1 /* 2 * Copyright 2016-2021 The OpenSSL Project Authors. All Rights Reserved. 3 * 4 * Licensed under the OpenSSL license (the "License"). You may not use 5 * this file except in compliance with the License. You can obtain a copy 6 * in the file LICENSE in the source distribution or at 7 * https://www.openssl.org/source/license.html 8 */ 9 10 /* 11 * Licensed under the OpenSSL licenses, (the "License"); 12 * you may not use this file except in compliance with the License. 13 * You may obtain a copy of the License at 14 * https://www.openssl.org/source/license.html 15 * or in the file LICENSE in the source distribution. 16 */ 17 18 #ifndef OSSL_CRYPTO_RAND_H 19 # define OSSL_CRYPTO_RAND_H 20 21 # include <openssl/rand.h> 22 23 # if defined(__APPLE__) && !defined(OPENSSL_NO_APPLE_CRYPTO_RANDOM) 24 # include <Availability.h> 25 # if (defined(__MAC_OS_X_VERSION_MIN_REQUIRED) && __MAC_OS_X_VERSION_MIN_REQUIRED >= 101200) || \ 26 (defined(__IPHONE_OS_VERSION_MIN_REQUIRED) && __IPHONE_OS_VERSION_MIN_REQUIRED >= 80000) 27 # define OPENSSL_APPLE_CRYPTO_RANDOM 1 28 # include <CommonCrypto/CommonCryptoError.h> 29 # include <CommonCrypto/CommonRandom.h> 30 # endif 31 # endif 32 33 /* forward declaration */ 34 typedef struct rand_pool_st RAND_POOL; 35 36 void rand_cleanup_int(void); 37 void rand_drbg_cleanup_int(void); 38 void drbg_delete_thread_state(void); 39 40 /* Hardware-based seeding functions. */ 41 size_t rand_acquire_entropy_from_tsc(RAND_POOL *pool); 42 size_t rand_acquire_entropy_from_cpu(RAND_POOL *pool); 43 44 /* DRBG entropy callbacks. */ 45 size_t rand_drbg_get_entropy(RAND_DRBG *drbg, 46 unsigned char **pout, 47 int entropy, size_t min_len, size_t max_len, 48 int prediction_resistance); 49 void rand_drbg_cleanup_entropy(RAND_DRBG *drbg, 50 unsigned char *out, size_t outlen); 51 size_t rand_drbg_get_nonce(RAND_DRBG *drbg, 52 unsigned char **pout, 53 int entropy, size_t min_len, size_t max_len); 54 void rand_drbg_cleanup_nonce(RAND_DRBG *drbg, 55 unsigned char *out, size_t outlen); 56 57 size_t rand_drbg_get_additional_data(RAND_POOL *pool, unsigned char **pout); 58 59 void rand_drbg_cleanup_additional_data(RAND_POOL *pool, unsigned char *out); 60 61 /* 62 * RAND_POOL functions 63 */ 64 RAND_POOL *rand_pool_new(int entropy_requested, int secure, 65 size_t min_len, size_t max_len); 66 RAND_POOL *rand_pool_attach(const unsigned char *buffer, size_t len, 67 size_t entropy); 68 void rand_pool_free(RAND_POOL *pool); 69 70 const unsigned char *rand_pool_buffer(RAND_POOL *pool); 71 unsigned char *rand_pool_detach(RAND_POOL *pool); 72 void rand_pool_reattach(RAND_POOL *pool, unsigned char *buffer); 73 74 size_t rand_pool_entropy(RAND_POOL *pool); 75 size_t rand_pool_length(RAND_POOL *pool); 76 77 size_t rand_pool_entropy_available(RAND_POOL *pool); 78 size_t rand_pool_entropy_needed(RAND_POOL *pool); 79 /* |entropy_factor| expresses how many bits of data contain 1 bit of entropy */ 80 size_t rand_pool_bytes_needed(RAND_POOL *pool, unsigned int entropy_factor); 81 size_t rand_pool_bytes_remaining(RAND_POOL *pool); 82 83 int rand_pool_add(RAND_POOL *pool, 84 const unsigned char *buffer, size_t len, size_t entropy); 85 unsigned char *rand_pool_add_begin(RAND_POOL *pool, size_t len); 86 int rand_pool_add_end(RAND_POOL *pool, size_t len, size_t entropy); 87 88 89 /* 90 * Add random bytes to the pool to acquire requested amount of entropy 91 * 92 * This function is platform specific and tries to acquire the requested 93 * amount of entropy by polling platform specific entropy sources. 94 * 95 * If the function succeeds in acquiring at least |entropy_requested| bits 96 * of entropy, the total entropy count is returned. If it fails, it returns 97 * an entropy count of 0. 98 */ 99 size_t rand_pool_acquire_entropy(RAND_POOL *pool); 100 101 /* 102 * Add some application specific nonce data 103 * 104 * This function is platform specific and adds some application specific 105 * data to the nonce used for instantiating the drbg. 106 * 107 * This data currently consists of the process and thread id, and a high 108 * resolution timestamp. The data does not include an atomic counter, 109 * because that is added by the calling function rand_drbg_get_nonce(). 110 * 111 * Returns 1 on success and 0 on failure. 112 */ 113 int rand_pool_add_nonce_data(RAND_POOL *pool); 114 115 116 /* 117 * Add some platform specific additional data 118 * 119 * This function is platform specific and adds some random noise to the 120 * additional data used for generating random bytes and for reseeding 121 * the drbg. 122 * 123 * Returns 1 on success and 0 on failure. 124 */ 125 int rand_pool_add_additional_data(RAND_POOL *pool); 126 127 /* 128 * Initialise the random pool reseeding sources. 129 * 130 * Returns 1 on success and 0 on failure. 131 */ 132 int rand_pool_init(void); 133 134 /* 135 * Finalise the random pool reseeding sources. 136 */ 137 void rand_pool_cleanup(void); 138 139 /* 140 * Control the random pool use of open file descriptors. 141 */ 142 void rand_pool_keep_random_devices_open(int keep); 143 144 #endif 145