Check the parent DRBG's strength

We currently don't support the algorithm from NIST SP 800-90C 10.1.2 to use a weaker DRBG as source Reviewed-by: Dr. Matthias St. Pierre <Matthias.St.Pierre@ncp-e.com> GH: #5506
author: Kurt Roeckx <kurt@roeckx.be> 2018-03-04 13:23:05 +0100
committer: Kurt Roeckx <kurt@roeckx.be> 2018-03-06 18:34:23 +0100
commit: 35503b7cdc38b21739df1163d6d24b00dd386bef (patch)
tree: a58ae233681a09ce055d8298a0aebefc6c4bc09c /crypto/rand/drbg_lib.c
parent: 3bc0ab06b0224fb72d08baa1843f3d36be361162 (diff)
1 files changed, 9 insertions, 0 deletions
diff --git a/crypto/rand/drbg_lib.c b/crypto/rand/drbg_lib.c
index c43f571d64..daac770d36 100644
--- a/crypto/rand/drbg_lib.c
+++ b/crypto/rand/drbg_lib.c
@@ -178,6 +178,15 @@ static RAND_DRBG *rand_drbg_new(int secure,
     if (RAND_DRBG_set(drbg, type, flags) == 0)
         goto err;
 
+    if (parent != NULL && drbg->strength > parent->strength) {
+        /*
+         * We currently don't support the algorithm from NIST SP 800-90C
+         * 10.1.2 to use a weaker DRBG as source
+         */
+        RANDerr(RAND_F_RAND_DRBG_NEW, RAND_R_PARENT_STRENGTH_TOO_WEAK);
+        goto err;
+    }
+
     if (!RAND_DRBG_set_callbacks(drbg, rand_drbg_get_entropy,
                                  rand_drbg_cleanup_entropy,
                                  NULL, NULL))
author	Kurt Roeckx <kurt@roeckx.be>	2018-03-04 13:23:05 +0100
committer	Kurt Roeckx <kurt@roeckx.be>	2018-03-06 18:34:23 +0100
commit	35503b7cdc38b21739df1163d6d24b00dd386bef (patch)
tree	a58ae233681a09ce055d8298a0aebefc6c4bc09c /crypto/rand/drbg_lib.c
parent	3bc0ab06b0224fb72d08baa1843f3d36be361162 (diff)