diff options
| author | Pauli <pauli@openssl.org> | 2023-09-05 12:51:05 +1000 |
|---|---|---|
| committer | Matt Caswell <matt@openssl.org> | 2023-09-27 17:23:04 +0100 |
| commit | 4cde7585ce8eb53682256ba79e6af1949498fbfe (patch) | |
| tree | 0a2d79638c8770ff7d97c4c67a19c3a897b94f82 /include | |
| parent | a9483b8aa00753a2a9665273c0e376f3c1d36e65 (diff) | |
fips: use seed source requested
Fixes #21909
Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/21964)
Diffstat (limited to 'include')
| -rw-r--r-- | include/crypto/rand.h | 17 | ||||
| -rw-r--r-- | include/openssl/core_dispatch.h | 11 |
2 files changed, 23 insertions, 5 deletions
diff --git a/include/crypto/rand.h b/include/crypto/rand.h index 7345bf625f..730be8b5d0 100644 --- a/include/crypto/rand.h +++ b/include/crypto/rand.h @@ -108,15 +108,21 @@ void ossl_random_add_conf_module(void); /* * Get and cleanup random seed material. */ -size_t ossl_rand_get_entropy(ossl_unused const OSSL_CORE_HANDLE *handle, +size_t ossl_rand_get_entropy(OSSL_LIB_CTX *ctx, unsigned char **pout, int entropy, size_t min_len, size_t max_len); -void ossl_rand_cleanup_entropy(ossl_unused const OSSL_CORE_HANDLE *handle, +size_t ossl_rand_get_user_entropy(OSSL_LIB_CTX *ctx, + unsigned char **pout, int entropy, + size_t min_len, size_t max_len); +void ossl_rand_cleanup_entropy(OSSL_LIB_CTX *ctx, unsigned char *buf, size_t len); -size_t ossl_rand_get_nonce(ossl_unused const OSSL_CORE_HANDLE *handle, +size_t ossl_rand_get_nonce(OSSL_LIB_CTX *ctx, unsigned char **pout, size_t min_len, size_t max_len, const void *salt, size_t salt_len); -void ossl_rand_cleanup_nonce(ossl_unused const OSSL_CORE_HANDLE *handle, +size_t ossl_rand_get_user_nonce(OSSL_LIB_CTX *ctx, unsigned char **pout, + size_t min_len, size_t max_len, + const void *salt, size_t salt_len); +void ossl_rand_cleanup_nonce(OSSL_LIB_CTX *ctx, unsigned char *buf, size_t len); /* @@ -127,6 +133,7 @@ int ossl_pool_add_nonce_data(RAND_POOL *pool); # ifdef FIPS_MODULE EVP_RAND_CTX *ossl_rand_get0_private_noncreating(OSSL_LIB_CTX *ctx); +# else +EVP_RAND_CTX *ossl_rand_get0_seed_noncreating(OSSL_LIB_CTX *ctx); # endif - #endif diff --git a/include/openssl/core_dispatch.h b/include/openssl/core_dispatch.h index 73f040285c..6c952f18aa 100644 --- a/include/openssl/core_dispatch.h +++ b/include/openssl/core_dispatch.h @@ -176,6 +176,10 @@ OSSL_CORE_MAKE_FUNC(int, BIO_vsnprintf, OSSL_CORE_MAKE_FUNC(int, BIO_ctrl, (OSSL_CORE_BIO *bio, int cmd, long num, void *ptr)) +/* New seeding functions prototypes with the 101-104 series */ +#define OSSL_FUNC_GET_USER_ENTROPY 98 +#define OSSL_FUNC_GET_USER_NONCE 99 + #define OSSL_FUNC_SELF_TEST_CB 100 OSSL_CORE_MAKE_FUNC(void, self_test_cb, (OPENSSL_CORE_CTX *ctx, OSSL_CALLBACK **cb, void **cbarg)) @@ -188,12 +192,19 @@ OSSL_CORE_MAKE_FUNC(void, self_test_cb, (OPENSSL_CORE_CTX *ctx, OSSL_CALLBACK ** OSSL_CORE_MAKE_FUNC(size_t, get_entropy, (const OSSL_CORE_HANDLE *handle, unsigned char **pout, int entropy, size_t min_len, size_t max_len)) +OSSL_CORE_MAKE_FUNC(size_t, get_user_entropy, (const OSSL_CORE_HANDLE *handle, + unsigned char **pout, int entropy, + size_t min_len, size_t max_len)) OSSL_CORE_MAKE_FUNC(void, cleanup_entropy, (const OSSL_CORE_HANDLE *handle, unsigned char *buf, size_t len)) OSSL_CORE_MAKE_FUNC(size_t, get_nonce, (const OSSL_CORE_HANDLE *handle, unsigned char **pout, size_t min_len, size_t max_len, const void *salt, size_t salt_len)) +OSSL_CORE_MAKE_FUNC(size_t, get_user_nonce, (const OSSL_CORE_HANDLE *handle, + unsigned char **pout, size_t min_len, + size_t max_len, const void *salt, + size_t salt_len)) OSSL_CORE_MAKE_FUNC(void, cleanup_nonce, (const OSSL_CORE_HANDLE *handle, unsigned char *buf, size_t len)) |