A local copy of OpenSSL from GitHub
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.

126 lines
3.0 KiB

Deprecate RAND_pseudo_bytes The justification for RAND_pseudo_bytes is somewhat dubious, and the reality is that it is frequently being misused. RAND_bytes and RAND_pseudo_bytes in the default implementation both end up calling ssleay_rand_bytes. Both may return -1 in an error condition. If there is insufficient entropy then both will return 0, but RAND_bytes will additionally add an error to the error queue. They both return 1 on success. Therefore the fundamental difference between the two is that one will add an error to the error queue with insufficient entory whilst the other will not. Frequently there are constructions of this form: if(RAND_pseudo_bytes(...) <= 1) goto err; In the above form insufficient entropy is treated as an error anyway, so RAND_bytes is probably the better form to use. This form is also seen: if(!RAND_pseudo_bytes(...)) goto err; This is technically not correct at all since a -1 return value is incorrectly handled - but this form will also treat insufficient entropy as an error. Within libssl it is required that you have correctly seeded your entropy pool and so there seems little benefit in using RAND_pseudo_bytes. Similarly in libcrypto many operations also require a correctly seeded entropy pool and so in most interesting cases you would be better off using RAND_bytes anyway. There is a significant risk of RAND_pseudo_bytes being incorrectly used in scenarios where security can be compromised by insufficient entropy. If you are not using the default implementation, then most engines use the same function to implement RAND_bytes and RAND_pseudo_bytes in any case. Given its misuse, limited benefit, and potential to compromise security, RAND_pseudo_bytes has been deprecated. Reviewed-by: Richard Levitte <levitte@openssl.org>
8 years ago
  1. /*
  2. * Copyright 1995-2016 The OpenSSL Project Authors. All Rights Reserved.
  3. *
  4. * Licensed under the OpenSSL license (the "License"). You may not use
  5. * this file except in compliance with the License. You can obtain a copy
  6. * in the file LICENSE in the source distribution or at
  7. * https://www.openssl.org/source/license.html
  8. */
  9. #include <stdio.h>
  10. #include <time.h>
  11. #include "internal/cryptlib.h"
  12. #include <openssl/opensslconf.h>
  13. #include "internal/rand.h"
  14. #include <openssl/engine.h>
  15. #ifdef OPENSSL_FIPS
  16. # include <openssl/fips.h>
  17. # include <openssl/fips_rand.h>
  18. #endif
  19. #ifndef OPENSSL_NO_ENGINE
  20. /* non-NULL if default_RAND_meth is ENGINE-provided */
  21. static ENGINE *funct_ref = NULL;
  22. #endif
  23. static const RAND_METHOD *default_RAND_meth = NULL;
  24. int RAND_set_rand_method(const RAND_METHOD *meth)
  25. {
  26. #ifndef OPENSSL_NO_ENGINE
  27. ENGINE_finish(funct_ref);
  28. funct_ref = NULL;
  29. #endif
  30. default_RAND_meth = meth;
  31. return 1;
  32. }
  33. const RAND_METHOD *RAND_get_rand_method(void)
  34. {
  35. if (!default_RAND_meth) {
  36. #ifndef OPENSSL_NO_ENGINE
  37. ENGINE *e = ENGINE_get_default_RAND();
  38. if (e) {
  39. default_RAND_meth = ENGINE_get_RAND(e);
  40. if (default_RAND_meth == NULL) {
  41. ENGINE_finish(e);
  42. e = NULL;
  43. }
  44. }
  45. if (e)
  46. funct_ref = e;
  47. else
  48. #endif
  49. default_RAND_meth = RAND_OpenSSL();
  50. }
  51. return default_RAND_meth;
  52. }
  53. #ifndef OPENSSL_NO_ENGINE
  54. int RAND_set_rand_engine(ENGINE *engine)
  55. {
  56. const RAND_METHOD *tmp_meth = NULL;
  57. if (engine) {
  58. if (!ENGINE_init(engine))
  59. return 0;
  60. tmp_meth = ENGINE_get_RAND(engine);
  61. if (tmp_meth == NULL) {
  62. ENGINE_finish(engine);
  63. return 0;
  64. }
  65. }
  66. /* This function releases any prior ENGINE so call it first */
  67. RAND_set_rand_method(tmp_meth);
  68. funct_ref = engine;
  69. return 1;
  70. }
  71. #endif
  72. void rand_cleanup_int(void)
  73. {
  74. const RAND_METHOD *meth = RAND_get_rand_method();
  75. if (meth && meth->cleanup)
  76. meth->cleanup();
  77. RAND_set_rand_method(NULL);
  78. }
  79. void RAND_seed(const void *buf, int num)
  80. {
  81. const RAND_METHOD *meth = RAND_get_rand_method();
  82. if (meth && meth->seed)
  83. meth->seed(buf, num);
  84. }
  85. void RAND_add(const void *buf, int num, double entropy)
  86. {
  87. const RAND_METHOD *meth = RAND_get_rand_method();
  88. if (meth && meth->add)
  89. meth->add(buf, num, entropy);
  90. }
  91. int RAND_bytes(unsigned char *buf, int num)
  92. {
  93. const RAND_METHOD *meth = RAND_get_rand_method();
  94. if (meth && meth->bytes)
  95. return meth->bytes(buf, num);
  96. return (-1);
  97. }
  98. #if OPENSSL_API_COMPAT < 0x10100000L
  99. int RAND_pseudo_bytes(unsigned char *buf, int num)
  100. {
  101. const RAND_METHOD *meth = RAND_get_rand_method();
  102. if (meth && meth->pseudorand)
  103. return meth->pseudorand(buf, num);
  104. return (-1);
  105. }
  106. #endif
  107. int RAND_status(void)
  108. {
  109. const RAND_METHOD *meth = RAND_get_rand_method();
  110. if (meth && meth->status)
  111. return meth->status();
  112. return 0;
  113. }