
328 | | { OSSL_FUNC_RAND_SET_CTX_PARAMS, (void(*)(void))test_rng_set_ctx_params }, |
329 | | { OSSL_FUNC_RAND_GETTABLE_CTX_PARAMS, |
330 | | (void(*)(void))test_rng_gettable_ctx_params }, |
331 | | { OSSL_FUNC_RAND_GET_CTX_PARAMS, (void(*)(void))test_rng_get_ctx_params }, |
332 | | { OSSL_FUNC_RAND_VERIFY_ZEROIZATION, |
333 | | (void(*)(void))test_rng_verify_zeroization }, |
334 | | { OSSL_FUNC_RAND_GET_SEED, (void(*)(void))test_rng_get_seed }, |
335 | | OSSL_DISPATCH_END |
336 | | }; |