diff --git a/crypto/bn/bn_rand.c b/crypto/bn/bn_rand.c index d61b08dba2..2428a49efd 100644 --- a/crypto/bn/bn_rand.c +++ b/crypto/bn/bn_rand.c @@ -47,8 +47,8 @@ static int bnrand(BNRAND_FLAG flag, BIGNUM *rnd, int bits, int top, int bottom, } /* make a random number and set the top and bottom bits */ - b = flag == NORMAL ? rand_bytes_ex(libctx, buf, bytes) - : rand_priv_bytes_ex(libctx, buf, bytes); + b = flag == NORMAL ? RAND_bytes_ex(libctx, buf, bytes) + : RAND_priv_bytes_ex(libctx, buf, bytes); if (b <= 0) goto err; @@ -60,7 +60,7 @@ static int bnrand(BNRAND_FLAG flag, BIGNUM *rnd, int bits, int top, int bottom, unsigned char c; for (i = 0; i < bytes; i++) { - if (rand_bytes_ex(libctx, &c, 1) <= 0) + if (RAND_bytes_ex(libctx, &c, 1) <= 0) goto err; if (c >= 128 && i > 0) buf[i] = buf[i - 1]; @@ -280,7 +280,7 @@ int BN_generate_dsa_nonce(BIGNUM *out, const BIGNUM *range, goto err; } for (done = 0; done < num_k_bytes;) { - if (!rand_priv_bytes_ex(libctx, random_bytes, sizeof(random_bytes))) + if (!RAND_priv_bytes_ex(libctx, random_bytes, sizeof(random_bytes))) goto err; if (!EVP_DigestInit_ex(mdctx, md, NULL) diff --git a/crypto/rand/rand_lib.c b/crypto/rand/rand_lib.c index 0be9db1c5f..86952739c0 100644 --- a/crypto/rand/rand_lib.c +++ b/crypto/rand/rand_lib.c @@ -851,7 +851,7 @@ void RAND_add(const void *buf, int num, double randomness) * the default method, then just call RAND_bytes(). Otherwise make * sure we're instantiated and use the private DRBG. */ -int rand_priv_bytes_ex(OPENSSL_CTX *ctx, unsigned char *buf, int num) +int RAND_priv_bytes_ex(OPENSSL_CTX *ctx, unsigned char *buf, int num) { RAND_DRBG *drbg; const RAND_METHOD *meth = RAND_get_rand_method(); @@ -872,10 +872,10 @@ int rand_priv_bytes_ex(OPENSSL_CTX *ctx, unsigned char *buf, int num) int RAND_priv_bytes(unsigned char *buf, int num) { - return rand_priv_bytes_ex(NULL, buf, num); + return RAND_priv_bytes_ex(NULL, buf, num); } -int rand_bytes_ex(OPENSSL_CTX *ctx, unsigned char *buf, int num) +int RAND_bytes_ex(OPENSSL_CTX *ctx, unsigned char *buf, int num) { RAND_DRBG *drbg; const RAND_METHOD *meth = RAND_get_rand_method(); @@ -896,7 +896,7 @@ int rand_bytes_ex(OPENSSL_CTX *ctx, unsigned char *buf, int num) int RAND_bytes(unsigned char *buf, int num) { - return rand_bytes_ex(NULL, buf, num); + return RAND_bytes_ex(NULL, buf, num); } #if !defined(OPENSSL_NO_DEPRECATED_1_1_0) && !defined(FIPS_MODE) diff --git a/doc/internal/man3/rand_bytes_ex.pod b/doc/internal/man3/rand_bytes_ex.pod deleted file mode 100644 index e1bb0f04df..0000000000 --- a/doc/internal/man3/rand_bytes_ex.pod +++ /dev/null @@ -1,41 +0,0 @@ -=pod - -=head1 NAME - -rand_bytes_ex, rand_priv_bytes_ex -- internal random number routines - -=head1 SYNOPSIS - - #include "crypto/rand.h" - - int rand_bytes_ex(OPENSSL_CTX *ctx, unsigned char *buf, int num); - int rand_priv_bytes_ex(OPENSSL_CTX *ctx, unsigned char *buf, int num); - -=head1 DESCRIPTION - -rand_bytes_ex() and rand_priv_bytes_ex() are the equivalent of RAND_bytes() and -RAND_priv_bytes() in the public API except that they both take an additional -I parameter. -The DRBG used for the operation is the public