diff options
author | djm <> | 2009-01-09 12:15:52 +0000 |
---|---|---|
committer | djm <> | 2009-01-09 12:15:52 +0000 |
commit | 23f8d96f0f508b8bef2602049feee9c44228d34c (patch) | |
tree | a2a7787bc00e8f6a29153b8c6d9eb5e8f73d6269 /src/lib/libcrypto/rand | |
parent | 30562050421d947c3eb3c10edde6e87730b17471 (diff) | |
download | openbsd-23f8d96f0f508b8bef2602049feee9c44228d34c.tar.gz openbsd-23f8d96f0f508b8bef2602049feee9c44228d34c.tar.bz2 openbsd-23f8d96f0f508b8bef2602049feee9c44228d34c.zip |
resolve conflicts
Diffstat (limited to '')
-rw-r--r-- | src/lib/libcrypto/rand/Makefile | 71 | ||||
-rw-r--r-- | src/lib/libcrypto/rand/md_rand.c | 12 | ||||
-rw-r--r-- | src/lib/libcrypto/rand/rand.h | 29 | ||||
-rw-r--r-- | src/lib/libcrypto/rand/rand_err.c | 20 | ||||
-rw-r--r-- | src/lib/libcrypto/rand/rand_lcl.h | 11 | ||||
-rw-r--r-- | src/lib/libcrypto/rand/rand_lib.c | 71 | ||||
-rw-r--r-- | src/lib/libcrypto/rand/randfile.c | 66 |
7 files changed, 233 insertions, 47 deletions
diff --git a/src/lib/libcrypto/rand/Makefile b/src/lib/libcrypto/rand/Makefile index 27694aa664..30794305cb 100644 --- a/src/lib/libcrypto/rand/Makefile +++ b/src/lib/libcrypto/rand/Makefile | |||
@@ -17,9 +17,9 @@ TEST= randtest.c | |||
17 | APPS= | 17 | APPS= |
18 | 18 | ||
19 | LIB=$(TOP)/libcrypto.a | 19 | LIB=$(TOP)/libcrypto.a |
20 | LIBSRC=md_rand.c randfile.c rand_lib.c rand_err.c rand_egd.c \ | 20 | LIBSRC=md_rand.c randfile.c rand_lib.c rand_eng.c rand_err.c rand_egd.c \ |
21 | rand_win.c rand_unix.c rand_os2.c rand_nw.c | 21 | rand_win.c rand_unix.c rand_os2.c rand_nw.c |
22 | LIBOBJ=md_rand.o randfile.o rand_lib.o rand_err.o rand_egd.o \ | 22 | LIBOBJ=md_rand.o randfile.o rand_lib.o rand_eng.o rand_err.o rand_egd.o \ |
23 | rand_win.o rand_unix.o rand_os2.o rand_nw.o | 23 | rand_win.o rand_unix.o rand_os2.o rand_nw.o |
24 | 24 | ||
25 | SRC= $(LIBSRC) | 25 | SRC= $(LIBSRC) |
@@ -35,7 +35,7 @@ top: | |||
35 | all: lib | 35 | all: lib |
36 | 36 | ||
37 | lib: $(LIBOBJ) | 37 | lib: $(LIBOBJ) |
38 | $(AR) $(LIB) $(LIBOBJ) | 38 | $(ARX) $(LIB) $(LIBOBJ) |
39 | $(RANLIB) $(LIB) || echo Never mind. | 39 | $(RANLIB) $(LIB) || echo Never mind. |
40 | @touch lib | 40 | @touch lib |
41 | 41 | ||
@@ -79,17 +79,34 @@ clean: | |||
79 | md_rand.o: ../../e_os.h ../../include/openssl/asn1.h | 79 | md_rand.o: ../../e_os.h ../../include/openssl/asn1.h |
80 | md_rand.o: ../../include/openssl/bio.h ../../include/openssl/crypto.h | 80 | md_rand.o: ../../include/openssl/bio.h ../../include/openssl/crypto.h |
81 | md_rand.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h | 81 | md_rand.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h |
82 | md_rand.o: ../../include/openssl/evp.h ../../include/openssl/lhash.h | 82 | md_rand.o: ../../include/openssl/evp.h ../../include/openssl/fips.h |
83 | md_rand.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h | 83 | md_rand.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h |
84 | md_rand.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h | 84 | md_rand.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h |
85 | md_rand.o: ../../include/openssl/ossl_typ.h ../../include/openssl/rand.h | 85 | md_rand.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h |
86 | md_rand.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h | 86 | md_rand.o: ../../include/openssl/rand.h ../../include/openssl/safestack.h |
87 | md_rand.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h | 87 | md_rand.o: ../../include/openssl/sha.h ../../include/openssl/stack.h |
88 | md_rand.o: md_rand.c rand_lcl.h | 88 | md_rand.o: ../../include/openssl/symhacks.h md_rand.c rand_lcl.h |
89 | rand_egd.o: ../../include/openssl/buffer.h ../../include/openssl/e_os2.h | 89 | rand_egd.o: ../../include/openssl/buffer.h ../../include/openssl/e_os2.h |
