Commit Graph

111 Commits (fd3ed85c67174a0d3b6639ba9b237351d1c2201f)

Author SHA1 Message Date
Pauli 7d615e2178 rand_drbg: remove RAND_DRBG.
The RAND_DRBG API did not fit well into the new provider concept as
implemented by EVP_RAND and EVP_RAND_CTX. The main reason is that the
RAND_DRBG API is a mixture of 'front end' and 'back end' API calls
and some of its API calls are rather low-level. This holds in particular
for the callback mechanism (RAND_DRBG_set_callbacks()) and the RAND_DRBG
type changing mechanism (RAND_DRBG_set()).

Adding a compatibility layer to continue supporting the RAND_DRBG API as
a legacy API for a regular deprecation period turned out to come at the
price of complicating the new provider API unnecessarily. Since the
RAND_DRBG API exists only since version 1.1.1, it was decided by the OMC
to drop it entirely.

Other related changes:

Use RNG instead of DRBG in EVP_RAND documentation.  The documentation was
using DRBG in places where it should have been RNG or CSRNG.

Move the RAND_DRBG(7) documentation to EVP_RAND(7).

Reviewed-by: Matthias St. Pierre <>
(Merged from
2020-08-07 14:16:47 +10:00
Richard Levitte e39e295e20 Update copyright year
Reviewed-by: Nicola Tuveri <>
(Merged from
2020-07-16 14:47:04 +02:00
aSoujyuTanaka c35b853576 Enable WinCE build without deceiving _MSC_VER.
Reviewed-by: Mark J. Cox <>
Reviewed-by: Richard Levitte <>
(Merged from
2020-07-15 23:03:22 +02:00
Soujyu Tanaka 3d098890b2 Circumvent a problem of lacking GetEnvironmentVariable() in WindowsCE.
Reviewed-by: Richard Levitte <>
Reviewed-by: Matt Caswell <>
(Merged from
2019-03-29 09:51:24 +00:00
Richard Levitte 0db63de94c Following the license change, modify the boilerplates in crypto/rand/
[skip ci]

Reviewed-by: Matt Caswell <>
(Merged from
2018-12-06 15:14:05 +01:00
Dr. Matthias St. Pierre 040a03470c randfile.c: fix a Coverity warning
Reviewed-by: Richard Levitte <>
(Merged from
2018-10-28 23:35:20 +01:00
Dr. Matthias St. Pierre 6ec6448b93 RAND_load_file(): avoid adding small chunks to RAND_add()
Increase the load buffer size such that it exceeds the chunk
size by a comfortable amount. This is done to avoid calling
RAND_add() with a small final chunk. Instead, such a small
final chunk will be added together with the previous chunk
(unless it's the only one).

Related-to: #7449

Reviewed-by: Paul Dale <>
(Merged from
2018-10-26 08:38:08 +02:00
Dr. Matthias St. Pierre ec2d099fcc RAND_load_file(): return error if reseeding failed
The failure of RAND_load_file was only noticed because of the
heap corruption which was reported in #7499 and fixed in commit
5b4cb385c1. To prevent this in the future, RAND_load_file()
now explicitly checks RAND_status() and reports an error if it

Related-to: #7449

Reviewed-by: Paul Dale <>
(Merged from
2018-10-26 08:37:40 +02:00
Pauli 5c39a55d04 Use secure_getenv(3) when available.
Change all calls to getenv() inside libcrypto to use a new wrapper function
that use secure_getenv() if available and an issetugid then getenv if not.

CPU processor override flags are unchanged.

Extra checks for OPENSSL_issetugid() have been removed in favour of the
safe getenv.

Reviewed-by: Bernd Edlinger <>
(Merged from
2018-09-24 11:21:18 +10:00
Andy Polyakov b791355b5c rand/randfile.c: fix potential resource leak in RAND_load_file.
Found by Coverity.

