123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118 |
- /*
- * Copyright 2016-2021 The OpenSSL Project Authors. All Rights Reserved.
- *
- * Licensed under the Apache License 2.0 (the "License"). You may not use
- * this file except in compliance with the License. You can obtain a copy
- * in the file LICENSE in the source distribution or at
- * https://www.openssl.org/source/license.html
- */
- /*
- * Licensed under the Apache License 2.0 (the "License");
- * you may not use this file except in compliance with the License.
- * You may obtain a copy of the License at
- * https://www.openssl.org/source/license.html
- * or in the file LICENSE in the source distribution.
- */
- #ifndef OSSL_CRYPTO_RAND_H
- # define OSSL_CRYPTO_RAND_H
- # pragma once
- # include <openssl/rand.h>
- # include "crypto/rand_pool.h"
- /*
- * Defines related to seed sources
- */
- #ifndef DEVRANDOM
- /*
- * set this to a comma-separated list of 'random' device files to try out. By
- * default, we will try to read at least one of these files
- */
- # define DEVRANDOM "/dev/urandom", "/dev/random", "/dev/hwrng", "/dev/srandom"
- # if defined(__linux) && !defined(__ANDROID__)
- # ifndef DEVRANDOM_WAIT
- # define DEVRANDOM_WAIT "/dev/random"
- # endif
- /*
- * Linux kernels 4.8 and later changes how their random device works and there
- * is no reliable way to tell that /dev/urandom has been seeded -- getentropy(2)
- * should be used instead.
- */
- # ifndef DEVRANDOM_SAFE_KERNEL
- # define DEVRANDOM_SAFE_KERNEL 4, 8
- # endif
- /*
- * Some operating systems do not permit select(2) on their random devices,
- * defining this to zero will force the use of read(2) to extract one byte
- * from /dev/random.
- */
- # ifndef DEVRANDM_WAIT_USE_SELECT
- # define DEVRANDM_WAIT_USE_SELECT 1
- # endif
- /*
- * Define the shared memory identifier used to indicate if the operating
- * system has properly seeded the DEVRANDOM source.
- */
- # ifndef OPENSSL_RAND_SEED_DEVRANDOM_SHM_ID
- # define OPENSSL_RAND_SEED_DEVRANDOM_SHM_ID 114
- # endif
- # endif
- #endif
- #if !defined(OPENSSL_NO_EGD) && !defined(DEVRANDOM_EGD)
- /*
- * set this to a comma-separated list of 'egd' sockets to try out. These
- * sockets will be tried in the order listed in case accessing the device
- * files listed in DEVRANDOM did not return enough randomness.
- */
- # define DEVRANDOM_EGD "/var/run/egd-pool", "/dev/egd-pool", "/etc/egd-pool", "/etc/entropy"
- #endif
- void ossl_rand_cleanup_int(void);
- /*
- * Initialise the random pool reseeding sources.
- *
- * Returns 1 on success and 0 on failure.
- */
- int ossl_rand_pool_init(void);
- /*
- * Finalise the random pool reseeding sources.
- */
- void ossl_rand_pool_cleanup(void);
- /*
- * Control the random pool use of open file descriptors.
- */
- void ossl_rand_pool_keep_random_devices_open(int keep);
- /*
- * Configuration
- */
- void ossl_random_add_conf_module(void);
- /*
- * Get and cleanup random seed material.
- */
- size_t ossl_rand_get_entropy(ossl_unused OSSL_CORE_HANDLE *handle,
- unsigned char **pout, int entropy,
- size_t min_len, size_t max_len);
- void ossl_rand_cleanup_entropy(ossl_unused OSSL_CORE_HANDLE *handle,
- unsigned char *buf, size_t len);
- size_t ossl_rand_get_nonce(ossl_unused OSSL_CORE_HANDLE *handle,
- unsigned char **pout, size_t min_len, size_t max_len,
- const void *salt, size_t salt_len);
- void ossl_rand_cleanup_nonce(ossl_unused OSSL_CORE_HANDLE *handle,
- unsigned char *buf, size_t len);
- /*
- * Get seeding material from the operating system sources.
- */
- size_t ossl_pool_acquire_entropy(RAND_POOL *pool);
- int ossl_pool_add_nonce_data(RAND_POOL *pool);
- #endif
|