90 | rand_egd.o: ../../include/openssl/opensslconf.h | 90 | rand_egd.o: ../../include/openssl/opensslconf.h |
91 | rand_egd.o: ../../include/openssl/ossl_typ.h ../../include/openssl/rand.h | 91 | rand_egd.o: ../../include/openssl/ossl_typ.h ../../include/openssl/rand.h |
92 | rand_egd.o: rand_egd.c | 92 | rand_egd.o: rand_egd.c |
93 | rand_eng.o: ../../e_os.h ../../include/openssl/asn1.h | ||
94 | rand_eng.o: ../../include/openssl/bio.h ../../include/openssl/buffer.h | ||
95 | rand_eng.o: ../../include/openssl/crypto.h ../../include/openssl/des.h | ||
96 | rand_eng.o: ../../include/openssl/des_old.h ../../include/openssl/e_os2.h | ||
97 | rand_eng.o: ../../include/openssl/ec.h ../../include/openssl/ecdh.h | ||
98 | rand_eng.o: ../../include/openssl/ecdsa.h ../../include/openssl/engine.h | ||
99 | rand_eng.o: ../../include/openssl/err.h ../../include/openssl/evp.h | ||
100 | rand_eng.o: ../../include/openssl/fips.h ../../include/openssl/fips_rand.h | ||
101 | rand_eng.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h | ||
102 | rand_eng.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h | ||
103 | rand_eng.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h | ||
104 | rand_eng.o: ../../include/openssl/pkcs7.h ../../include/openssl/rand.h | ||
105 | rand_eng.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h | ||
106 | rand_eng.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h | ||
107 | rand_eng.o: ../../include/openssl/ui.h ../../include/openssl/ui_compat.h | ||
108 | rand_eng.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h | ||
109 | rand_eng.o: ../cryptlib.h rand_eng.c rand_lcl.h | ||
93 | rand_err.o: ../../include/openssl/bio.h ../../include/openssl/crypto.h | 110 | rand_err.o: ../../include/openssl/bio.h ../../include/openssl/crypto.h |
94 | rand_err.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h | 111 | rand_err.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h |
95 | rand_err.o: ../../include/openssl/lhash.h ../../include/openssl/opensslconf.h | 112 | rand_err.o: ../../include/openssl/lhash.h ../../include/openssl/opensslconf.h |
@@ -99,34 +116,39 @@ rand_err.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h | |||
99 | rand_err.o: rand_err.c | 116 | rand_err.o: rand_err.c |
100 | rand_lib.o: ../../e_os.h ../../include/openssl/asn1.h | 117 | rand_lib.o: ../../e_os.h ../../include/openssl/asn1.h |
101 | rand_lib.o: ../../include/openssl/bio.h ../../include/openssl/buffer.h | 118 | rand_lib.o: ../../include/openssl/bio.h ../../include/openssl/buffer.h |
102 | rand_lib.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h | 119 | rand_lib.o: ../../include/openssl/crypto.h ../../include/openssl/des.h |
120 | rand_lib.o: ../../include/openssl/des_old.h ../../include/openssl/e_os2.h | ||
103 | rand_lib.o: ../../include/openssl/ec.h ../../include/openssl/ecdh.h | 121 | rand_lib.o: ../../include/openssl/ec.h ../../include/openssl/ecdh.h |
104 | rand_lib.o: ../../include/openssl/ecdsa.h ../../include/openssl/engine.h | 122 | rand_lib.o: ../../include/openssl/ecdsa.h ../../include/openssl/engine.h |
105 | rand_lib.o: ../../include/openssl/err.h ../../include/openssl/evp.h | 123 | rand_lib.o: ../../include/openssl/err.h ../../include/openssl/evp.h |
124 | rand_lib.o: ../../include/openssl/fips.h ../../include/openssl/fips_rand.h | ||
106 | rand_lib.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h | 125 | rand_lib.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h |
107 | rand_lib.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h | 126 | rand_lib.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h |
108 | rand_lib.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h | 127 | rand_lib.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h |
109 | rand_lib.o: ../../include/openssl/pkcs7.h ../../include/openssl/rand.h | 128 | rand_lib.o: ../../include/openssl/pkcs7.h ../../include/openssl/rand.h |
