Only zeroise sensitive parts of DRBG context, so the type and flags

are undisturbed.

Allow setting of "rand" callbacks for DRBG.

diff --git a/fips/rand/fips_drbg_lib.c b/fips/rand/fips_drbg_lib.c
index 61caca79e601be38831c542c10e43d1cb753426e..5564538540ef6d324896831b1b9cb50dfaa64a11 100644 (file)
--- a/fips/rand/fips_drbg_lib.c
+++ b/fips/rand/fips_drbg_lib.c
@@ -114,7 +114,7 @@ void FIPS_drbg_free(DRBG_CTX *dctx)
        {
        if (dctx->uninstantiate)
                dctx->uninstantiate(dctx);
-       OPENSSL_cleanse(dctx, sizeof(DRBG_CTX));
+       OPENSSL_cleanse(&dctx->d, sizeof(dctx->d));
        OPENSSL_free(dctx);
        }
 
@@ -403,7 +403,8 @@ int FIPS_drbg_uninstantiate(DRBG_CTX *dctx)
        /* Although we'd like to cleanse here we can't because we have to
         * test the uninstantiate really zeroes the data.
         */
-       memset(dctx, 0, sizeof(DRBG_CTX));
+       memset(&dctx->d, 0, sizeof(dctx->d));
+       dctx->status = DRBG_STATUS_UNINITIALISED;
        /* If method has problems uninstantiating, return error */
        return rv;
        }
@@ -425,6 +426,22 @@ int FIPS_drbg_set_callbacks(DRBG_CTX *dctx,
        return 1;
        }
 
+int FIPS_drbg_set_rand_callbacks(DRBG_CTX *dctx,
+       size_t (*get_adin)(DRBG_CTX *ctx, unsigned char **pout),
+       void (*cleanup_adin)(DRBG_CTX *ctx, unsigned char *out, size_t olen),
+       int (*rand_seed_cb)(DRBG_CTX *ctx, const void *buf, int num),
+       int (*rand_add_cb)(DRBG_CTX *ctx,
+                               const void *buf, int num, double entropy))
+       {
+       if (dctx->status != DRBG_STATUS_UNINITIALISED)
+               return 0;
+       dctx->get_adin = get_adin;
+       dctx->cleanup_adin = cleanup_adin;
+       dctx->rand_seed_cb = rand_seed_cb;
+       dctx->rand_add_cb = rand_add_cb;
+       return 1;
+       }
+
 void *FIPS_drbg_get_app_data(DRBG_CTX *dctx)
        {
        return dctx->app_data;

diff --git a/fips/rand/fips_drbg_selftest.c b/fips/rand/fips_drbg_selftest.c
index c46fe58521c706a6bd5cbd4dd671d7be1e56097f..d1f9dd118be9683386fad09221e2989071e4d7e5 100644 (file)
--- a/fips/rand/fips_drbg_selftest.c
+++ b/fips/rand/fips_drbg_selftest.c
@@ -954,11 +954,11 @@ static int fips_drbg_health_check(DRBG_CTX *dctx, DRBG_SELFTEST_DATA *td)
                }
 
        FIPS_drbg_uninstantiate(dctx);
-       p = (unsigned char *)dctx;
+       p = (unsigned char *)&dctx->d;
        /* Standard says we have to check uninstantiate really zeroes
         * the data...
         */
-       for (i = 0; i < sizeof(DRBG_CTX); i++)
+       for (i = 0; i < sizeof(dctx->d); i++)
                {
                if (*p != 0)
                        {
@@ -980,7 +980,7 @@ static int fips_drbg_health_check(DRBG_CTX *dctx, DRBG_SELFTEST_DATA *td)
        return 0;
 
        }
-               
+
 
 int fips_drbg_kat(DRBG_CTX *dctx, int nid, unsigned int flags)
        {

diff --git a/fips/rand/fips_rand.h b/fips/rand/fips_rand.h
index 1d32c0f5dfb0b5306b04945a793c7a4ccb56966a..18ca8acbfc7d2231d8a6101a0aa7acef119ac586 100644 (file)
--- a/fips/rand/fips_rand.h
+++ b/fips/rand/fips_rand.h
@@ -97,6 +97,13 @@ int FIPS_drbg_set_callbacks(DRBG_CTX *dctx,
                                int entropy, size_t min_len, size_t max_len),
        void (*cleanup_nonce)(DRBG_CTX *ctx, unsigned char *out, size_t olen));
 
+int FIPS_drbg_set_rand_callbacks(DRBG_CTX *dctx,
+       size_t (*get_adin)(DRBG_CTX *ctx, unsigned char **pout),
+       void (*cleanup_adin)(DRBG_CTX *ctx, unsigned char *out, size_t olen),
+       int (*rand_seed_cb)(DRBG_CTX *ctx, const void *buf, int num),
+       int (*rand_add_cb)(DRBG_CTX *ctx,
+                               const void *buf, int num, double entropy));
+
 void *FIPS_drbg_get_app_data(DRBG_CTX *ctx);
 void FIPS_drbg_set_app_data(DRBG_CTX *ctx, void *app_data);
 size_t FIPS_drbg_get_blocklength(DRBG_CTX *dctx);