or private DRBG associated with -the specified I. The parameter can be NULL, in which case -the default library ctx is used. -If the default RAND_METHOD has been changed then for compatibility reasons the -RAND_METHOD will be used in preference and the DRBG of the library context -ignored. - -=head1 RETURN VALUES - -rand_bytes_ex() and rand_bytes_priv_ex() return 0 or less on error or 1 on -success. - -=head1 COPYRIGHT - -Copyright 2019 The OpenSSL Project Authors. All Rights Reserved. - -Licensed under the Apache License 2.0 (the "License"). You may not use -this file except in compliance with the License. You can obtain a copy -in the file LICENSE in the source distribution or at -L. - -=cut diff --git a/doc/man3/RAND_bytes.pod b/doc/man3/RAND_bytes.pod index fb1e1c9a22..5da4692520 100644 --- a/doc/man3/RAND_bytes.pod +++ b/doc/man3/RAND_bytes.pod @@ -2,7 +2,8 @@ =head1 NAME -RAND_bytes, RAND_priv_bytes, RAND_pseudo_bytes - generate random data +RAND_bytes, RAND_priv_bytes, RAND_bytes_ex, RAND_priv_bytes_ex, +RAND_pseudo_bytes - generate random data =head1 SYNOPSIS @@ -11,6 +12,9 @@ RAND_bytes, RAND_priv_bytes, RAND_pseudo_bytes - generate random data int RAND_bytes(unsigned char *buf, int num); int RAND_priv_bytes(unsigned char *buf, int num); + int RAND_bytes_ex(OPENSSL_CTX *ctx, unsigned char *buf, int num); + int RAND_priv_bytes_ex(OPENSSL_CTX *ctx, unsigned char *buf, int num); + Deprecated since OpenSSL 1.1.0, can be hidden entirely by defining B with a suitable version value, see L: @@ -29,6 +33,15 @@ instance so that a compromise of the "public" PRNG instance will not affect the secrecy of these private values, as described in L and L. +RAND_bytes_ex() and RAND_priv_bytes_ex() are the same as RAND_bytes() and +RAND_priv_bytes() except that they both take an additional I parameter. +The DRBG used for the operation is the public or private DRBG associated with +the specified I. The parameter can be NULL, in which case +the default library context is used (see L. +If the default RAND_METHOD has been changed then for compatibility reasons the +RAND_METHOD will be used in preference and the DRBG of the library context +ignored. + =head1 NOTES Always check the error return value of RAND_bytes() and @@ -64,6 +77,10 @@ RAND_pseudo_bytes() was deprecated in OpenSSL 1.1.0; use RAND_bytes() instead. The RAND_priv_bytes() function was added in OpenSSL 1.1.1. +=item * + +The RAND_bytes_ex() and RAND_priv_bytes_ex() functions were added in OpenSSL 3.0 + =back =head1 COPYRIGHT diff --git a/include/crypto/rand.h b/include/crypto/rand.h index 81bcb60508..16fa737554 100644 --- a/include/crypto/rand.h +++ b/include/crypto/rand.h @@ -186,10 +186,4 @@ void rand_pool_cleanup(void); */ void rand_pool_keep_random_devices_open(int keep); -/* Equivalent of RAND_priv_bytes() but additionally taking an OPENSSL_CTX */ -int rand_priv_bytes_ex(OPENSSL_CTX *ctx, unsigned char *buf, int num); - -/* Equivalent of RAND_bytes() but additionally taking an OPENSSL_CTX */ -int rand_bytes_ex(OPENSSL_CTX *ctx, unsigned char *buf, int num); - #endif diff --git a/include/openssl/rand.h b/include/openssl/rand.h index 