110 | rand_lib.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h | 129 | rand_lib.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h |
111 | rand_lib.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h | 130 | rand_lib.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h |
131 | rand_lib.o: ../../include/openssl/ui.h ../../include/openssl/ui_compat.h | ||
112 | rand_lib.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h | 132 | rand_lib.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h |
113 | rand_lib.o: ../cryptlib.h rand_lib.c | 133 | rand_lib.o: ../cryptlib.h rand_lcl.h rand_lib.c |
114 | rand_nw.o: ../../e_os.h ../../include/openssl/asn1.h | 134 | rand_nw.o: ../../e_os.h ../../include/openssl/asn1.h |
115 | rand_nw.o: ../../include/openssl/bio.h ../../include/openssl/buffer.h | 135 | rand_nw.o: ../../include/openssl/bio.h ../../include/openssl/buffer.h |
116 | rand_nw.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h | 136 | rand_nw.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h |
117 | rand_nw.o: ../../include/openssl/err.h ../../include/openssl/evp.h | 137 | rand_nw.o: ../../include/openssl/err.h ../../include/openssl/evp.h |
118 | rand_nw.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h | 138 | rand_nw.o: ../../include/openssl/fips.h ../../include/openssl/lhash.h |
119 | rand_nw.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h | 139 | rand_nw.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h |
120 | rand_nw.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h | 140 | rand_nw.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h |
121 | rand_nw.o: ../../include/openssl/rand.h ../../include/openssl/safestack.h | 141 | rand_nw.o: ../../include/openssl/ossl_typ.h ../../include/openssl/rand.h |
122 | rand_nw.o: ../../include/openssl/sha.h ../../include/openssl/stack.h | 142 | rand_nw.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h |
123 | rand_nw.o: ../../include/openssl/symhacks.h ../cryptlib.h rand_lcl.h rand_nw.c | 143 | rand_nw.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h |
144 | rand_nw.o: ../cryptlib.h rand_lcl.h rand_nw.c | ||
124 | rand_os2.o: ../../e_os.h ../../include/openssl/asn1.h | 145 | rand_os2.o: ../../e_os.h ../../include/openssl/asn1.h |
125 | rand_os2.o: ../../include/openssl/bio.h ../../include/openssl/buffer.h | 146 | rand_os2.o: ../../include/openssl/bio.h ../../include/openssl/buffer.h |
126 | rand_os2.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h | 147 | rand_os2.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h |
127 | rand_os2.o: ../../include/openssl/err.h ../../include/openssl/evp.h | 148 | rand_os2.o: ../../include/openssl/err.h ../../include/openssl/evp.h |
128 | rand_os2.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h | 149 | rand_os2.o: ../../include/openssl/fips.h ../../include/openssl/lhash.h |
129 | rand_os2.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h | 150 | rand_os2.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h |
151 | rand_os2.o: ../../include/openssl/opensslconf.h | ||
130 | rand_os2.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h | 152 | rand_os2.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h |
131 | rand_os2.o: ../../include/openssl/rand.h ../../include/openssl/safestack.h | 153 | rand_os2.o: ../../include/openssl/rand.h ../../include/openssl/safestack.h |
132 | rand_os2.o: ../../include/openssl/sha.h ../../include/openssl/stack.h | 154 | rand_os2.o: ../../include/openssl/sha.h ../../include/openssl/stack.h |
@@ -136,8 +158,8 @@ rand_unix.o: ../../e_os.h ../../include/openssl/asn1.h | |||
136 | rand_unix.o: ../../include/openssl/bio.h ../../include/openssl/buffer.h | 158 | rand_unix.o: ../../include/openssl/bio.h ../../include/openssl/buffer.h |
