openssl/crypto
Pauli dc4e74ef6c evp_rand: documentation
EVP_RAND, the RNGs and provider-rand.

Reviewed-by: Matthias St. Pierre <Matthias.St.Pierre@ncp-e.com>
(Merged from https://github.com/openssl/openssl/pull/11682)
2020-06-24 20:07:46 +10:00
..
aes Avoid undefined behavior with unaligned accesses 2020-05-27 20:11:20 +02:00
aria
asn1 Remove whitespace from 'white space' 2020-06-19 07:59:46 +02:00
async Update copyright year 2020-04-23 13:55:52 +01:00
bf Update copyright year 2020-04-23 13:55:52 +01:00
bio Improve BIO_socket_wait(), BIO_wait(), BIO_connect_retry(), and their docs 2020-06-16 18:51:39 +02:00
bn Flag RSA secret BNs as consttime on keygen and checks 2020-06-21 13:45:27 +03:00
buffer
camellia Update copyright year 2020-04-23 13:55:52 +01:00
cast Fix logic error for building x86 CAST assembly 2020-06-14 12:35:34 -07:00
chacha Update copyright year 2020-04-23 13:55:52 +01:00
cmac The EVP_MAC functions have been renamed for consistency. The EVP_MAC_CTX_* 2020-06-11 11:16:37 +10:00
cmp Fix CMP -days option range checking and test failing with enable-ubsan 2020-06-22 16:39:26 +02:00
cms crypto/cms: add CAdES-BES signed attributes validation 2020-05-27 13:16:30 +02:00
comp
conf APPS: Remove make_config_name, use CONF_get1_default_config_file instead 2020-06-02 09:42:34 +02:00
crmf Fix CMP -days option range checking and test failing with enable-ubsan 2020-06-22 16:39:26 +02:00
ct Update copyright year 2020-05-15 14:09:49 +01:00
des Build: Remove faulty DES assembler spec 2020-06-20 11:02:18 +02:00
dh Make EVP_PKEY_CTX_[get|set]_group_name work for DH too 2020-06-19 10:19:31 +01:00
dsa Add ACVP fips module tests 2020-06-17 11:33:16 +10:00
dso Update copyright year 2020-05-15 14:09:49 +01:00
ec Ensure creating an EC public key uses the libctx 2020-06-19 10:34:58 +01:00
engine Update copyright year 2020-06-04 14:33:57 +01:00
err rand: core APIs for provider friendly random. 2020-06-24 20:05:41 +10:00
ess Fix no-ts builds. 2020-06-21 10:09:48 +02:00
evp CTR, HASH and HMAC DRBGs in provider 2020-06-24 20:05:42 +10:00
ffc Make EVP_PKEY_CTX_[get|set]_group_name work for DH too 2020-06-19 10:19:31 +01:00
hmac coverity 1462580 Improper use of negative value 2020-04-30 20:21:33 +10:00
http Improve BIO_socket_wait(), BIO_wait(), BIO_connect_retry(), and their docs 2020-06-16 18:51:39 +02:00
idea Update copyright year 2020-04-23 13:55:52 +01:00
include/internal Update copyright year 2020-05-15 14:09:49 +01:00
kdf
lhash
md2 Update copyright year 2020-04-23 13:55:52 +01:00
md4 Update copyright year 2020-04-23 13:55:52 +01:00
md5 Update copyright year 2020-04-23 13:55:52 +01:00
mdc2 Update copyright year 2020-04-23 13:55:52 +01:00
modes The EVP_MAC functions have been renamed for consistency. The EVP_MAC_CTX_* 2020-06-11 11:16:37 +10:00
objects GOST-related objects changes 2020-05-19 13:02:43 +03:00
ocsp Update copyright year 2020-05-15 14:09:49 +01:00
pem Update copyright year 2020-06-04 14:33:57 +01:00
perlasm Remove whitespace from 'white space' 2020-06-19 07:59:46 +02:00
pkcs7 Update copyright year 2020-05-15 14:09:49 +01:00
pkcs12 Update copyright year 2020-05-15 14:09:49 +01:00
poly1305 Update copyright year 2020-04-23 13:55:52 +01:00
property property: correctly set the has optional flag when merging property lists 2020-06-23 21:44:47 +10:00
rand evp_rand: documentation 2020-06-24 20:07:46 +10:00
rc2 Update copyright year 2020-04-23 13:55:52 +01:00
rc4 Update copyright year 2020-04-23 13:55:52 +01:00
rc5 Update copyright year 2020-04-23 13:55:52 +01:00
ripemd Update copyright year 2020-04-23 13:55:52 +01:00
rsa Fix potential double free in rsa_keygen pairwise test. 2020-06-23 12:28:48 +02:00
seed Update copyright year 2020-04-23 13:55:52 +01:00
serializer serialization: break the provider locating code to avoid deadlock. 2020-06-23 19:46:57 +10:00
sha Update copyright year 2020-04-23 13:55:52 +01:00
