diff options
author | Pauli <paul.dale@oracle.com> | 2020-05-08 10:24:12 +1000 |
---|---|---|
committer | Pauli <paul.dale@oracle.com> | 2020-06-24 20:05:41 +1000 |
commit | bcc4ae675edd66242aa27f3ed3b7d1bf6f1005e3 (patch) | |
tree | 5563b087e49c211016dad385e06afc12c91779f6 /providers | |
parent | 2dee33dfb364c6e5d9339ddf9293991ec654b092 (diff) |
provider: add RAND algorithm tables
Reviewed-by: Matthias St. Pierre <Matthias.St.Pierre@ncp-e.com>
(Merged from https://github.com/openssl/openssl/pull/11682)
Diffstat (limited to 'providers')
-rw-r--r-- | providers/defltprov.c | 13 | ||||
-rw-r--r-- | providers/fips/fipsprov.c | 17 |
2 files changed, 30 insertions, 0 deletions
diff --git a/providers/defltprov.c b/providers/defltprov.c index 8e27b33fc2..c68e34770e 100644 --- a/providers/defltprov.c +++ b/providers/defltprov.c @@ -337,6 +337,17 @@ static const OSSL_ALGORITHM deflt_keyexch[] = { { NULL, NULL, NULL } }; +static const OSSL_ALGORITHM deflt_rands[] = { + { "TEST-RAND", "provider=default", test_rng_functions }, + { "HASH-DRBG", "provider=default", drbg_hash_functions }, +/* + { "HMAC-DRBG", "provider=default", drbg_hmac_functions }, + { "CTR-DRBG", "provider=default", drbg_ctr_functions }, +*/ + { "CRNGT:continuous-rng-test", "provider=default", crngt_functions }, + { NULL, NULL, NULL } +}; + static const OSSL_ALGORITHM deflt_signature[] = { #ifndef OPENSSL_NO_DSA { "DSA:dsaEncryption", "provider=default", dsa_signature_functions }, @@ -536,6 +547,8 @@ static const OSSL_ALGORITHM *deflt_query(void *provctx, int operation_id, return deflt_macs; case OSSL_OP_KDF: return deflt_kdfs; + case OSSL_OP_RAND: + return deflt_rands; case OSSL_OP_KEYMGMT: return deflt_keymgmt; case OSSL_OP_KEYEXCH: diff --git a/providers/fips/fipsprov.c b/providers/fips/fipsprov.c index 4d39570464..5927c9fedc 100644 --- a/providers/fips/fipsprov.c +++ b/providers/fips/fipsprov.c @@ -469,6 +469,21 @@ static const OSSL_ALGORITHM fips_kdfs[] = { { NULL, NULL, NULL } }; +static const OSSL_ALGORITHM fips_rands[] = { + /* + * The TEST RNG must be first, so it can be suppressed after the power up + * tests are completed. + */ + { "TEST-RAND", "provider=fips", test_rng_functions }, + { "HASH-DRBG", "provider=fips", drbg_hash_functions }, +/* + { "HMAC-DRBG", "provider=fips", drbg_hmac_functions }, + { "CTR-DRBG", "provider=fips", drbg_ctr_functions }, +*/ + { "CRNGT:continuous-rng-test", "provider=fips", crngt_functions }, + { NULL, NULL, NULL } +}; + static const OSSL_ALGORITHM fips_keyexch[] = { #ifndef OPENSSL_NO_DH { "DH:dhKeyAgreement", "provider=fips,fips=yes", dh_keyexch_functions }, @@ -533,6 +548,8 @@ static const OSSL_ALGORITHM *fips_query(void *provctx, int operation_id, return fips_macs; case OSSL_OP_KDF: return fips_kdfs; + case OSSL_OP_RAND: + return fips_rands; case OSSL_OP_KEYMGMT: return fips_keymgmt; case OSSL_OP_KEYEXCH: |