137 | rand_unix.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h | 159 | rand_unix.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h |
138 | rand_unix.o: ../../include/openssl/err.h ../../include/openssl/evp.h | 160 | rand_unix.o: ../../include/openssl/err.h ../../include/openssl/evp.h |
139 | rand_unix.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h | 161 | rand_unix.o: ../../include/openssl/fips.h ../../include/openssl/lhash.h |
140 | rand_unix.o: ../../include/openssl/objects.h | 162 | rand_unix.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h |
141 | rand_unix.o: ../../include/openssl/opensslconf.h | 163 | rand_unix.o: ../../include/openssl/opensslconf.h |
142 | rand_unix.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h | 164 | rand_unix.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h |
143 | rand_unix.o: ../../include/openssl/rand.h ../../include/openssl/safestack.h | 165 | rand_unix.o: ../../include/openssl/rand.h ../../include/openssl/safestack.h |
@@ -148,8 +170,9 @@ rand_win.o: ../../e_os.h ../../include/openssl/asn1.h | |||
148 | rand_win.o: ../../include/openssl/bio.h ../../include/openssl/buffer.h | 170 | rand_win.o: ../../include/openssl/bio.h ../../include/openssl/buffer.h |
149 | rand_win.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h | 171 | rand_win.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h |
150 | rand_win.o: ../../include/openssl/err.h ../../include/openssl/evp.h | 172 | rand_win.o: ../../include/openssl/err.h ../../include/openssl/evp.h |
151 | rand_win.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h | 173 | rand_win.o: ../../include/openssl/fips.h ../../include/openssl/lhash.h |
152 | rand_win.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h | 174 | rand_win.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h |
175 | rand_win.o: ../../include/openssl/opensslconf.h | ||
153 | rand_win.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h | 176 | rand_win.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h |
154 | rand_win.o: ../../include/openssl/rand.h ../../include/openssl/safestack.h | 177 | rand_win.o: ../../include/openssl/rand.h ../../include/openssl/safestack.h |
155 | rand_win.o: ../../include/openssl/sha.h ../../include/openssl/stack.h | 178 | rand_win.o: ../../include/openssl/sha.h ../../include/openssl/stack.h |
diff --git a/src/lib/libcrypto/rand/md_rand.c b/src/lib/libcrypto/rand/md_rand.c index 9783d0c23e..0f8dd3e00f 100644 --- a/src/lib/libcrypto/rand/md_rand.c +++ b/src/lib/libcrypto/rand/md_rand.c | |||
@@ -126,6 +126,10 @@ | |||
126 | 126 | ||
127 | #include <openssl/crypto.h> | 127 | #include <openssl/crypto.h> |
128 | #include <openssl/err.h> | 128 | #include <openssl/err.h> |
129 | #ifdef OPENSSL_FIPS | ||
130 | #include <openssl/fips.h> | ||
131 | #endif | ||
132 | |||
129 | 133 | ||
130 | #ifdef BN_DEBUG | 134 | #ifdef BN_DEBUG |
131 | # define PREDICT | 135 | # define PREDICT |
@@ -332,6 +336,14 @@ static int ssleay_rand_bytes(unsigned char *buf, int num) | |||
332 | #endif | 336 | #endif |
333 | int do_stir_pool = 0; | 337 | int do_stir_pool = 0; |
334 | 338 | ||
339 | #ifdef OPENSSL_FIPS | ||
340 | if(FIPS_mode()) | ||
341 | { | ||
342 | FIPSerr(FIPS_F_SSLEAY_RAND_BYTES,FIPS_R_NON_FIPS_METHOD); | ||
343 | return 0; | ||
344 | } | ||
345 | #endif | ||
346 | |||
335 | #ifdef PREDICT | 347 | #ifdef PREDICT |
336 | if (rand_predictable) | 348 | if (rand_predictable) |
337 | { | 349 | { |
diff --git a/src/lib/libcrypto/rand/rand.h b/src/lib/libcrypto/rand/rand.h index ac6c021763..ea89153cba 100644 --- a/src/lib/libcrypto/rand/rand.h +++ b/src/lib/libcrypto/rand/rand.h | |||
@@ -72,7 +72,7 @@ extern "C" { | |||
72 | #endif | 72 | #endif |
73 | 73 | ||
74 | #if defined(OPENSSL_FIPS) | 74 | #if defined(OPENSSL_FIPS) |
75 | #define FIPS_RAND_SIZE_T size_t | 75 | #define FIPS_RAND_SIZE_T int |
