diff options
| author | Dr. Stephen Henson <steve@openssl.org> | 2017-08-06 18:59:55 +0100 |
|---|---|---|
| committer | Dr. Stephen Henson <steve@openssl.org> | 2017-08-06 19:24:32 +0100 |
| commit | c57c32a8b1e381a5f272e64db349ebadc1ce4ff5 (patch) | |
| tree | e063f1194d265178a57e8f5fe1b11ca0d268b16a /engines | |
| parent | 69a978d35984bb27af336cffc252bdde51d36adb (diff) | |
Add predicatable RAND_METHOD to test ENGINE
The test ENGINE effectively used a predictable PRNG because it supplied
a bogus implementation of SHA256 which the old version of OpenSSL's PRNG
used. The new DRBG does not use SHA256 so it is no longer predictable
if the SHA256 implementation is replaced. Use an explicit predictable
PRNG instead.
Reviewed-by: Kurt Roeckx <kurt@roeckx.be>
(Merged from https://github.com/openssl/openssl/pull/4098)
Diffstat (limited to 'engines')
| -rw-r--r-- | engines/e_ossltest.c | 32 |
1 files changed, 32 insertions, 0 deletions
diff --git a/engines/e_ossltest.c b/engines/e_ossltest.c index ea752d5e9c..d3d6998e99 100644 --- a/engines/e_ossltest.c +++ b/engines/e_ossltest.c @@ -23,6 +23,7 @@ #include <openssl/evp.h> #include <openssl/modes.h> #include <openssl/aes.h> +#include <openssl/rand.h> #include <openssl/crypto.h> #include "e_ossltest_err.c" @@ -42,6 +43,7 @@ void ENGINE_load_ossltest(void); /* Set up digests */ static int ossltest_digests(ENGINE *e, const EVP_MD **digest, const int **nids, int nid); +static const RAND_METHOD *ossltest_rand_method(void); /* MD5 */ static int digest_md5_init(EVP_MD_CTX *ctx); @@ -309,6 +311,7 @@ static int bind_ossltest(ENGINE *e) || !ENGINE_set_name(e, engine_ossltest_name) || !ENGINE_set_digests(e, ossltest_digests) || !ENGINE_set_ciphers(e, ossltest_ciphers) + || !ENGINE_set_RAND(e, ossltest_rand_method()) || !ENGINE_set_destroy_function(e, ossltest_destroy) || !ENGINE_set_init_function(e, ossltest_init) || !ENGINE_set_finish_function(e, ossltest_finish)) { @@ -656,3 +659,32 @@ static int ossltest_aes128_gcm_ctrl(EVP_CIPHER_CTX *ctx, int type, int arg, return 1; } + +static int ossltest_rand_bytes(unsigned char *buf, int num) +{ + unsigned char val = 1; + + while (--num >= 0) + *buf++ = val++; + return 1; +} + +static int ossltest_rand_status(void) +{ + return 1; +} + +static const RAND_METHOD *ossltest_rand_method(void) +{ + + static RAND_METHOD osslt_rand_meth = { + NULL, + ossltest_rand_bytes, + NULL, + NULL, + ossltest_rand_bytes, + ossltest_rand_status + }; + + return &osslt_rand_meth; +} |