64 #ifndef OPENSSL_NO_ENGINE
69 #include <openssl/fips.h>
70 #include <openssl/fips_rand.h>
73 #ifndef OPENSSL_NO_ENGINE
75 static ENGINE *funct_ref =NULL;
81 #ifndef OPENSSL_NO_ENGINE
88 default_RAND_meth = meth;
94 if (!default_RAND_meth)
96 #ifndef OPENSSL_NO_ENGINE
101 if(!default_RAND_meth)
113 return default_RAND_meth;
116 #ifndef OPENSSL_NO_ENGINE
149 if (meth && meth->
seed)
156 if (meth && meth->
add)
157 meth->
add(buf,num,entropy);
163 if (meth && meth->
bytes)
164 return meth->
bytes(buf,num);
194 static size_t drbg_get_entropy(DRBG_CTX *ctx,
unsigned char **pout,
195 int entropy,
size_t min_len,
size_t max_len)
198 min_len = ((min_len + 19) / 20) * 20;
211 static void drbg_free_entropy(DRBG_CTX *ctx,
unsigned char *out,
size_t olen)
221 static size_t drbg_get_adin(DRBG_CTX *ctx,
unsigned char **pout)
224 static unsigned char buf[16];
225 static unsigned long counter;
226 FIPS_get_timevec(buf, &counter);
235 static int drbg_rand_add(DRBG_CTX *ctx,
const void *in,
int inlen,
242 static int drbg_rand_seed(DRBG_CTX *ctx,
const void *in,
int inlen)
248 #ifndef OPENSSL_DRBG_DEFAULT_TYPE
249 #define OPENSSL_DRBG_DEFAULT_TYPE NID_aes_256_ctr
251 #ifndef OPENSSL_DRBG_DEFAULT_FLAGS
252 #define OPENSSL_DRBG_DEFAULT_FLAGS DRBG_FLAG_CTR_USE_DF
255 static int fips_drbg_type = OPENSSL_DRBG_DEFAULT_TYPE;
256 static int fips_drbg_flags = OPENSSL_DRBG_DEFAULT_FLAGS;
258 void RAND_set_fips_drbg_type(
int type,
int flags)
260 fips_drbg_type =
type;
261 fips_drbg_flags =
flags;
264 int RAND_init_fips(
void)
268 unsigned char pers[32], *
p;
269 dctx = FIPS_get_default_drbg();
270 if (FIPS_drbg_init(dctx, fips_drbg_type, fips_drbg_flags) <= 0)
276 FIPS_drbg_set_callbacks(dctx,
277 drbg_get_entropy, drbg_free_entropy, 20,
278 drbg_get_entropy, drbg_free_entropy);
279 FIPS_drbg_set_rand_callbacks(dctx, drbg_get_adin, 0,
280 drbg_rand_seed, drbg_rand_add);
282 strcpy((
char *)pers,
"OpenSSL DRBG2.0");
283 plen = drbg_get_adin(dctx, &p);
284 memcpy(pers + 16, p, plen);
286 if (FIPS_drbg_instantiate(dctx, pers,
sizeof(pers)) <= 0)
291 FIPS_rand_set_method(FIPS_drbg_method());