76 | #endif | 76 | #endif |
77 | 77 | ||
78 | /* Already defined in ossl_typ.h */ | 78 | /* Already defined in ossl_typ.h */ |
@@ -111,6 +111,15 @@ int RAND_query_egd_bytes(const char *path, unsigned char *buf, int bytes); | |||
111 | int RAND_egd(const char *path); | 111 | int RAND_egd(const char *path); |
112 | int RAND_egd_bytes(const char *path,int bytes); | 112 | int RAND_egd_bytes(const char *path,int bytes); |
113 | int RAND_poll(void); | 113 | int RAND_poll(void); |
114 | #ifndef OPENSSL_NO_ENGINE | ||
115 | #ifdef OPENSSL_FIPS | ||
116 | void int_RAND_init_engine_callbacks(void); | ||
117 | void int_RAND_set_callbacks( | ||
118 | int (*set_rand_func)(const RAND_METHOD *meth, | ||
119 | const RAND_METHOD **pmeth), | ||
120 | const RAND_METHOD *(*get_rand_func)(const RAND_METHOD **pmeth)); | ||
121 | #endif | ||
122 | #endif | ||
114 | 123 | ||
115 | #if defined(OPENSSL_SYS_WINDOWS) || defined(OPENSSL_SYS_WIN32) | 124 | #if defined(OPENSSL_SYS_WINDOWS) || defined(OPENSSL_SYS_WIN32) |
116 | 125 | ||
@@ -128,11 +137,29 @@ void ERR_load_RAND_strings(void); | |||
128 | /* Error codes for the RAND functions. */ | 137 | /* Error codes for the RAND functions. */ |
129 | 138 | ||
130 | /* Function codes. */ | 139 | /* Function codes. */ |
140 | #define RAND_F_ENG_RAND_GET_RAND_METHOD 108 | ||
141 | #define RAND_F_FIPS_RAND 103 | ||
142 | #define RAND_F_FIPS_RAND_BYTES 102 | ||
143 | #define RAND_F_FIPS_RAND_GET_RAND_METHOD 109 | ||
144 | #define RAND_F_FIPS_RAND_SET_DT 106 | ||
145 | #define RAND_F_FIPS_SET_DT 104 | ||
146 | #define RAND_F_FIPS_SET_PRNG_SEED 107 | ||
147 | #define RAND_F_FIPS_SET_TEST_MODE 105 | ||
131 | #define RAND_F_RAND_GET_RAND_METHOD 101 | 148 | #define RAND_F_RAND_GET_RAND_METHOD 101 |
132 | #define RAND_F_SSLEAY_RAND_BYTES 100 | 149 | #define RAND_F_SSLEAY_RAND_BYTES 100 |
133 | 150 | ||
134 | /* Reason codes. */ | 151 | /* Reason codes. */ |
152 | #define RAND_R_NON_FIPS_METHOD 105 | ||
153 | #define RAND_R_NOT_IN_TEST_MODE 106 | ||
154 | #define RAND_R_NO_KEY_SET 107 | ||
155 | #define RAND_R_PRNG_ASKING_FOR_TOO_MUCH 101 | ||
156 | #define RAND_R_PRNG_ERROR 108 | ||
157 | #define RAND_R_PRNG_KEYED 109 | ||
158 | #define RAND_R_PRNG_NOT_REKEYED 102 | ||
159 | #define RAND_R_PRNG_NOT_RESEEDED 103 | ||
135 | #define RAND_R_PRNG_NOT_SEEDED 100 | 160 | #define RAND_R_PRNG_NOT_SEEDED 100 |
161 | #define RAND_R_PRNG_SEED_MUST_NOT_MATCH_KEY 110 | ||
162 | #define RAND_R_PRNG_STUCK 104 | ||
136 | 163 | ||
137 | #ifdef __cplusplus | 164 | #ifdef __cplusplus |
138 | } | 165 | } |
diff --git a/src/lib/libcrypto/rand/rand_err.c b/src/lib/libcrypto/rand/rand_err.c index 386934dcd1..829fb44d77 100644 --- a/src/lib/libcrypto/rand/rand_err.c +++ b/src/lib/libcrypto/rand/rand_err.c | |||
@@ -1,6 +1,6 @@ | |||
1 | /* crypto/rand/rand_err.c */ | 1 | /* crypto/rand/rand_err.c */ |
2 | /* ==================================================================== | 2 | /* ==================================================================== |
3 | * Copyright (c) 1999-2005 The OpenSSL Project. All rights reserved. | 3 | * Copyright (c) 1999-2007 The OpenSSL Project. All rights reserved. |
4 | * | 4 | * |
5 | * Redistribution and use in source and binary forms, with or without | 5 | * Redistribution and use in source and binary forms, with or without |
6 | * modification, are permitted provided that the following conditions | 6 | * modification, are permitted provided that the following conditions |
@@ -70,6 +70,14 @@ | |||
70 | 70 | ||
71 | static ERR_STRING_DATA RAND_str_functs[]= | 71 | static ERR_STRING_DATA RAND_str_functs[]= |
72 | { | 72 | { |
73 | {ERR_FUNC(RAND_F_ENG_RAND_GET_RAND_METHOD), "ENG_RAND_GET_RAND_METHOD"}, | ||
74 | {ERR_FUNC(RAND_F_FIPS_RAND), "FIPS_RAND"}, | ||
75 | {ERR_FUNC(RAND_F_FIPS_RAND_BYTES), "FIPS_RAND_BYTES"}, | ||
