1
/*
2
 * Copyright 2016-2023 The OpenSSL Project Authors. All Rights Reserved.
3
 *
4
 * Licensed under the Apache License 2.0 (the "License");
5
 * you may not use this file except in compliance with the License.
6
 * You may obtain a copy of the License at
7
 * https://www.openssl.org/source/license.html
8
 * or in the file LICENSE in the source distribution.
9
 */
10

11
#include <openssl/core_names.h>
12
#include <openssl/rand.h>
13
#include <openssl/provider.h>
14
#include "fuzzer.h"
15

16
static OSSL_FUNC_rand_newctx_fn fuzz_rand_newctx;
17
static OSSL_FUNC_rand_freectx_fn fuzz_rand_freectx;
18
static OSSL_FUNC_rand_instantiate_fn fuzz_rand_instantiate;
19
static OSSL_FUNC_rand_uninstantiate_fn fuzz_rand_uninstantiate;
20
static OSSL_FUNC_rand_generate_fn fuzz_rand_generate;
21
static OSSL_FUNC_rand_gettable_ctx_params_fn fuzz_rand_gettable_ctx_params;
22
static OSSL_FUNC_rand_get_ctx_params_fn fuzz_rand_get_ctx_params;
23
static OSSL_FUNC_rand_enable_locking_fn fuzz_rand_enable_locking;
24

25
static void *fuzz_rand_newctx(
26
         void *provctx, void *parent, const OSSL_DISPATCH *parent_dispatch)
27
{
28
    int *st = OPENSSL_malloc(sizeof(*st));
29

30
    if (st != NULL)
31
        *st = EVP_RAND_STATE_UNINITIALISED;
32
    return st;
33
}
34

35
static void fuzz_rand_freectx(ossl_unused void *vrng)
36
{
37
    OPENSSL_free(vrng);
38
}
39

40
static int fuzz_rand_instantiate(ossl_unused void *vrng,
41
                                 ossl_unused unsigned int strength,
42
                                 ossl_unused int prediction_resistance,
43
                                 ossl_unused const unsigned char *pstr,
44
                                 ossl_unused size_t pstr_len,
45
                                 ossl_unused const OSSL_PARAM params[])
46
{
47
    *(int *)vrng = EVP_RAND_STATE_READY;
48
    return 1;
49
}
50

51
static int fuzz_rand_uninstantiate(ossl_unused void *vrng)
52
{
53
    *(int *)vrng = EVP_RAND_STATE_UNINITIALISED;
54
    return 1;
55
}
56

57
static int fuzz_rand_generate(ossl_unused void *vdrbg,
58
                              unsigned char *out, size_t outlen,
59
                              ossl_unused unsigned int strength,
60
                              ossl_unused int prediction_resistance,
61
                              ossl_unused const unsigned char *adin,
62
                              ossl_unused size_t adinlen)
63
{
64
    unsigned char val = 1;
65
    size_t i;
66

67
    for (i = 0; i < outlen; i++)
68
        out[i] = val++;
69
    return 1;
70
}
71

72
static int fuzz_rand_enable_locking(ossl_unused void *vrng)
73
{
74
    return 1;
75
}
76

77
static int fuzz_rand_get_ctx_params(void *vrng, OSSL_PARAM params[])
78
{
79
    OSSL_PARAM *p;
80

81
    p = OSSL_PARAM_locate(params, OSSL_RAND_PARAM_STATE);
82
    if (p != NULL && !OSSL_PARAM_set_int(p, *(int *)vrng))
83
        return 0;
84

85
    p = OSSL_PARAM_locate(params, OSSL_RAND_PARAM_STRENGTH);
86
    if (p != NULL && !OSSL_PARAM_set_int(p, 500))
87
        return 0;
88

89
    p = OSSL_PARAM_locate(params, OSSL_RAND_PARAM_MAX_REQUEST);
90
    if (p != NULL && !OSSL_PARAM_set_size_t(p, INT_MAX))
91
        return 0;
92
    return 1;
93
}
94

