diff --git a/fuzz/fuzz_rand.c b/fuzz/fuzz_rand.c index cd5371efbd..5bd343d8ae 100644 --- a/fuzz/fuzz_rand.c +++ b/fuzz/fuzz_rand.c @@ -41,7 +41,8 @@ static int fuzz_rand_instantiate(ossl_unused void *vrng, ossl_unused unsigned int strength, ossl_unused int prediction_resistance, ossl_unused const unsigned char *pstr, - ossl_unused size_t pstr_len) + ossl_unused size_t pstr_len, + ossl_unused const OSSL_PARAM params[]) { *(int *)vrng = EVP_RAND_STATE_READY; return 1; diff --git a/providers/implementations/rands/drbg.c b/providers/implementations/rands/drbg.c index fc8ac52ac2..a05c9397c8 100644 --- a/providers/implementations/rands/drbg.c +++ b/providers/implementations/rands/drbg.c @@ -365,9 +365,6 @@ int ossl_prov_drbg_instantiate(PROV_DRBG *drbg, unsigned int strength, size_t noncelen = 0, entropylen = 0; size_t min_entropy, min_entropylen, max_entropylen; - if (!ossl_prov_is_running()) - return 0; - if (strength > drbg->strength) { ERR_raise(ERR_LIB_PROV, PROV_R_INSUFFICIENT_DRBG_STRENGTH); goto end; diff --git a/providers/implementations/rands/drbg_ctr.c b/providers/implementations/rands/drbg_ctr.c index 066775aa52..48e8677ec8 100644 --- a/providers/implementations/rands/drbg_ctr.c +++ b/providers/implementations/rands/drbg_ctr.c @@ -18,6 +18,7 @@ #include "crypto/modes.h" #include "internal/thread_once.h" #include "prov/implementations.h" +#include "prov/providercommon.h" #include "prov/provider_ctx.h" #include "drbg_local.h" @@ -326,10 +327,13 @@ static int drbg_ctr_instantiate(PROV_DRBG *drbg, static int drbg_ctr_instantiate_wrapper(void *vdrbg, unsigned int strength, int prediction_resistance, const unsigned char *pstr, - size_t pstr_len) + size_t pstr_len, + const OSSL_PARAM params[]) { PROV_DRBG *drbg = (PROV_DRBG *)vdrbg; + if (!ossl_prov_is_running() || !drbg_ctr_set_ctx_params(drbg, params)) + return 0; return ossl_prov_drbg_instantiate(drbg, strength, prediction_resistance, pstr, pstr_len); } diff --git a/providers/implementations/rands/drbg_hash.c b/providers/implementations/rands/drbg_hash.c index c89b0cd5c3..4db104c773 100644 --- a/providers/implementations/rands/drbg_hash.c +++ b/providers/implementations/rands/drbg_hash.c @@ -266,10 +266,13 @@ static int drbg_hash_instantiate(PROV_DRBG *drbg, static int drbg_hash_instantiate_wrapper(void *vdrbg, unsigned int strength, int prediction_resistance, const unsigned char *pstr, - size_t pstr_len) + size_t pstr_len, + const OSSL_PARAM params[]) { PROV_DRBG *drbg = (PROV_DRBG *)vdrbg; + if (!ossl_prov_is_running() || !drbg_hash_set_ctx_params(drbg, params)) + return 0; return ossl_prov_drbg_instantiate(drbg, strength, prediction_resistance, pstr, pstr_len); } diff --git a/providers/implementations/rands/drbg_hmac.c b/providers/implementations/rands/drbg_hmac.c index 85b7adfe86..67c0339801 100644 --- a/providers/implementations/rands/drbg_hmac.c +++ b/providers/implementations/rands/drbg_hmac.c @@ -143,10 +143,13 @@ static int drbg_hmac_instantiate(PROV_DRBG *drbg, static int drbg_hmac_instantiate_wrapper(void *vdrbg, unsigned int strength, int prediction_resistance, const unsigned char *pstr, - size_t pstr_len) + size_t pstr_len, + const OSSL_PARAM params[]) { PROV_DRBG *drbg = (PROV_DRBG *)vdrbg; + if (!ossl_prov_is_running() || !drbg_hmac_set_ctx_params(drbg, params)) + return 0; return ossl_prov_drbg_instantiate(drbg, strength, prediction_resistance, pstr, pstr_len); } diff --git a/providers/implementations/rands/seed_src.c b/providers/implementations/rands/seed_src.c index b87aa0c6cd..ad315efb9b 100644 --- a/providers/implementations/rands/seed_src.c +++ b/providers/implementations/rands/seed_src.c @@ -70,7 +70,8 @@ static void seed_src_free(void *vseed) static int seed_src_instantiate(void *vseed, unsigned int strength, int prediction_resistance, - const unsigned char *pstr, size_t pstr_len) + const unsigned char *pstr, size_t pstr_len, + ossl_unused const OSSL_PARAM params[]) { PROV_SEED_SRC *s = (PROV_SEED_SRC *)vseed; diff --git a/providers/implementations/rands/test_rng.c b/providers/implementations/rands/test_rng.c index d28f7e0937..1335de8681 100644 --- a/providers/implementations/rands/test_rng.c +++ b/providers/implementations/rands/test_rng.c @@ -79,11 +79,12 @@ static void test_rng_free(void *vtest) static int test_rng_instantiate(void *vtest, unsigned int strength, int prediction_resistance, - const unsigned char *pstr, size_t pstr_len) + const unsigned char *pstr, size_t pstr_len, + const OSSL_PARAM params[]) { PROV_TEST_RNG *t = (PROV_TEST_RNG *)vtest; - if (strength > t->strength) + if (!test_rng_set_ctx_params(t, params) || strength > t->strength) return 0; t->state = EVP_RAND_STATE_READY; diff --git a/test/testutil/fake_random.c b/test/testutil/fake_random.c index 9d9b10feb1..f8b97d2287 100644 --- a/test/testutil/fake_random.c +++ b/test/testutil/fake_random.c @@ -48,7 +48,8 @@ static void fake_rand_freectx(void *vrng) static int fake_rand_instantiate(void *vrng, ossl_unused unsigned int strength, ossl_unused int prediction_resistance, ossl_unused const unsigned char *pstr, - size_t pstr_len) + size_t pstr_len, + ossl_unused const OSSL_PARAM params[]) { FAKE_RAND *frng = (FAKE_RAND *)vrng;