76 | {ERR_FUNC(RAND_F_FIPS_RAND_GET_RAND_METHOD), "FIPS_RAND_GET_RAND_METHOD"}, | ||
77 | {ERR_FUNC(RAND_F_FIPS_RAND_SET_DT), "FIPS_RAND_SET_DT"}, | ||
78 | {ERR_FUNC(RAND_F_FIPS_SET_DT), "FIPS_SET_DT"}, | ||
79 | {ERR_FUNC(RAND_F_FIPS_SET_PRNG_SEED), "FIPS_SET_PRNG_SEED"}, | ||
80 | {ERR_FUNC(RAND_F_FIPS_SET_TEST_MODE), "FIPS_SET_TEST_MODE"}, | ||
73 | {ERR_FUNC(RAND_F_RAND_GET_RAND_METHOD), "RAND_get_rand_method"}, | 81 | {ERR_FUNC(RAND_F_RAND_GET_RAND_METHOD), "RAND_get_rand_method"}, |
74 | {ERR_FUNC(RAND_F_SSLEAY_RAND_BYTES), "SSLEAY_RAND_BYTES"}, | 82 | {ERR_FUNC(RAND_F_SSLEAY_RAND_BYTES), "SSLEAY_RAND_BYTES"}, |
75 | {0,NULL} | 83 | {0,NULL} |
@@ -77,7 +85,17 @@ static ERR_STRING_DATA RAND_str_functs[]= | |||
77 | 85 | ||
78 | static ERR_STRING_DATA RAND_str_reasons[]= | 86 | static ERR_STRING_DATA RAND_str_reasons[]= |
79 | { | 87 | { |
88 | {ERR_REASON(RAND_R_NON_FIPS_METHOD) ,"non fips method"}, | ||
89 | {ERR_REASON(RAND_R_NOT_IN_TEST_MODE) ,"not in test mode"}, | ||
90 | {ERR_REASON(RAND_R_NO_KEY_SET) ,"no key set"}, | ||
91 | {ERR_REASON(RAND_R_PRNG_ASKING_FOR_TOO_MUCH),"prng asking for too much"}, | ||
92 | {ERR_REASON(RAND_R_PRNG_ERROR) ,"prng error"}, | ||
93 | {ERR_REASON(RAND_R_PRNG_KEYED) ,"prng keyed"}, | ||
94 | {ERR_REASON(RAND_R_PRNG_NOT_REKEYED) ,"prng not rekeyed"}, | ||
95 | {ERR_REASON(RAND_R_PRNG_NOT_RESEEDED) ,"prng not reseeded"}, | ||
80 | {ERR_REASON(RAND_R_PRNG_NOT_SEEDED) ,"PRNG not seeded"}, | 96 | {ERR_REASON(RAND_R_PRNG_NOT_SEEDED) ,"PRNG not seeded"}, |
97 | {ERR_REASON(RAND_R_PRNG_SEED_MUST_NOT_MATCH_KEY),"prng seed must not match key"}, | ||
98 | {ERR_REASON(RAND_R_PRNG_STUCK) ,"prng stuck"}, | ||
81 | {0,NULL} | 99 | {0,NULL} |
82 | }; | 100 | }; |
83 | 101 | ||
diff --git a/src/lib/libcrypto/rand/rand_lcl.h b/src/lib/libcrypto/rand/rand_lcl.h index 618a8ec899..18cc9b1e4a 100644 --- a/src/lib/libcrypto/rand/rand_lcl.h +++ b/src/lib/libcrypto/rand/rand_lcl.h | |||
@@ -154,5 +154,16 @@ | |||
154 | #define MD(a,b,c) EVP_Digest(a,b,c,NULL,EVP_md2(), NULL) | 154 | #define MD(a,b,c) EVP_Digest(a,b,c,NULL,EVP_md2(), NULL) |
155 | #endif | 155 | #endif |
156 | 156 | ||
157 | #ifndef OPENSSL_NO_ENGINE | ||
158 | void int_RAND_set_callbacks( | ||
159 | int (*set_rand_func)(const RAND_METHOD *meth, | ||
160 | const RAND_METHOD **pmeth), | ||
161 | const RAND_METHOD *(*get_rand_func) | ||
162 | (const RAND_METHOD **pmeth)); | ||
163 | int eng_RAND_set_rand_method(const RAND_METHOD *meth, | ||
164 | const RAND_METHOD **pmeth); | ||
165 | const RAND_METHOD *eng_RAND_get_rand_method(const RAND_METHOD **pmeth); | ||
166 | #endif | ||
167 | |||
157 | 168 | ||
158 | #endif | 169 | #endif |
diff --git a/src/lib/libcrypto/rand/rand_lib.c b/src/lib/libcrypto/rand/rand_lib.c index 513e338985..da6b4e0e86 100644 --- a/src/lib/libcrypto/rand/rand_lib.c +++ b/src/lib/libcrypto/rand/rand_lib.c | |||
@@ -60,15 +60,82 @@ | |||
60 | #include <time.h> | 60 | #include <time.h> |
61 | #include "cryptlib.h" | 61 | #include "cryptlib.h" |
62 | #include <openssl/rand.h> | 62 | #include <openssl/rand.h> |
63 | #include "rand_lcl.h" | ||
64 | #ifdef OPENSSL_FIPS | ||
65 | #include <openssl/fips.h> | ||
66 | #include <openssl/fips_rand.h> | ||
67 | #endif | ||
68 | |||
63 | #ifndef OPENSSL_NO_ENGINE | 69 | #ifndef OPENSSL_NO_ENGINE |
64 | #include <openssl/engine.h> | 70 | #include <openssl/engine.h> |
65 | #endif | 71 | #endif |
66 | 72 | ||
73 | static const RAND_METHOD *default_RAND_meth = NULL; | ||
74 | |||
75 | #ifdef OPENSSL_FIPS | ||
76 | |||
77 | static int fips_RAND_set_rand_method(const RAND_METHOD *meth, | ||
78 | const RAND_METHOD **pmeth) | ||
79 | { | ||
80 | *pmeth = meth; | ||
81 | return 1; | ||
82 | } | ||
83 | |||
84 | static const RAND_METHOD *fips_RAND_get_rand_method(const RAND_METHOD **pmeth) | ||
85 | { | ||
86 | if (!*pmeth) | ||