95
static const OSSL_PARAM *fuzz_rand_gettable_ctx_params(ossl_unused void *vrng,
96
                                                       ossl_unused void *provctx)
97
{
98
    static const OSSL_PARAM known_gettable_ctx_params[] = {
99
        OSSL_PARAM_int(OSSL_RAND_PARAM_STATE, NULL),
100
        OSSL_PARAM_uint(OSSL_RAND_PARAM_STRENGTH, NULL),
101
        OSSL_PARAM_size_t(OSSL_RAND_PARAM_MAX_REQUEST, NULL),
102
        OSSL_PARAM_END
103
    };
104
    return known_gettable_ctx_params;
105
}
106

107
static const OSSL_DISPATCH fuzz_rand_functions[] = {
108
    { OSSL_FUNC_RAND_NEWCTX, (void (*)(void))fuzz_rand_newctx },
109
    { OSSL_FUNC_RAND_FREECTX, (void (*)(void))fuzz_rand_freectx },
110
    { OSSL_FUNC_RAND_INSTANTIATE, (void (*)(void))fuzz_rand_instantiate },
111
    { OSSL_FUNC_RAND_UNINSTANTIATE, (void (*)(void))fuzz_rand_uninstantiate },
112
    { OSSL_FUNC_RAND_GENERATE, (void (*)(void))fuzz_rand_generate },
113
    { OSSL_FUNC_RAND_ENABLE_LOCKING, (void (*)(void))fuzz_rand_enable_locking },
114
    { OSSL_FUNC_RAND_GETTABLE_CTX_PARAMS,
115
      (void(*)(void))fuzz_rand_gettable_ctx_params },
116
    { OSSL_FUNC_RAND_GET_CTX_PARAMS, (void(*)(void))fuzz_rand_get_ctx_params },
117
    OSSL_DISPATCH_END
118
};
119

120
static const OSSL_ALGORITHM fuzz_rand_rand[] = {
121
    { "fuzz", "provider=fuzz-rand", fuzz_rand_functions },
122
    { NULL, NULL, NULL }
123
};
124

125
static const OSSL_ALGORITHM *fuzz_rand_query(void *provctx,
126
                                             int operation_id,
127
                                             int *no_cache)
128
{
129
    *no_cache = 0;
130
    switch (operation_id) {
131
    case OSSL_OP_RAND:
132
        return fuzz_rand_rand;
133
    }
134
    return NULL;
135
}
136

137
/* Functions we provide to the core */
138
static const OSSL_DISPATCH fuzz_rand_method[] = {
139
    { OSSL_FUNC_PROVIDER_TEARDOWN, (void (*)(void))OSSL_LIB_CTX_free },
140
    { OSSL_FUNC_PROVIDER_QUERY_OPERATION, (void (*)(void))fuzz_rand_query },
141
    OSSL_DISPATCH_END
142
};
143

144
static int fuzz_rand_provider_init(const OSSL_CORE_HANDLE *handle,
145
                                   const OSSL_DISPATCH *in,
146
                                   const OSSL_DISPATCH **out, void **provctx)
147
{
148
    *provctx = OSSL_LIB_CTX_new();
149
    if (*provctx == NULL)
150
        return 0;
151
    *out = fuzz_rand_method;
152
    return 1;
153
}
154

155
static OSSL_PROVIDER *r_prov;
156

157
void FuzzerSetRand(void)
158
{
159
    if (!OSSL_PROVIDER_add_builtin(NULL, "fuzz-rand", fuzz_rand_provider_init)
160
        || !RAND_set_DRBG_type(NULL, "fuzz", NULL, NULL, NULL)
161
        || (r_prov = OSSL_PROVIDER_try_load(NULL, "fuzz-rand", 1)) == NULL)
162
        exit(1);
163
}
164

165
void FuzzerClearRand(void)
166
{
167
    OSSL_PROVIDER_unload(r_prov);
168
}
169

170