1cffab7c54..574592a69f 100644 --- a/include/openssl/rand.h +++ b/include/openssl/rand.h @@ -47,6 +47,13 @@ RAND_METHOD *RAND_OpenSSL(void); # endif int RAND_bytes(unsigned char *buf, int num); int RAND_priv_bytes(unsigned char *buf, int num); + +/* Equivalent of RAND_priv_bytes() but additionally taking an OPENSSL_CTX */ +int RAND_priv_bytes_ex(OPENSSL_CTX *ctx, unsigned char *buf, int num); + +/* Equivalent of RAND_bytes() but additionally taking an OPENSSL_CTX */ +int RAND_bytes_ex(OPENSSL_CTX *ctx, unsigned char *buf, int num); + DEPRECATEDIN_1_1_0(int RAND_pseudo_bytes(unsigned char *buf, int num)) void RAND_seed(const void *buf, int num); diff --git a/providers/implementations/ciphers/cipher_aes_cbc_hmac_sha1_hw.c b/providers/implementations/ciphers/cipher_aes_cbc_hmac_sha1_hw.c index 57e59c30c3..04f60216ae 100644 --- a/providers/implementations/ciphers/cipher_aes_cbc_hmac_sha1_hw.c +++ b/providers/implementations/ciphers/cipher_aes_cbc_hmac_sha1_hw.c @@ -23,7 +23,7 @@ int cipher_capable_aes_cbc_hmac_sha1(void) } #else -# include "crypto/rand.h" +# include # include "crypto/evp.h" # include "internal/constant_time.h" @@ -135,7 +135,7 @@ static size_t tls1_multi_block_encrypt(void *vctx, # endif /* ask for IVs in bulk */ - if (rand_bytes_ex(ctx->base.libctx, (IVs = blocks[0].c), 16 * x4) <= 0) + if (RAND_bytes_ex(ctx->base.libctx, (IVs = blocks[0].c), 16 * x4) <= 0) return 0; mctx = (SHA1_MB_CTX *) (storage + 32 - ((size_t)storage % 32)); /* align */ diff --git a/providers/implementations/ciphers/cipher_aes_cbc_hmac_sha256_hw.c b/providers/implementations/ciphers/cipher_aes_cbc_hmac_sha256_hw.c index 26bc8f7c49..5cfa76fde5 100644 --- a/providers/implementations/ciphers/cipher_aes_cbc_hmac_sha256_hw.c +++ b/providers/implementations/ciphers/cipher_aes_cbc_hmac_sha256_hw.c @@ -23,7 +23,7 @@ int cipher_capable_aes_cbc_hmac_sha256(void) } #else -# include "crypto/rand.h" +# include # include "crypto/evp.h" # include "internal/constant_time.h" @@ -139,7 +139,7 @@ static size_t tls1_multi_block_encrypt(void *vctx, # endif /* ask for IVs in bulk */ - if (rand_bytes_ex(ctx->base.libctx, (IVs = blocks[0].c), 16 * x4) <= 0) + if (RAND_bytes_ex(ctx->base.libctx, (IVs = blocks[0].c), 16 * x4) <= 0) return 0; mctx = (SHA256_MB_CTX *) (storage + 32 - ((size_t)storage % 32)); /* align */ diff --git a/providers/implementations/ciphers/cipher_des.c b/providers/implementations/ciphers/cipher_des.c index 200c365282..74539d3da4 100644 --- a/providers/implementations/ciphers/cipher_des.c +++ b/providers/implementations/ciphers/cipher_des.c @@ -9,7 +9,7 @@ #include "prov/ciphercommon.h" #include "cipher_des.h" -#include "crypto/rand.h" +#include #include "prov/implementations.h" #include "prov/providercommonerr.h" @@ -81,7 +81,7 @@ static int des_generatekey(PROV_CIPHER_CTX *ctx, void *ptr) DES_cblock *deskey = ptr; size_t kl = ctx->keylen; - if (kl == 0 || rand_priv_bytes_ex(ctx->libctx, ptr, kl) <= 0) + if (kl == 0 || RAND_priv_bytes_ex(ctx->libctx, ptr, kl) <= 0) return 0; DES_set_odd_parity(deskey); return 1; diff --git a/providers/implementations/ciphers/cipher_tdes.c b/providers/implementations/ciphers/cipher_tdes.c