87 | { | ||
88 | if(FIPS_mode()) | ||
89 | *pmeth=FIPS_rand_method(); | ||
90 | else | ||
91 | *pmeth = RAND_SSLeay(); | ||
92 | } | ||
93 | |||
94 | if(FIPS_mode() | ||
95 | && *pmeth != FIPS_rand_check()) | ||
96 | { | ||
97 | RANDerr(RAND_F_FIPS_RAND_GET_RAND_METHOD,RAND_R_NON_FIPS_METHOD); | ||
98 | return 0; | ||
99 | } | ||
100 | |||
101 | return *pmeth; | ||
102 | } | ||
103 | |||
104 | static int (*RAND_set_rand_method_func)(const RAND_METHOD *meth, | ||
105 | const RAND_METHOD **pmeth) | ||
106 | = fips_RAND_set_rand_method; | ||
107 | static const RAND_METHOD *(*RAND_get_rand_method_func) | ||
108 | (const RAND_METHOD **pmeth) | ||
109 | = fips_RAND_get_rand_method; | ||
110 | |||
111 | #ifndef OPENSSL_NO_ENGINE | ||
112 | void int_RAND_set_callbacks( | ||
113 | int (*set_rand_func)(const RAND_METHOD *meth, | ||
114 | const RAND_METHOD **pmeth), | ||
115 | const RAND_METHOD *(*get_rand_func) | ||
116 | (const RAND_METHOD **pmeth)) | ||
117 | { | ||
118 | RAND_set_rand_method_func = set_rand_func; | ||
119 | RAND_get_rand_method_func = get_rand_func; | ||
120 | } | ||
121 | #endif | ||
122 | |||
123 | int RAND_set_rand_method(const RAND_METHOD *meth) | ||
124 | { | ||
125 | return RAND_set_rand_method_func(meth, &default_RAND_meth); | ||
126 | } | ||
127 | |||
128 | const RAND_METHOD *RAND_get_rand_method(void) | ||
129 | { | ||
130 | return RAND_get_rand_method_func(&default_RAND_meth); | ||
131 | } | ||
132 | |||
133 | #else | ||
134 | |||
67 | #ifndef OPENSSL_NO_ENGINE | 135 | #ifndef OPENSSL_NO_ENGINE |
68 | /* non-NULL if default_RAND_meth is ENGINE-provided */ | 136 | /* non-NULL if default_RAND_meth is ENGINE-provided */ |
69 | static ENGINE *funct_ref =NULL; | 137 | static ENGINE *funct_ref =NULL; |
70 | #endif | 138 | #endif |
71 | static const RAND_METHOD *default_RAND_meth = NULL; | ||
72 | 139 | ||
73 | int RAND_set_rand_method(const RAND_METHOD *meth) | 140 | int RAND_set_rand_method(const RAND_METHOD *meth) |
74 | { | 141 | { |
@@ -129,6 +196,8 @@ int RAND_set_rand_engine(ENGINE *engine) | |||
129 | } | 196 | } |
130 | #endif | 197 | #endif |
131 | 198 | ||
199 | #endif | ||
200 | |||
132 | void RAND_cleanup(void) | 201 | void RAND_cleanup(void) |
133 | { | 202 | { |
134 | const RAND_METHOD *meth = RAND_get_rand_method(); | 203 | const RAND_METHOD *meth = RAND_get_rand_method(); |
diff --git a/src/lib/libcrypto/rand/randfile.c b/src/lib/libcrypto/rand/randfile.c index 005cb38cb0..f63fbc1731 100644 --- a/src/lib/libcrypto/rand/randfile.c +++ b/src/lib/libcrypto/rand/randfile.c | |||
@@ -81,10 +81,25 @@ | |||
81 | # include <sys/stat.h> | 81 | # include <sys/stat.h> |
82 | #endif | 82 | #endif |
83 | 83 | ||
84 | #ifdef _WIN32 | ||
85 | #define stat _stat | ||
86 | #define chmod _chmod | ||
87 | #define open _open | ||
88 | #define fdopen _fdopen | ||
89 | #endif | ||
90 | |||
84 | #undef BUFSIZE | 91 | #undef BUFSIZE |
85 | #define BUFSIZE 1024 | 92 | #define BUFSIZE 1024 |
86 | #define RAND_DATA 1024 | 93 | #define RAND_DATA 1024 |
87 | 94 | ||
95 | #ifdef OPENSSL_SYS_VMS | ||
96 | /* This declaration is a nasty hack to get around vms' extension to fopen | ||
97 | * for passing in sharing options being disabled by our /STANDARD=ANSI89 */ | ||
98 | static FILE *(*const vms_fopen)(const char *, const char *, ...) = | ||
99 | (FILE *(*)(const char *, const char *, ...))fopen; | ||
100 | #define VMS_OPEN_ATTRS "shr=get,put,upd,del","ctx=bin,stm","rfm=stm","rat=none","mrs=0" | ||
101 | #endif | ||
102 | |||
88 | /* #define RFILE ".rnd" - defined in ../../e_os.h */ | 103 | /* #define RFILE ".rnd" - defined in ../../e_os.h */ |
89 | 104 | ||
90 | /* Note that these functions are intended for seed files only. | 105 | /* Note that these functions are intended for seed files only. |
@@ -106,7 +121,11 @@ int RAND_load_file(const char *file, long bytes) | |||