siphash
sm2 Update copyright year 2020-04-23 13:55:52 +01:00
sm3
sm4
srp In OpenSSL builds, declare STACK for datatypes ... 2020-04-24 16:42:46 +02:00
stack
store Fix mem leaks and allow missing pkey and/or cert in try_decode_PKCS12() 2020-06-08 05:37:48 +02:00
ts crypto/cms: add CAdES-BES signed attributes validation 2020-05-27 13:16:30 +02:00
txt_db
ui Update copyright year 2020-06-04 14:33:57 +01:00
whrlpool Avoid undefined behavior with unaligned accesses 2020-05-27 20:11:20 +02:00
x509 Update copyright year 2020-06-04 14:33:57 +01:00
alphacpuid.pl Update copyright year 2020-04-23 13:55:52 +01:00
arm64cpuid.pl Update copyright year 2020-04-23 13:55:52 +01:00
arm_arch.h
armcap.c
armv4cpuid.pl Update copyright year 2020-04-23 13:55:52 +01:00
asn1_dsa.c
bsearch.c
build.info Remove explicit dependency on configdata.pm when processing .in files 2020-05-13 10:14:53 +02:00
c64xpluscpuid.pl Update copyright year 2020-04-23 13:55:52 +01:00
context.c Rename FIPS_MODE to FIPS_MODULE 2020-04-28 15:37:37 +02:00
core_algorithm.c Update copyright year 2020-06-04 14:33:57 +01:00
core_fetch.c Update copyright year 2020-06-04 14:33:57 +01:00
core_namemap.c namemap: change ossl_namemap_empty() to do what the documentation says. 2020-06-21 16:49:51 +10:00
cpt_err.c
cryptlib.c
ctype.c
cversion.c
der_writer.c DER writer: Add the possibility to abandon empty SEQUENCEs 2020-05-14 12:16:35 +02:00
dllmain.c
ebcdic.c
ex_data.c Fix the parameter types of the CRYPTO_EX_dup function type. 2020-05-23 15:31:14 +02:00
getenv.c
ia64cpuid.S
info.c Print CPUINFO also for s390 processors 2020-06-22 02:35:01 +02:00
init.c
initthread.c Maintain strict type discipline between the core and providers 2020-05-16 17:10:03 +01:00
LPdir_nyi.c
LPdir_unix.c
LPdir_vms.c
LPdir_win32.c
LPdir_win.c
LPdir_wince.c
mem_clr.c
mem_sec.c Fix wrong return value check of mmap function 2020-06-23 10:08:28 +10:00
mem.c Rename FIPS_MODE to FIPS_MODULE 2020-04-28 15:37:37 +02:00
mips_arch.h
o_dir.c
o_fopen.c
o_init.c
o_str.c Update copyright year 2020-06-04 14:33:57 +01:00
o_time.c
packet.c WPACKET: don't write DER length when we don't want to 2020-05-04 05:50:06 +02:00
param_build_set.c Add EVP_PKEY_gettable_params support for accessing EVP_PKEY key data fields 2020-04-01 15:51:18 +10:00
param_build.c params: add OSSL_PARAM helpers for time_t. 2020-06-24 20:05:41 +10:00
params_from_text.c params: handle the modified sentinel. 2020-04-25 18:46:01 +10:00
params.c params: add OSSL_PARAM helpers for time_t. 2020-06-24 20:05:41 +10:00
pariscid.pl Update copyright year 2020-04-23 13:55:52 +01:00
ppc_arch.h
ppccap.c Update copyright year 2020-05-15 14:09:49 +01:00
ppccpuid.pl Update copyright year 2020-04-23 13:55:52 +01:00
provider_conf.c In OpenSSL builds, declare STACK for datatypes ... 2020-04-24 16:42:46 +02:00
provider_core.c Add the OSSL_PROVIDER_get_capabilities() API function 2020-06-19 10:19:31 +01:00
provider_local.h
provider_predefined.c Rename FIPS_MODE to FIPS_MODULE 2020-04-28 15:37:37 +02:00
provider.c Add the OSSL_PROVIDER_get_capabilities() API function 2020-06-19 10:19:31 +01:00
README.sparse_array
s390x_arch.h Update copyright year 2020-04-23 13:55:52 +01:00
s390xcap.c
s390xcpuid.pl Update copyright year 2020-04-23 13:55:52 +01:00
self_test_core.c Rename FIPS_MODE to FIPS_MODULE 2020-04-28 15:37:37 +02:00
sparc_arch.h
sparccpuid.S
sparcv9cap.c Update copyright year 2020-04-23 13:55:52 +01:00
sparse_array.c
threads_none.c
threads_pthread.c Update copyright year 2020-05-15 14:09:49 +01:00
threads_win.c Update copyright year 2020-04-23 13:55:52 +01:00
trace.c
uid.c
vms_rms.h
x86_64cpuid.pl Update copyright year 2020-04-23 13:55:52 +01:00
x86cpuid.pl Update copyright year 2020-04-23 13:55:52 +01:00

The sparse_array.c file contains an implementation of a sparse array that
attempts to be both space and time efficient.

