diff options
author | Dr. Stephen Henson <steve@openssl.org> | 2011-04-06 23:40:22 +0000 |
---|---|---|
committer | Dr. Stephen Henson <steve@openssl.org> | 2011-04-06 23:40:22 +0000 |
commit | 6653c6f2e86a8e180bca4c5cd1ea9fd81aab3db1 (patch) | |
tree | 99cdd954dc88f52a05eecd71001fc0abfe90af82 /crypto/rand/rand_lib.c | |
parent | 4c8855b975bdd1b4c84cf32a6a4748d40ea4a14c (diff) |
Update OpenSSL DRBG support code. Use date time vector as additional data.
Set FIPS RAND_METHOD at same time as OpenSSL RAND_METHOD.
Diffstat (limited to 'crypto/rand/rand_lib.c')
-rw-r--r-- | crypto/rand/rand_lib.c | 36 |
1 files changed, 31 insertions, 5 deletions
diff --git a/crypto/rand/rand_lib.c b/crypto/rand/rand_lib.c index ef10dd507e..c653d38c8a 100644 --- a/crypto/rand/rand_lib.c +++ b/crypto/rand/rand_lib.c @@ -65,6 +65,11 @@ #include <openssl/engine.h> #endif +#ifdef OPENSSL_FIPS +#include <openssl/fips.h> +#include <openssl/fips_rand.h> +#endif + #ifndef OPENSSL_NO_ENGINE /* non-NULL if default_RAND_meth is ENGINE-provided */ static ENGINE *funct_ref =NULL; @@ -73,6 +78,10 @@ static const RAND_METHOD *default_RAND_meth = NULL; int RAND_set_rand_method(const RAND_METHOD *meth) { +#ifdef OPENSSL_FIPS + if (!FIPS_rand_set_method(meth)) + return 0; +#endif #ifndef OPENSSL_NO_ENGINE if(funct_ref) { @@ -178,9 +187,6 @@ int RAND_status(void) #ifdef OPENSSL_FIPS -#include <openssl/fips.h> -#include <openssl/fips_rand.h> - /* FIPS DRBG initialisation code. This sets up the DRBG for use by the * rest of OpenSSL. */ @@ -210,6 +216,20 @@ static void drbg_free_entropy(DRBG_CTX *ctx, unsigned char *out, size_t olen) OPENSSL_free(out); } +/* Set "additional input" when generating random data. This uses the + * current PID, a time value and a counter. + */ + +static size_t drbg_get_adin(DRBG_CTX *ctx, unsigned char **pout) + { + /* Use of static variables is OK as this happens under a lock */ + static unsigned char buf[16]; + static unsigned long counter; + FIPS_get_timevec(buf, &counter); + *pout = buf; + return sizeof(buf); + } + /* RAND_add() and RAND_seed() pass through to OpenSSL PRNG so it is * correctly seeded by RAND_poll(). */ @@ -228,14 +248,20 @@ static int drbg_rand_seed(DRBG_CTX *ctx, const void *in, int inlen) int RAND_init_fips(void) { DRBG_CTX *dctx; - unsigned char pers[16] = {0,0,0}; + size_t plen; + unsigned char pers[32], *p; dctx = FIPS_get_default_drbg(); FIPS_drbg_init(dctx, NID_aes_256_ctr, DRBG_FLAG_CTR_USE_DF); FIPS_drbg_set_callbacks(dctx, drbg_get_entropy, drbg_free_entropy, drbg_get_entropy, drbg_free_entropy); - FIPS_drbg_set_rand_callbacks(dctx, 0, 0, + FIPS_drbg_set_rand_callbacks(dctx, drbg_get_adin, 0, drbg_rand_seed, drbg_rand_add); + /* Personalisation string: a string followed by date time vector */ + strcpy((char *)pers, "OpenSSL DRBG2.0"); + plen = drbg_get_adin(dctx, &p); + memcpy(pers + 16, p, plen); + FIPS_drbg_instantiate(dctx, pers, sizeof(pers)); FIPS_rand_set_method(FIPS_drbg_method()); return 1; |