106 | RAND_add(&sb,sizeof(sb),0.0); | 121 | RAND_add(&sb,sizeof(sb),0.0); |
107 | if (bytes == 0) return(ret); | 122 | if (bytes == 0) return(ret); |
108 | 123 | ||
124 | #ifdef OPENSSL_SYS_VMS | ||
125 | in=vms_fopen(file,"rb",VMS_OPEN_ATTRS); | ||
126 | #else | ||
109 | in=fopen(file,"rb"); | 127 | in=fopen(file,"rb"); |
128 | #endif | ||
110 | if (in == NULL) goto err; | 129 | if (in == NULL) goto err; |
111 | #if defined(S_IFBLK) && defined(S_IFCHR) | 130 | #if defined(S_IFBLK) && defined(S_IFCHR) |
112 | if (sb.st_mode & (S_IFBLK | S_IFCHR)) { | 131 | if (sb.st_mode & (S_IFBLK | S_IFCHR)) { |
@@ -167,7 +186,7 @@ int RAND_write_file(const char *file) | |||
167 | #endif | 186 | #endif |
168 | } | 187 | } |
169 | 188 | ||
170 | #if defined(O_CREAT) && !defined(OPENSSL_SYS_WIN32) | 189 | #if defined(O_CREAT) && !defined(OPENSSL_SYS_WIN32) && !defined(OPENSSL_SYS_VMS) |
171 | { | 190 | { |
172 | /* For some reason Win32 can't write to files created this way */ | 191 | /* For some reason Win32 can't write to files created this way */ |
173 | 192 | ||
@@ -178,8 +197,34 @@ int RAND_write_file(const char *file) | |||
178 | out = fdopen(fd, "wb"); | 197 | out = fdopen(fd, "wb"); |
179 | } | 198 | } |
180 | #endif | 199 | #endif |
200 | |||
201 | #ifdef OPENSSL_SYS_VMS | ||
202 | /* VMS NOTE: Prior versions of this routine created a _new_ | ||
203 | * version of the rand file for each call into this routine, then | ||
204 | * deleted all existing versions named ;-1, and finally renamed | ||
205 | * the current version as ';1'. Under concurrent usage, this | ||
206 | * resulted in an RMS race condition in rename() which could | ||
207 | * orphan files (see vms message help for RMS$_REENT). With the | ||
208 | * fopen() calls below, openssl/VMS now shares the top-level | ||
209 | * version of the rand file. Note that there may still be | ||
210 | * conditions where the top-level rand file is locked. If so, this | ||
211 | * code will then create a new version of the rand file. Without | ||
212 | * the delete and rename code, this can result in ascending file | ||
213 | * versions that stop at version 32767, and this routine will then | ||
214 | * return an error. The remedy for this is to recode the calling | ||
215 | * application to avoid concurrent use of the rand file, or | ||
216 | * synchronize usage at the application level. Also consider | ||
217 | * whether or not you NEED a persistent rand file in a concurrent | ||
218 | * use situation. | ||
219 | */ | ||
220 | |||
221 | out = vms_fopen(file,"rb+",VMS_OPEN_ATTRS); | ||
222 | if (out == NULL) | ||
223 | out = vms_fopen(file,"wb",VMS_OPEN_ATTRS); | ||
224 | #else | ||
181 | if (out == NULL) | 225 | if (out == NULL) |
182 | out = fopen(file,"wb"); | 226 | out = fopen(file,"wb"); |
227 | #endif | ||
183 | if (out == NULL) goto err; | 228 | if (out == NULL) goto err; |
184 | 229 | ||
185 | #ifndef NO_CHMOD | 230 | #ifndef NO_CHMOD |
@@ -201,25 +246,6 @@ int RAND_write_file(const char *file) | |||
201 | ret+=i; | 246 | ret+=i; |
202 | if (n <= 0) break; | 247 | if (n <= 0) break; |
203 | } | 248 | } |
204 | #ifdef OPENSSL_SYS_VMS | ||
205 | /* Try to delete older versions of the file, until there aren't | ||
206 | any */ | ||
207 | { | ||
208 | char *tmpf; | ||
209 | |||
210 | tmpf = OPENSSL_malloc(strlen(file) + 4); /* to add ";-1" and a nul */ | ||
211 | if (tmpf) | ||
212 | { | ||
213 | strcpy(tmpf, file); | ||
214 | strcat(tmpf, ";-1"); | ||
215 | while(delete(tmpf) == 0) | ||
216 | ; | ||
217 | rename(file,";1"); /* Make sure it's version 1, or we | ||
218 | will reach the limit (32767) at | ||
219 | some point... */ | ||
220 | } | ||
221 | } | ||
222 | #endif /* OPENSSL_SYS_VMS */ | ||
223 | 249 | ||
224 | fclose(out); | 250 | fclose(out); |
225 | OPENSSL_cleanse(buf,BUFSIZE); | 251 | OPENSSL_cleanse(buf,BUFSIZE); |