index e6dab582ca..80afcd5fd9 100644 --- a/providers/implementations/ciphers/cipher_tdes.c +++ b/providers/implementations/ciphers/cipher_tdes.c @@ -9,7 +9,7 @@ #include "prov/ciphercommon.h" #include "cipher_tdes.h" -#include "crypto/rand.h" +#include #include "prov/implementations.h" #include "prov/providercommonerr.h" @@ -71,7 +71,7 @@ static int tdes_generatekey(PROV_CIPHER_CTX *ctx, void *ptr) DES_cblock *deskey = ptr; size_t kl = ctx->keylen; - if (kl == 0 || rand_priv_bytes_ex(ctx->libctx, ptr, kl) <= 0) + if (kl == 0 || RAND_priv_bytes_ex(ctx->libctx, ptr, kl) <= 0) return 0; DES_set_odd_parity(deskey); if (kl >= 16) diff --git a/providers/implementations/ciphers/cipher_tdes_wrap.c b/providers/implementations/ciphers/cipher_tdes_wrap.c index a6f4e4efe4..9db60ad2c7 100644 --- a/providers/implementations/ciphers/cipher_tdes_wrap.c +++ b/providers/implementations/ciphers/cipher_tdes_wrap.c @@ -14,9 +14,9 @@ #include "internal/deprecated.h" #include +#include #include "cipher_tdes_default.h" #include "crypto/evp.h" -#include "crypto/rand.h" #include "prov/implementations.h" #include "prov/providercommonerr.h" @@ -98,7 +98,7 @@ static int des_ede3_wrap(PROV_CIPHER_CTX *ctx, unsigned char *out, memcpy(out + inl + ivlen, sha1tmp, icvlen); OPENSSL_cleanse(sha1tmp, SHA_DIGEST_LENGTH); /* Generate random IV */ - if (rand_bytes_ex(ctx->libctx, ctx->iv, ivlen) <= 0) + if (RAND_bytes_ex(ctx->libctx, ctx->iv, ivlen) <= 0) return 0; memcpy(out, ctx->iv, ivlen); /* Encrypt everything after IV in place */ diff --git a/providers/implementations/ciphers/ciphercommon_gcm.c b/providers/implementations/ciphers/ciphercommon_gcm.c index a6928e1ba3..a64462a5c1 100644 --- a/providers/implementations/ciphers/ciphercommon_gcm.c +++ b/providers/implementations/ciphers/ciphercommon_gcm.c @@ -12,7 +12,7 @@ #include "prov/ciphercommon.h" #include "prov/ciphercommon_gcm.h" #include "prov/providercommonerr.h" -#include "crypto/rand.h" +#include #include "prov/provider_ctx.h" static int gcm_tls_init(PROV_GCM_CTX *dat, unsigned char *aad, size_t aad_len); @@ -338,7 +338,7 @@ static int gcm_iv_generate(PROV_GCM_CTX *ctx, int offset) return 0; /* Use DRBG to generate random iv */ - if (rand_bytes_ex(ctx->libctx, ctx->iv + offset, sz) <= 0) + if (RAND_bytes_ex(ctx->libctx, ctx->iv + offset, sz) <= 0) return 0; ctx->iv_state = IV_STATE_BUFFERED; ctx->iv_gen_rand = 1; @@ -452,7 +452,7 @@ static int gcm_tls_iv_set_fixed(PROV_GCM_CTX *ctx, unsigned char *iv, if (len > 0) memcpy(ctx->iv, iv, len); if (ctx->enc - && rand_bytes_ex(ctx->libctx, ctx->iv + len, ctx->ivlen - len) <= 0) + && RAND_bytes_ex(ctx->libctx, ctx->iv + len, ctx->ivlen - len) <= 0) return 0; ctx->iv_gen = 1; ctx->iv_state = IV_STATE_BUFFERED; diff --git a/util/libcrypto.num b/util/libcrypto.num index c1f3978fbc..ce01244621 100644 --- a/util/libcrypto.num +++ b/util/libcrypto.num @@ -4918,3 +4918,5 @@ OSSL_SELF_TEST_get_callback ? 3_0_0 EXIST::FUNCTION: ASN1_TIME_dup ? 3_0_0 EXIST::FUNCTION: ASN1_UTCTIME_dup ? 3_0_0 EXIST::FUNCTION: ASN1_GENERALIZEDTIME_dup ? 3_0_0 EXIST::FUNCTION: +RAND_priv_bytes_ex ? 3_0_0 EXIST::FUNCTION: +RAND_bytes_ex ? 3_0_0 EXIST::FUNCTION: