{
if (dctx->uninstantiate)
dctx->uninstantiate(dctx);
- OPENSSL_cleanse(dctx, sizeof(DRBG_CTX));
+ OPENSSL_cleanse(&dctx->d, sizeof(dctx->d));
OPENSSL_free(dctx);
}
/* Although we'd like to cleanse here we can't because we have to
* test the uninstantiate really zeroes the data.
*/
- memset(dctx, 0, sizeof(DRBG_CTX));
+ memset(&dctx->d, 0, sizeof(dctx->d));
+ dctx->status = DRBG_STATUS_UNINITIALISED;
/* If method has problems uninstantiating, return error */
return rv;
}
return 1;
}
+int FIPS_drbg_set_rand_callbacks(DRBG_CTX *dctx,
+ size_t (*get_adin)(DRBG_CTX *ctx, unsigned char **pout),
+ void (*cleanup_adin)(DRBG_CTX *ctx, unsigned char *out, size_t olen),
+ int (*rand_seed_cb)(DRBG_CTX *ctx, const void *buf, int num),
+ int (*rand_add_cb)(DRBG_CTX *ctx,
+ const void *buf, int num, double entropy))
+ {
+ if (dctx->status != DRBG_STATUS_UNINITIALISED)
+ return 0;
+ dctx->get_adin = get_adin;
+ dctx->cleanup_adin = cleanup_adin;
+ dctx->rand_seed_cb = rand_seed_cb;
+ dctx->rand_add_cb = rand_add_cb;
+ return 1;
+ }
+
void *FIPS_drbg_get_app_data(DRBG_CTX *dctx)
{
return dctx->app_data;
}
FIPS_drbg_uninstantiate(dctx);
- p = (unsigned char *)dctx;
+ p = (unsigned char *)&dctx->d;
/* Standard says we have to check uninstantiate really zeroes
* the data...
*/
- for (i = 0; i < sizeof(DRBG_CTX); i++)
+ for (i = 0; i < sizeof(dctx->d); i++)
{
if (*p != 0)
{
return 0;
}
-
+
int fips_drbg_kat(DRBG_CTX *dctx, int nid, unsigned int flags)
{
int entropy, size_t min_len, size_t max_len),
void (*cleanup_nonce)(DRBG_CTX *ctx, unsigned char *out, size_t olen));
+int FIPS_drbg_set_rand_callbacks(DRBG_CTX *dctx,
+ size_t (*get_adin)(DRBG_CTX *ctx, unsigned char **pout),
+ void (*cleanup_adin)(DRBG_CTX *ctx, unsigned char *out, size_t olen),
+ int (*rand_seed_cb)(DRBG_CTX *ctx, const void *buf, int num),
+ int (*rand_add_cb)(DRBG_CTX *ctx,
+ const void *buf, int num, double entropy));
+
void *FIPS_drbg_get_app_data(DRBG_CTX *ctx);
void FIPS_drbg_set_app_data(DRBG_CTX *ctx, void *app_data);
size_t FIPS_drbg_get_blocklength(DRBG_CTX *dctx);