From 1335ca4b0799d1714a2f8e21525cb23edf660e93 Mon Sep 17 00:00:00 2001 From: Shane Lontis Date: Mon, 8 Mar 2021 19:17:53 +1000 Subject: Add ossl_rand symbols Partial fix for #12964 Reviewed-by: Paul Dale (Merged from https://github.com/openssl/openssl/pull/14473) --- crypto/init.c | 6 +++--- crypto/rand/prov_seed.c | 18 ++++++++-------- crypto/rand/rand_lib.c | 26 +++++++++++------------ crypto/rand/rand_local.h | 2 +- crypto/rand/rand_meth.c | 4 ++-- crypto/rand/rand_pool.c | 54 ++++++++++++++++++++++++------------------------ 6 files changed, 55 insertions(+), 55 deletions(-) (limited to 'crypto') diff --git a/crypto/init.c b/crypto/init.c index 09be58ea12..4bef667199 100644 --- a/crypto/init.c +++ b/crypto/init.c @@ -402,7 +402,7 @@ void OPENSSL_cleanup(void) /* * Note that cleanup order is important: - * - rand_cleanup_int could call an ENGINE's RAND cleanup function so + * - ossl_rand_cleanup_int could call an ENGINE's RAND cleanup function so * must be called before engine_cleanup_int() * - ENGINEs use CRYPTO_EX_DATA and therefore, must be cleaned up * before the ex data handlers are wiped during default ossl_lib_ctx deinit. @@ -411,8 +411,8 @@ void OPENSSL_cleanup(void) * - ENGINEs and additional EVP algorithms might use added OIDs names so * obj_cleanup_int() must be called last */ - OSSL_TRACE(INIT, "OPENSSL_cleanup: rand_cleanup_int()\n"); - rand_cleanup_int(); + OSSL_TRACE(INIT, "OPENSSL_cleanup: ossl_rand_cleanup_int()\n"); + ossl_rand_cleanup_int(); OSSL_TRACE(INIT, "OPENSSL_cleanup: conf_modules_free_int()\n"); conf_modules_free_int(); diff --git a/crypto/rand/prov_seed.c b/crypto/rand/prov_seed.c index f79955180a..d4677c34f5 100644 --- a/crypto/rand/prov_seed.c +++ b/crypto/rand/prov_seed.c @@ -20,7 +20,7 @@ size_t ossl_rand_get_entropy(ossl_unused OSSL_CORE_HANDLE *handle, size_t entropy_available; RAND_POOL *pool; - pool = rand_pool_new(entropy, 1, min_len, max_len); + pool = ossl_rand_pool_new(entropy, 1, min_len, max_len); if (pool == NULL) { ERR_raise(ERR_LIB_RAND, ERR_R_MALLOC_FAILURE); return 0; @@ -30,11 +30,11 @@ size_t ossl_rand_get_entropy(ossl_unused OSSL_CORE_HANDLE *handle, entropy_available = ossl_pool_acquire_entropy(pool); if (entropy_available > 0) { - ret = rand_pool_length(pool); - *pout = rand_pool_detach(pool); + ret = ossl_rand_pool_length(pool); + *pout = ossl_rand_pool_detach(pool); } - rand_pool_free(pool); + ossl_rand_pool_free(pool); return ret; } @@ -51,7 +51,7 @@ size_t ossl_rand_get_nonce(ossl_unused OSSL_CORE_HANDLE *handle, size_t ret = 0; RAND_POOL *pool; - pool = rand_pool_new(0, 0, min_len, max_len); + pool = ossl_rand_pool_new(0, 0, min_len, max_len); if (pool == NULL) { ERR_raise(ERR_LIB_RAND, ERR_R_MALLOC_FAILURE); return 0; @@ -60,12 +60,12 @@ size_t ossl_rand_get_nonce(ossl_unused OSSL_CORE_HANDLE *handle, if (!ossl_pool_add_nonce_data(pool)) goto err; - if (salt != NULL && !rand_pool_add(pool, salt, salt_len, 0)) + if (salt != NULL && !ossl_rand_pool_add(pool, salt, salt_len, 0)) goto err; - ret = rand_pool_length(pool); - *pout = rand_pool_detach(pool); + ret = ossl_rand_pool_length(pool); + *pout = ossl_rand_pool_detach(pool); err: - rand_pool_free(pool); + ossl_rand_pool_free(pool); return ret; } diff --git a/crypto/rand/rand_lib.c b/crypto/rand/rand_lib.c index 3cd34198c1..318540cff0 100644 --- a/crypto/rand/rand_lib.c +++ b/crypto/rand/rand_lib.c @@ -57,7 +57,7 @@ DEFINE_RUN_ONCE_STATIC(do_rand_init) goto err; # endif - if (!rand_pool_init()) + if (!ossl_rand_pool_init()) goto err; rand_inited = 1; @@ -75,7 +75,7 @@ DEFINE_RUN_ONCE_STATIC(do_rand_init) return 