Reviewed-by: Richard Levitte <>
(Merged from
2018-04-04 20:27:59 +02:00
Matt Caswell c4d3c19b4c Update copyright year
Reviewed-by: Richard Levitte <>
(Merged from
2018-04-03 13:57:12 +01:00
Kurt Roeckx 4cffafe967 Use the private RNG for data that is not public
Reviewed-by: Dr. Matthias St. Pierre <>
Reviewed-by: Rich Salz <>

Fixes: #4641
GH: #4665
2018-04-02 22:22:43 +02:00
Richard Levitte 5848be0488 Fix setbuf use for VMS C
The VMS C RTL has setbuf() working for short pointers only, probably
the FILE pointer will always be in P0 (the lower 4GB).  Fortunately,
this only generates a warning about possible data loss (doesn't apply
in this case) that we can simply turn off.

Reviewed-by: Tim Hudson <>
(Merged from
2018-03-29 10:34:11 +02:00
Andy Polyakov 242fcd695d rand/randfile.c: permit non-regular files in RAND_load_file.
Apparently applications rely on RAND_load_file's ability to work with
non-regular files, customarily with /dev/urandom, so that the ban was
not exactly appropriate.

Reviewed-by: Rich Salz <>
Reviewed-by: Bernd Edlinger <>
Reviewed-by: Paul Dale <>
Reviewed-by: Tim Hudson <>
(Merged from
2018-03-27 19:55:54 +02:00
Andy Polyakov 9d9dc6ac85 o_fopen.c,rand/randfile.c: compensate for e_os.h omission.
At earlier point e_os.h was omitted from a number of headers (in order
to emphasize OS neutrality), but this affected o_fopen.c and randfile.c
which are not OS-neutral, and contain some Win32-specific code.

Reviewed-by: Rich Salz <>
Reviewed-by: Richard Levitte <>
(Merged from
2018-03-21 10:12:36 +01:00
Andy Polyakov 3a63c0edab Resolve warnings in VC-WIN32 build, which allows to add /WX.
It's argued that /WX allows to keep better focus on new code, which
motivates its comeback...

Reviewed-by: Rich Salz <>
(Merged from
2017-11-13 10:58:57 +01:00
Richard Levitte b379fe6cd0 NO_SYS_TYPES_H isn't defined anywhere, stop using it as a guard
This is a vestige from pre-1.1.0 OpenSSL

Reviewed-by: Rich Salz <>
(Merged from
2017-08-25 15:50:59 +02:00
Rich Salz 54e5ba058b Fix use-after-free
Also fix a RANDerr call.

Reviewed-by: Andy Polyakov <>
(Merged from
2017-07-17 07:46:49 -04:00
Rich Salz 3ee1eac27a Standardize apps use of -rand, etc.
Standardized the -rand flag and added a new one:
    -rand file...
            Always reads the specified files
    -writerand file
            Always writes to the file on exit

For apps that use a config file, the RANDFILE config parameter reads
the file at startup (to seed the RNG) and write to it on exit if
the -writerand flag isn't used.

Ensured that every app that took -rand also took -writerand, and
made sure all of that agreed with all the documentation.

Fix error reporting in write_file and -rand

Reviewed-by: Paul Dale <>
(Merged from
2017-07-16 19:20:45 -04:00
Rich Salz 1ef4541813 Remove some now-unneeded VMS controls
Reviewed-by: Richard Levitte <>
(Merged from
2017-07-06 17:54:56 -04:00
Rich Salz 9ee344f5cd Cleanup RAND_load_file,RAND_write_file
Document an internal assumption that these are only for use with files,
and return an error if not. That made the code much simpler.
Leave it as writing 1024 bytes, even though we don't need more than 256
from a security perspective.  But the amount isn't specified, now, so we
can change it later if we want.

Reviewed-by: Richard Levitte <>
(Merged from
2017-07-06 13:59:11 -04:00
Rich Salz 810ef91707 Undo commit de02ec2
Original text:
    Check if a random "file" is really a device file, and treat it
    specially if it is.
    Add a few OpenBSD-specific cases.
    This is part of a large change submitted by Markus Friedl <markus@openbsd.or

Reviewed-by: Richard Levitte <>
Reviewed-by: Tim Hudson <>
(Merged from
2017-07-05 17:06:57 -04:00
Paul Hovey 6974fca49d updated macro spacing for styling purposes
Reviewed-by: Richard Levitte <>
Reviewed-by: Matt Caswell <>
CLA: trivial
2016-12-12 13:50:17 +00:00
Paul Hovey 8bd62abe00 fix undoes errors introduced by fc6076ca27?diff=split#diff-1014acebaa2c13d44ca196b9a433ef2eR184
Reviewed-by: Richard Levitte <>
Reviewed-by: Matt Caswell <>
CLA: trivial
2016-12-12 13:50:17 +00:00
Andy Polyakov 7dc0ad4d6d rand/randfile.c: treat empty string in RAND_file_name as error.
Suggested in GH#1589.

Reviewed-by: Rich Salz <>
2016-09-21 21:09:11 +02:00
Andy Polyakov ba8fa4e53a rand/randfile.c: rationalize __OpenBSD__ code path.
Reviewed-by: Rich Salz <>
2016-09-21 21:09:07 +02:00
Andy Polyakov 799c1293fc rand/randfile.c: restore fallback to $HOME for non-setuid programs.
Reported in GH#1589, but solution is different from suggested.

Reviewed-by: Rich Salz <>
2016-09-21 21:08:52 +02:00
Andy Polyakov fc6076ca27 rand/randfile.c: make it non-ASCII-savvy.
Reviewed-by: Richard Levitte <>
2016-06-22 21:52:08 +02:00
Andy Polyakov b73cfb137e rand/randfile.c: remove obsolete commentary.
Reviewed-by: Richard Levitte <>
2016-06-20 13:28:13 +02:00
Richard Levitte b8f304f70d Change default directory for the .rnd file on Windows and VMS
The previous change for Windows wasn't quite right.  Corrected to use
%HOME%, %USERPROFILE% and %SYSTEMPROFILE%, in that order.

Also adding the default home for VMS, SYS$LOGIN:

Reviewed-by: Matt Caswell <>
Reviewed-by: Andy Polyakov <>
2016-06-20 11:06:40 +02:00
Matt Caswell 13c03c8d6d Change default directory for storing the .rnd file on Windows
Previously we would try %RANDFILE%, then %HOME% and finally "C:".
Unfortunately this often ends up being "C:" which the user may not
have write permission for.

Now we try %RANDFILE% first, and then the same set of environment vars
as GetTempFile() uses, i.e. %TMP%, then %TEMP%, %USERPROFILE% and
%SYSTEMROOT%. If all else fails we fall back to %HOME% and only then "C:".

Reviewed-by: Rich Salz <>
2016-06-17 17:26:18 +01:00
Richard Levitte 06593767b2 Clean up the VMS hacks in crypto/rand/randfile.c
Reviewed-by: Andy Polyakov <>
2016-05-20 16:09:48 +02:00
Richard Levitte 8ff889c2a2 VMS: setbuf() only takes 32-bit pointers
Giving setbuf() a 64-bit pointer isn't faulty, as the argument is
passed by a 64-bit register anyway, so you only get a warning
(MAYLOSEDATA2) pointing out that only the least significant 32 bits
will be used.

However, we know that a FILE* returned by fopen() and such really is a
32-bit pointer (a study of the system header files make that clear),
so we temporarly turn off that warning when calling setbuf().

Reviewed-by: Andy Polyakov <>
2016-05-20 16:09:48 +02:00
Andy Polyakov 2e6d7799ff rand/randfile.c: remove _XOPEN_SOURCE definition.
Defintions of macros similar to _XOPEN_SOURCE belong in command line
or in worst case prior first #include directive in source. As for
macros is was allegedly controlling. One can argue that we are
probably better off demanding S_IS* macros but there are systems
that just don't comply, hence this compromise solution...

