diff options
author | Pauli <pauli@openssl.org> | 2022-09-26 15:20:14 +1000 |
---|---|---|
committer | Pauli <pauli@openssl.org> | 2022-11-02 08:42:46 +1100 |
commit | 7c8187d43d043c6a66559ed341ff1e01b8711093 (patch) | |
tree | bdea35ee96714c54f48e8247699562d4cd4bf47e /crypto | |
parent | 950968982a0c75d7c380f9d5a81e7d71b953af5a (diff) |
rand: add set0 calls for the private and public DRBGs
The FIPS 140-3 DSA and ECDSA tests need to be known answer tests which means
the entropy needs to be cooked. This permits this.
Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Tim Hudson <tjh@openssl.org>
Reviewed-by: Shane Lontis <shane.lontis@oracle.com>
(Merged from https://github.com/openssl/openssl/pull/19510)
Diffstat (limited to 'crypto')
-rw-r--r-- | crypto/evp/evp_rand.c | 4 | ||||
-rw-r--r-- | crypto/rand/rand_lib.c | 28 |
2 files changed, 30 insertions, 2 deletions
diff --git a/crypto/evp/evp_rand.c b/crypto/evp/evp_rand.c index 40048ed603..ed7f213bd8 100644 --- a/crypto/evp/evp_rand.c +++ b/crypto/evp/evp_rand.c @@ -320,7 +320,7 @@ int EVP_RAND_get_params(EVP_RAND *rand, OSSL_PARAM params[]) return 1; } -static int evp_rand_ctx_up_ref(EVP_RAND_CTX *ctx) +int EVP_RAND_CTX_up_ref(EVP_RAND_CTX *ctx) { int ref = 0; @@ -347,7 +347,7 @@ EVP_RAND_CTX *EVP_RAND_CTX_new(EVP_RAND *rand, EVP_RAND_CTX *parent) return NULL; } if (parent != NULL) { - if (!evp_rand_ctx_up_ref(parent)) { + if (!EVP_RAND_CTX_up_ref(parent)) { ERR_raise(ERR_LIB_EVP, ERR_R_INTERNAL_ERROR); CRYPTO_THREAD_lock_free(ctx->refcnt_lock); OPENSSL_free(ctx); diff --git a/crypto/rand/rand_lib.c b/crypto/rand/rand_lib.c index c69fc4f2af..7140729bd2 100644 --- a/crypto/rand/rand_lib.c +++ b/crypto/rand/rand_lib.c @@ -724,6 +724,34 @@ EVP_RAND_CTX *RAND_get0_private(OSSL_LIB_CTX *ctx) return rand; } +int RAND_set0_public(OSSL_LIB_CTX *ctx, EVP_RAND_CTX *rand) +{ + RAND_GLOBAL *dgbl = rand_get_global(ctx); + EVP_RAND_CTX *old; + int r; + + if (dgbl == NULL) + return 0; + old = CRYPTO_THREAD_get_local(&dgbl->public); + if ((r = CRYPTO_THREAD_set_local(&dgbl->public, rand)) > 0) + EVP_RAND_CTX_free(old); + return r; +} + +int RAND_set0_private(OSSL_LIB_CTX *ctx, EVP_RAND_CTX *rand) +{ + RAND_GLOBAL *dgbl = rand_get_global(ctx); + EVP_RAND_CTX *old; + int r; + + if (dgbl == NULL) + return 0; + old = CRYPTO_THREAD_get_local(&dgbl->private); + if ((r = CRYPTO_THREAD_set_local(&dgbl->private, rand)) > 0) + EVP_RAND_CTX_free(old); + return r; +} + #ifndef FIPS_MODULE static int random_set_string(char **p, const char *s) { |