The sparse array is represented using a tree structure.  Each node in the
tree contains a block of pointers to either the user supplied leaf values or
to another node.

There are a number of parameters used to define the block size:

    OPENSSL_SA_BLOCK_BITS   Specifies the number of bits covered by each block
    SA_BLOCK_MAX            Specifies the number of pointers in each block
    SA_BLOCK_MASK           Specifies a bit mask to perform modulo block size
    SA_BLOCK_MAX_LEVELS     Indicates the maximum possible height of the tree

These constants are inter-related:
    SA_BLOCK_MAX        = 2 ^ OPENSSL_SA_BLOCK_BITS
    SA_BLOCK_MASK       = SA_BLOCK_MAX - 1
    SA_BLOCK_MAX_LEVELS = number of bits in size_t divided by
                          OPENSSL_SA_BLOCK_BITS rounded up to the next multiple
                          of OPENSSL_SA_BLOCK_BITS

OPENSSL_SA_BLOCK_BITS can be defined at compile time and this overrides the
built in setting.

As a space and performance optimisation, the height of the tree is usually
less than the maximum possible height.  Only sufficient height is allocated to
accommodate the largest index added to the data structure.

The largest index used to add a value to the array determines the tree height:

        +----------------------+---------------------+
        | Largest Added Index  |   Height of Tree    |
        +----------------------+---------------------+
        | SA_BLOCK_MAX     - 1 |          1          |
        | SA_BLOCK_MAX ^ 2 - 1 |          2          |
        | SA_BLOCK_MAX ^ 3 - 1 |          3          |
        | ...                  |          ...        |
        | size_t max           | SA_BLOCK_MAX_LEVELS |
        +----------------------+---------------------+

The tree height is dynamically increased as needed based on additions.

An empty tree is represented by a NULL root pointer.  Inserting a value at
index 0 results in the allocation of a top level node full of null pointers
except for the single pointer to the user's data (N = SA_BLOCK_MAX for
brevity):

        +----+
        |Root|
        |Node|
        +-+--+
          |
          |
          |
          v
        +-+-+---+---+---+---+
        | 0 | 1 | 2 |...|N-1|
        |   |nil|nil|...|nil|
        +-+-+---+---+---+---+
          |
          |
          |
          v
        +-+--+
        |User|
        |Data|
        +----+
    Index 0


Inserting at element 2N+1 creates a new root node and pushes down the old root
node.  It then creates a second second level node to hold the pointer to the
user's new data:

        +----+
        |Root|
        |Node|
        +-+--+
          |
          |
          |
          v
        +-+-+---+---+---+---+
        | 0 | 1 | 2 |...|N-1|
        |   |nil|   |...|nil|
        +-+-+---+-+-+---+---+
          |       |
          |       +------------------+
          |                          |
          v                          v
        +-+-+---+---+---+---+      +-+-+---+---+---+---+
        | 0 | 1 | 2 |...|N-1|      | 0 | 1 | 2 |...|N-1|
        |nil|   |nil|...|nil|      |nil|   |nil|...|nil|
        +-+-+---+---+---+---+      +---+-+-+---+---+---+
          |                              |
          |                              |
          |                              |
          v                              v
        +-+--+                         +-+--+
        |User|                         |User|
        |Data|                         |Data|
        +----+                         +----+
    Index 0                       Index 2N+1


The nodes themselves are allocated in a sparse manner.  Only nodes which exist
along a path from the root of the tree to an added leaf will be allocated.
The complexity is hidden and nodes are allocated on an as needed basis.
Because the data is expected to be sparse this doesn't result in a large waste
of space.

Values can be removed from the sparse array by setting their index position to
NULL.  The data structure does not attempt to reclaim nodes or reduce the
height of the tree on removal.  For example, now setting index 0 to NULL would
result in:

        +----+
        |Root|
        |Node|
        +-+--+
          |
          |
          |
          v
        +-+-+---+---+---+---+
        | 0 | 1 | 2 |...|N-1|
        |   |nil|   |...|nil|
        +-+-+---+-+-+---+---+
          |       |
          |       +------------------+
          |                          |
          v                          v
        +-+-+---+---+---+---+      +-+-+---+---+---+---+
        | 0 | 1 | 2 |...|N-1|      | 0 | 1 | 2 |...|N-1|
        |nil|nil|nil|...|nil|      |nil|   |nil|...|nil|
        +---+---+---+---+---+      +---+-+-+---+---+---+
                                         |
                                         |
                                         |
                                         v
                                       +-+--+
                                       |User|
                                       |Data|
                                       +----+
                                  Index 2N+1


Accesses to elements in the sparse array take O(log n) time where n is the
largest element.  The base of the logarithm is SA_BLOCK_MAX, so for moderately
small indices (e.g. NIDs), single level (constant time) access is achievable.
Space usage is O(minimum(m, n log(n)) where m is the number of elements in the
array.

Note: sparse arrays only include pointers to types.  Thus, SPARSE_ARRAY_OF(char)
can be used to store a string.