ctr-drbg: always use the DF for OpenSSL's DRBGs

Force the use of the derivation function when creating OpenSSL's internal DRBGs. FIPS mandates the use of a derivation function, so 3.4 cannot be validated as it stands which run counter to the indicator work that was included. Reviewed-by: Dmitry Belyavskiy <[email protected]> Reviewed-by: Tom Cosgrove <[email protected]> Reviewed-by: Hugo Landau <[email protected]> (Merged from openssl#25511) (cherry picked from commit 0ab796e)
siemens · Sep 24, 2024 · 260ecea · 260ecea
1 parent 9d71a66
commit 260ecea
Showing 1 changed file with 5 additions and 4 deletions.
diff --git a/crypto/rand/rand_lib.c b/crypto/rand/rand_lib.c
@@ -642,14 +642,15 @@ EVP_RAND_CTX *ossl_rand_get0_seed_noncreating(OSSL_LIB_CTX *ctx)
 
 static EVP_RAND_CTX *rand_new_drbg(OSSL_LIB_CTX *libctx, EVP_RAND_CTX *parent,
                                    unsigned int reseed_interval,
-                                   time_t reseed_time_interval, int use_df)
+                                   time_t reseed_time_interval)
 {
     EVP_RAND *rand;
     RAND_GLOBAL *dgbl = rand_get_global(libctx);
     EVP_RAND_CTX *ctx;
     OSSL_PARAM params[8], *p = params;
     const OSSL_PARAM *settables;
     char *name, *cipher;
+    int use_df = 1;
 
     if (dgbl == NULL)
         return NULL;
@@ -763,7 +764,7 @@ EVP_RAND_CTX *RAND_get0_primary(OSSL_LIB_CTX *ctx)
         ERR_pop_to_mark();
     }
     ret = rand_new_drbg(ctx, dgbl->seed, PRIMARY_RESEED_INTERVAL,
-                        PRIMARY_RESEED_TIME_INTERVAL, 1);
+                        PRIMARY_RESEED_TIME_INTERVAL);
 #endif
 
     /*
@@ -808,7 +809,7 @@ EVP_RAND_CTX *RAND_get0_public(OSSL_LIB_CTX *ctx)
                 && !ossl_init_thread_start(NULL, ctx, rand_delete_thread_state))
             return NULL;
         rand = rand_new_drbg(ctx, primary, SECONDARY_RESEED_INTERVAL,
-                             SECONDARY_RESEED_TIME_INTERVAL, 0);
+                             SECONDARY_RESEED_TIME_INTERVAL);
         CRYPTO_THREAD_set_local(&dgbl->public, rand);
     }
     return rand;
@@ -841,7 +842,7 @@ EVP_RAND_CTX *RAND_get0_private(OSSL_LIB_CTX *ctx)
                 && !ossl_init_thread_start(NULL, ctx, rand_delete_thread_state))
             return NULL;
         rand = rand_new_drbg(ctx, primary, SECONDARY_RESEED_INTERVAL,
-                             SECONDARY_RESEED_TIME_INTERVAL, 0);
+                             SECONDARY_RESEED_TIME_INTERVAL);
         CRYPTO_THREAD_set_local(&dgbl->private, rand);
     }
     return rand;