generic-library/openssl
1
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity

Avoid multiple lock using FIPS DRBG.

Browse Source 
Don't use multiple locks when SP800-90 DRBG is used outside FIPS mode.

PR#3176
Reviewed-by: Rich Salz <rsalz@openssl.org>
This commit is contained in:
Dr. Stephen Henson 2014-07-30 15:13:08 +01:00
parent 789b12599d
commit a3efe1b6e9
3 changed files with 12 additions and 14 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

22
crypto/rand/md_rand.c
View File

@ -335,6 +335,11 @@ static void ssleay_rand_seed(const void *buf, int num)
} }
static int ssleay_rand_bytes(unsigned char *buf, int num, int pseudo) static int ssleay_rand_bytes(unsigned char *buf, int num, int pseudo)
{
return md_rand_bytes_lock(buf, num, pseudo, 1);
}
int md_rand_bytes_lock(unsigned char *buf, int num, int pseudo, int lock)
{ {
static volatile int stirred_pool = 0; static volatile int stirred_pool = 0;
int i,j,k,st_num,st_idx; int i,j,k,st_num,st_idx;
@ -383,10 +388,7 @@ static int ssleay_rand_bytes(unsigned char *buf, int num, int pseudo)
* are fed into the hash function and the results are kept in the * are fed into the hash function and the results are kept in the
* global 'md'. * global 'md'.
*/ */
#ifdef OPENSSL_FIPS if (lock)
/* NB: in FIPS mode we are already under a lock */
if (!FIPS_mode())
#endif
CRYPTO_w_lock(CRYPTO_LOCK_RAND); CRYPTO_w_lock(CRYPTO_LOCK_RAND);
/* prevent ssleay_rand_bytes() from trying to obtain the lock again */ /* prevent ssleay_rand_bytes() from trying to obtain the lock again */
@ -466,9 +468,7 @@ static int ssleay_rand_bytes(unsigned char *buf, int num, int pseudo)
/* before unlocking, we must clear 'crypto_lock_rand' */ /* before unlocking, we must clear 'crypto_lock_rand' */
crypto_lock_rand = 0; crypto_lock_rand = 0;
#ifdef OPENSSL_FIPS if (lock)
if (!FIPS_mode())
#endif
CRYPTO_w_unlock(CRYPTO_LOCK_RAND); CRYPTO_w_unlock(CRYPTO_LOCK_RAND);
while (num > 0) while (num > 0)
@ -521,15 +521,11 @@ static int ssleay_rand_bytes(unsigned char *buf, int num, int pseudo)
MD_Init(&m); MD_Init(&m);
MD_Update(&m,(unsigned char *)&(md_c[0]),sizeof(md_c)); MD_Update(&m,(unsigned char *)&(md_c[0]),sizeof(md_c));
MD_Update(&m,local_md,MD_DIGEST_LENGTH); MD_Update(&m,local_md,MD_DIGEST_LENGTH);
#ifdef OPENSSL_FIPS if (lock)
if (!FIPS_mode())
#endif
CRYPTO_w_lock(CRYPTO_LOCK_RAND); CRYPTO_w_lock(CRYPTO_LOCK_RAND);
MD_Update(&m,md,MD_DIGEST_LENGTH); MD_Update(&m,md,MD_DIGEST_LENGTH);
MD_Final(&m,md); MD_Final(&m,md);
#ifdef OPENSSL_FIPS if (lock)
if (!FIPS_mode())
#endif
CRYPTO_w_unlock(CRYPTO_LOCK_RAND); CRYPTO_w_unlock(CRYPTO_LOCK_RAND);
EVP_MD_CTX_cleanup(&m); EVP_MD_CTX_cleanup(&m);

1
crypto/rand/rand_lcl.h
View File

@ -154,5 +154,6 @@
#define MD(a,b,c) EVP_Digest(a,b,c,NULL,EVP_md2(), NULL) #define MD(a,b,c) EVP_Digest(a,b,c,NULL,EVP_md2(), NULL)
#endif #endif
int md_rand_bytes_lock(unsigned char *buf, int num, int pseudo, int lock);
#endif #endif

3
crypto/rand/rand_lib.c
View File

@ -68,6 +68,7 @@
#ifdef OPENSSL_FIPS #ifdef OPENSSL_FIPS
#include <openssl/fips.h> #include <openssl/fips.h>
#include <openssl/fips_rand.h> #include <openssl/fips_rand.h>
#include "rand_lcl.h"
#endif #endif
#ifndef OPENSSL_NO_ENGINE #ifndef OPENSSL_NO_ENGINE
@ -199,7 +200,7 @@ static size_t drbg_get_entropy(DRBG_CTX *ctx, unsigned char **pout,
*pout = OPENSSL_malloc(min_len); *pout = OPENSSL_malloc(min_len);
if (!*pout) if (!*pout)
return 0; return 0;
if (RAND_SSLeay()->bytes(*pout, min_len) <= 0) if (md_rand_bytes_lock(*pout, min_len, 0, 0) <= 0)
{ {
OPENSSL_free(*pout); OPENSSL_free(*pout);
*pout = NULL; *pout = NULL;