Reviewed-by: Rich Salz <>
2016-05-19 22:28:49 +02:00
Rich Salz b1322259d9 Copyright consolidation 09/10
Reviewed-by: Richard Levitte <>
2016-05-17 14:53:16 -04:00
Matt Caswell 3012e65039 Fix the no-posix-io option
Fix a compile failure with no-posix-io

Reviewed-by: Tim Hudson <>
2016-04-11 14:33:44 +01:00
Rich Salz 040d43b3ff OpenSSLDie --> OPENSSL_die
Also removed a bunch of unused define's from e_os.h

Reviewed-by: Richard Levitte <>
2016-03-08 14:46:17 -05:00
Emilia Kasper d8ca44ba41 Always DPURIFY
The use of the uninitialized buffer in the RNG has no real security
benefits and is only a nuisance when using memory sanitizers.

Reviewed-by: Rich Salz <>
Reviewed-by: Viktor Dukhovni <>
2016-01-29 16:33:13 +01:00
Rich Salz 349807608f Remove /* foo.c */ comments
This was done by the following
        find . -name '*.[ch]' | /tmp/pl
where /tmp/pl is the following three-line script:
        print unless $. == 1 && m@/\* .*\.[ch] \*/@;
        close ARGV if eof; # Close file to reset $.

And then some hand-editing of other files.

Reviewed-by: Viktor Dukhovni <>
2016-01-26 16:40:43 -05:00
Rich Salz 7644a9aef8 Rename some BUF_xxx to OPENSSL_xxx
Rename BUF_{strdup,strlcat,strlcpy,memdup,strndup,strnlen}
to OPENSSL_{strdup,strlcat,strlcpy,memdup,strndup,strnlen}
Add #define's for the old names.
Add CRYPTO_{memdup,strndup}, called by OPENSSL_{memdup,strndup} macros.

Reviewed-by: Tim Hudson <>
2015-12-16 16:14:49 -05:00
Rich Salz 68b00c2372 ifdef cleanup part 3: OPENSSL_SYSNAME
Remove MS_STATIC; it's a relic from platforms <32 bits.

Reviewed-by: Andy Polyakov <>
Reviewed-by: Tim Hudson <>
2015-01-23 11:58:26 -05:00
Rich Salz 27c7609cf8 ifdef cleanup, 2 remove OPENSSL_NO_SETVBUF_IONBF
Use setbuf(fp, NULL) instead of setvbuf().  This removes some
ifdef complexity because all of our platforms support setbuf.

Reviewed-by: Richard Levitte <>
2015-01-22 12:57:29 -05:00
Matt Caswell 35a1cc90bc More comment realignment
Reviewed-by: Tim Hudson <>
2015-01-22 09:20:10 +00:00
Matt Caswell 0f113f3ee4 Run util/openssl-format-source -v -c .
Reviewed-by: Tim Hudson <>
2015-01-22 09:20:09 +00:00
Matt Caswell c80fd6b215 Further comment changes for reformat (master)
Reviewed-by: Tim Hudson <>
2015-01-22 09:19:59 +00:00
Jakub Wilk 7be1d8764d Create ~/.rnd with mode 0600 instead of 0666
Because of a missing include <fcntl.h> we don't have O_CREATE and don't create
the file with open() using mode 0600 but fall back to using fopen() with the
default umask followed by a chmod().

Problem found by Jakub Wilk <>.
2014-06-08 21:15:48 +01:00
Andy Polyakov 0ecedec82d Fix OPNESSL vs. OPENSSL typos.
PR: 2613
Submitted by: Leena Heino
2012-01-15 13:39:10 +00:00
Dr. Stephen Henson ffbfbef943 more vxworks patches 2011-10-14 22:04:14 +00:00
Richard Levitte 537c982306 After some adjustments, apply the changes OpenSSL 1.0.0d on OpenVMS
submitted by Steven M. Schweda <>
2011-03-19 10:58:14 +00:00
Dr. Stephen Henson 70a5f5f9ab PR: 2372
Submitted by: "W.C.A. Wijngaards" <>
Reviewed by: steve

Fix OpenBSD compilation failure.
2010-11-18 12:30:01 +00:00