0; } -void rand_cleanup_int(void) +void ossl_rand_cleanup_int(void) { # ifndef OPENSSL_NO_DEPRECATED_3_0 const RAND_METHOD *meth = default_RAND_meth; @@ -87,7 +87,7 @@ void rand_cleanup_int(void) meth->cleanup(); RAND_set_rand_method(NULL); # endif - rand_pool_cleanup(); + ossl_rand_pool_cleanup(); # ifndef OPENSSL_NO_ENGINE CRYPTO_THREAD_lock_free(rand_engine_lock); rand_engine_lock = NULL; @@ -107,7 +107,7 @@ void rand_cleanup_int(void) void RAND_keep_random_devices_open(int keep) { if (RUN_ONCE(&rand_init, do_rand_init)) - rand_pool_keep_random_devices_open(keep); + ossl_rand_pool_keep_random_devices_open(keep); } /* @@ -128,9 +128,9 @@ int RAND_poll(void) if (!ret) { /* fill random pool and seed the current legacy RNG */ - RAND_POOL *pool = rand_pool_new(RAND_DRBG_STRENGTH, 1, - (RAND_DRBG_STRENGTH + 7) / 8, - RAND_POOL_MAX_LENGTH); + RAND_POOL *pool = ossl_rand_pool_new(RAND_DRBG_STRENGTH, 1, + (RAND_DRBG_STRENGTH + 7) / 8, + RAND_POOL_MAX_LENGTH); if (pool == NULL) return 0; @@ -139,14 +139,14 @@ int RAND_poll(void) goto err; if (meth->add == NULL - || meth->add(rand_pool_buffer(pool), - rand_pool_length(pool), - (rand_pool_entropy(pool) / 8.0)) == 0) + || meth->add(ossl_rand_pool_buffer(pool), + ossl_rand_pool_length(pool), + (ossl_rand_pool_entropy(pool) / 8.0)) == 0) goto err; ret = 1; err: - rand_pool_free(pool); + ossl_rand_pool_free(pool); } return ret; # else @@ -194,10 +194,10 @@ const RAND_METHOD *RAND_get_rand_method(void) default_RAND_meth = tmp_meth; } else { ENGINE_finish(e); - default_RAND_meth = &rand_meth; + default_RAND_meth = &ossl_rand_meth; } # else - default_RAND_meth = &rand_meth; + default_RAND_meth = &ossl_rand_meth; # endif } tmp_meth = default_RAND_meth; diff --git a/crypto/rand/rand_local.h b/crypto/rand/rand_local.h index d1c9bd7fec..bea8149bad 100644 --- a/crypto/rand/rand_local.h +++ b/crypto/rand/rand_local.h @@ -26,6 +26,6 @@ # define SECONDARY_RESEED_TIME_INTERVAL (7 * 60) /* 7 minutes */ /* The global RAND method, and the global buffer and DRBG instance. */ -extern RAND_METHOD rand_meth; +extern RAND_METHOD ossl_rand_meth; #endif diff --git a/crypto/rand/rand_meth.c b/crypto/rand/rand_meth.c index e9237a4cd9..0f2809412a 100644 --- a/crypto/rand/rand_meth.c +++ b/crypto/rand/rand_meth.c @@ -50,7 +50,7 @@ static int drbg_bytes(unsigned char *out, int count) return EVP_RAND_generate(drbg, out, count, 0, 0, NULL, 0); } -RAND_METHOD rand_meth = { +RAND_METHOD ossl_rand_meth = { drbg_seed, drbg_bytes, NULL, @@ -62,7 +62,7 @@ RAND_METHOD rand_meth = { RAND_METHOD *RAND_OpenSSL(void) { #ifndef FIPS_MODULE - return &rand_meth; + return &ossl_rand_meth; #else return NULL; #endif diff --git a/crypto/rand/rand_pool.c b/crypto/rand/rand_pool.c index ebb9078ce6..94bb1eab7c 100644 --- a/crypto/rand/rand_pool.c +++ b/crypto/rand/rand_pool.c @@ -19,8 +19,8 @@ /* * Allocate memory and initialize a new random pool */ -RAND_POOL *rand_pool_new(int entropy_requested, int secure, - size_t min_len, size_t max_len) +RAND_POOL *ossl_rand_pool_new(int entropy_requested, int secure, + size_t min_len, size_t max_len) { RAND_POOL *pool = OPENSSL_zalloc(sizeof(*pool)); size_t min_alloc_size = RAND_POOL_MIN_ALLOCATION(secure); @@ -62,8 +62,8 @@ err: * This function is intended to be used only for feeding random data * provided by RAND_add() and RAND_seed() into the DRBG. */ -RAND_POOL *rand_pool_attach(const unsigned char *buffer, size_t len, - size_t entropy) +RAND_POOL *ossl_rand_pool_attach(const unsigned char *buffer, size_t len, + size_t entropy) { RAND_POOL *pool = OPENSSL_zalloc(sizeof(*pool)); @@ -91,7 +91,7 @@ RAND_POOL *rand_pool_attach(const unsigned char *buffer, size_t len, /* * Free |pool|, securely erasing its buffer. */ -void rand_pool_free(RAND_POOL *pool) +void ossl_rand_pool_free(RAND_POOL *pool) { if (pool == NULL) return; @@ -99,8 +99,8 @@ void rand_pool_free(RAND_POOL *pool) /* * Although it would be advisable from a cryptographical viewpoint, * we are not allowed to clear attached buffers, since they are passed - * to rand_pool_attach() as `const unsigned char*`. - * (see corresponding comment in rand_pool_attach()). + * to ossl_rand_pool_attach() as `const unsigned char*`. + * (see corresponding comment in ossl_rand_pool_attach()). */ if (!pool->attached) { if (pool->secure) @@ -115,7 +115,7 @@ void rand_pool_free(RAND_POOL *pool) /* * Return the |pool|'s buffer to the caller (readonly). */ -const unsigned char *rand_pool_buffer(RAND_POOL *pool) +const unsigned char *ossl_rand_pool_buffer(RAND_POOL *pool) { return pool->buffer; } @@ -123,7 +123,7 @@ const unsigned char *rand_pool_buffer(RAND_POOL *pool) /* * Return the |pool|'s entropy to the caller. */ -size_t rand_pool_entropy(RAND_POOL *pool) +size_t ossl_rand_pool_entropy(RAND_POOL *pool) { return pool->entropy; } @@ -131,7 +131,7 @@ size_t rand_pool_entropy(RAND_POOL *pool) /* * Return the |pool|'s buffer length to the caller. */ -size_t rand_pool_length(RAND_POOL *pool) +size_t ossl_rand_pool_length(RAND_POOL *pool) { return pool->len; } @@ -140,9 +140,9 @@ size_t rand_pool_length(RAND_POOL *pool) * Detach the |pool| buffer and return it to the caller. * It's the responsibility of the caller to free the buffer * using OPENSSL_secure_clear_free() or to re-attach it - * again to the pool using rand_pool_reattach(). + * again to the pool using ossl_rand_pool_reattach(). */ -unsigned char *rand_pool_detach(RAND_POOL *pool) +unsigned char *ossl_rand_pool_detach(RAND_POOL *pool) { unsigned char *ret = pool->buffer; pool->buffer = NULL; @@ -154,7 +154,7 @@ unsigned char *rand_pool_detach(RAND_POOL *pool) * Re-attach the |pool| buffer. It is only allowed to pass * the |buffer| which was previously detached from the same pool. */ -void rand_pool_reattach(RAND_POOL *pool, unsigned char *buffer) +void ossl_rand_pool_reattach(RAND_POOL *pool, unsigned char *buffer) { pool->buffer = buffer; OPENSSL_cleanse(pool->buffer, pool->len); @@ -177,7 +177,7 @@ void rand_pool_reattach(RAND_POOL *pool, unsigned char *buffer) * |entropy| if the entropy count and buffer size is large enough * 0 otherwise */ -size_t rand_pool_entropy_available(RAND_POOL *pool) +size_t ossl_rand_pool_entropy_available(RAND_POOL *pool) { if (pool->entropy < pool->entropy_requested) return 0; @@ -193,7 +193,7 @@ size_t rand_pool_entropy_available(RAND_POOL *pool) * the random pool. */ -size_t rand_pool_entropy_needed(RAND_POOL *pool) +size_t ossl_rand_pool_entropy_needed(RAND_POOL *pool) { if (pool->entropy < pool->entropy_requested) return pool->entropy_requested - pool->entropy; @@ -243,10 +243,10 @@ static int rand_pool_grow(RAND_POOL *pool, size_t len) * In case of an error, 0 is returned. */ -size_t rand_pool_bytes_needed(RAND_POOL *pool, unsigned int entropy_factor) +size_t ossl_rand_pool_bytes_needed(RAND_POOL *pool, unsigned int entropy_factor) { size_t bytes_needed; - size_t entropy_needed = rand_pool_entropy_needed(pool); + size_t entropy_needed = ossl_rand_pool_entropy_needed(pool); if (entropy_factor < 1) { ERR_raise(ERR_LIB_RAND, RAND_R_ARGUMENT_OUT_OF_RANGE); @@ -269,7 +269,7 @@ size_t rand_pool_bytes_needed(RAND_POOL *pool, unsigned int entropy_factor) /* * Make sure the buffer is large enough for the requested amount * of data. This guarantees that existing code patterns where - * rand_pool_add_begin, rand_pool_add_end or rand_pool_add + * ossl_rand_pool_add_begin, ossl_rand_pool_add_end or ossl_rand_pool_add * are used to collect entropy data without any error handling * whatsoever, continue to be valid. * Furthermore if the allocation here fails once, make sure that @@ -288,7 +288,7 @@ size_t rand_pool_bytes_needed(RAND_POOL *pool, unsigned int entropy_factor) } /* Returns the remaining number of bytes available */ -size_t rand_pool_bytes_remaining(RAND_POOL *pool) +size_t ossl_rand_pool_bytes_remaining(RAND_POOL *pool) { return pool->max_len - pool->len; } @@ -302,7 +302,7 @@ size_t rand_pool_bytes_remaining(RAND_POOL *pool) * * Returns 1 if the added amount is adequate, otherwise 0 */ -int rand_pool_add(RAND_POOL *pool, +int ossl_rand_pool_add(RAND_POOL *pool, const unsigned char *buffer, size_t len, size_t entropy) { if (len > pool->max_len - pool->len) { @@ -318,7 +318,7 @@ int rand_pool_add(RAND_POOL *pool, if (len > 0) { /* * This is to protect us from accidentally passing the buffer - * returned from rand_pool_add_begin. + * returned from ossl_rand_pool_add_begin. * The check for alloc_len makes sure we do not compare the * address of the end of the allocated memory to something * different, since that comparison would have an @@ -332,7 +332,7 @@ int rand_pool_add(RAND_POOL *pool, * We have that only for cases when a pool is used to collect * additional data. * For entropy data, as long as the allocation request stays within - * the limits given by rand_pool_bytes_needed this rand_pool_grow + * the limits given by ossl_rand_pool_bytes_needed this rand_pool_grow * below is guaranteed to succeed, thus no allocation happens. */ if (!rand_pool_grow(pool, len)) @@ -354,10 +354,10 @@ int rand_pool_add(RAND_POOL *pool, * If |len| == 0 this is considered a no-op and a NULL pointer * is returned without producing an error message. * - * After updating the buffer, rand_pool_add_end() needs to be called + * After updating the buffer, ossl_rand_pool_add_end() needs to be called * to finish the update operation (see next comment). */ -unsigned char *rand_pool_add_begin(RAND_POOL *pool, size_t len) +unsigned char *ossl_rand_pool_add_begin(RAND_POOL *pool, size_t len) { if (len == 0) return NULL; @@ -374,7 +374,7 @@ unsigned char *rand_pool_add_begin(RAND_POOL *pool, size_t len) /* * As long as the allocation request stays within the limits given - * by rand_pool_bytes_needed this rand_pool_grow below is guaranteed + * by ossl_rand_pool_bytes_needed this rand_pool_grow below is guaranteed * to succeed, thus no allocation happens. * We have that only for cases when a pool is used to collect * additional data. Then the buffer might need to grow here, @@ -391,12 +391,12 @@ unsigned char *rand_pool_add_begin(RAND_POOL *pool, size_t len) * Finish to add random bytes to the random pool in-place. * * Finishes an in-place update of the random pool started by - * rand_pool_add_begin() (see previous comment). + * ossl_rand_pool_add_begin() (see previous comment). * It is expected that |len| bytes of random input have been added * to the buffer which contain at least |entropy| bits of randomness. * It is allowed to add less bytes than originally reserved. */ -int rand_pool_add_end(RAND_POOL *pool, size_t len, size_t entropy) +int ossl_rand_pool_add_end(RAND_POOL *pool, size_t len, size_t entropy) { if (len > pool->alloc_len - pool->len) { ERR_raise(ERR_LIB_RAND, RAND_R_RANDOM_POOL_OVERFLOW); -- cgit v1.2.3