2
0

rand.h 3.6 KB

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118
  1. /*
  2. * Copyright 2016-2021 The OpenSSL Project Authors. All Rights Reserved.
  3. *
  4. * Licensed under the Apache License 2.0 (the "License"). You may not use
  5. * this file except in compliance with the License. You can obtain a copy
  6. * in the file LICENSE in the source distribution or at
  7. * https://www.openssl.org/source/license.html
  8. */
  9. /*
  10. * Licensed under the Apache License 2.0 (the "License");
  11. * you may not use this file except in compliance with the License.
  12. * You may obtain a copy of the License at
  13. * https://www.openssl.org/source/license.html
  14. * or in the file LICENSE in the source distribution.
  15. */
  16. #ifndef OSSL_CRYPTO_RAND_H
  17. # define OSSL_CRYPTO_RAND_H
  18. # pragma once
  19. # include <openssl/rand.h>
  20. # include "crypto/rand_pool.h"
  21. /*
  22. * Defines related to seed sources
  23. */
  24. #ifndef DEVRANDOM
  25. /*
  26. * set this to a comma-separated list of 'random' device files to try out. By
  27. * default, we will try to read at least one of these files
  28. */
  29. # define DEVRANDOM "/dev/urandom", "/dev/random", "/dev/hwrng", "/dev/srandom"
  30. # if defined(__linux) && !defined(__ANDROID__)
  31. # ifndef DEVRANDOM_WAIT
  32. # define DEVRANDOM_WAIT "/dev/random"
  33. # endif
  34. /*
  35. * Linux kernels 4.8 and later changes how their random device works and there
  36. * is no reliable way to tell that /dev/urandom has been seeded -- getentropy(2)
  37. * should be used instead.
  38. */
  39. # ifndef DEVRANDOM_SAFE_KERNEL
  40. # define DEVRANDOM_SAFE_KERNEL 4, 8
  41. # endif
  42. /*
  43. * Some operating systems do not permit select(2) on their random devices,
  44. * defining this to zero will force the use of read(2) to extract one byte
  45. * from /dev/random.
  46. */
  47. # ifndef DEVRANDM_WAIT_USE_SELECT
  48. # define DEVRANDM_WAIT_USE_SELECT 1
  49. # endif
  50. /*
  51. * Define the shared memory identifier used to indicate if the operating
  52. * system has properly seeded the DEVRANDOM source.
  53. */
  54. # ifndef OPENSSL_RAND_SEED_DEVRANDOM_SHM_ID
  55. # define OPENSSL_RAND_SEED_DEVRANDOM_SHM_ID 114
  56. # endif
  57. # endif
  58. #endif
  59. #if !defined(OPENSSL_NO_EGD) && !defined(DEVRANDOM_EGD)
  60. /*
  61. * set this to a comma-separated list of 'egd' sockets to try out. These
  62. * sockets will be tried in the order listed in case accessing the device
  63. * files listed in DEVRANDOM did not return enough randomness.
  64. */
  65. # define DEVRANDOM_EGD "/var/run/egd-pool", "/dev/egd-pool", "/etc/egd-pool", "/etc/entropy"
  66. #endif
  67. void ossl_rand_cleanup_int(void);
  68. /*
  69. * Initialise the random pool reseeding sources.
  70. *
  71. * Returns 1 on success and 0 on failure.
  72. */
  73. int ossl_rand_pool_init(void);
  74. /*
  75. * Finalise the random pool reseeding sources.
  76. */
  77. void ossl_rand_pool_cleanup(void);
  78. /*
  79. * Control the random pool use of open file descriptors.
  80. */
  81. void ossl_rand_pool_keep_random_devices_open(int keep);
  82. /*
  83. * Configuration
  84. */
  85. void ossl_random_add_conf_module(void);
  86. /*
  87. * Get and cleanup random seed material.
  88. */
  89. size_t ossl_rand_get_entropy(ossl_unused OSSL_CORE_HANDLE *handle,
  90. unsigned char **pout, int entropy,
  91. size_t min_len, size_t max_len);
  92. void ossl_rand_cleanup_entropy(ossl_unused OSSL_CORE_HANDLE *handle,
  93. unsigned char *buf, size_t len);
  94. size_t ossl_rand_get_nonce(ossl_unused OSSL_CORE_HANDLE *handle,
  95. unsigned char **pout, size_t min_len, size_t max_len,
  96. const void *salt, size_t salt_len);
  97. void ossl_rand_cleanup_nonce(ossl_unused OSSL_CORE_HANDLE *handle,
  98. unsigned char *buf, size_t len);
  99. /*
  100. * Get seeding material from the operating system sources.
  101. */
  102. size_t ossl_pool_acquire_entropy(RAND_POOL *pool);
  103. int ossl_pool_add_nonce_data(RAND_POOL *pool);
  104. #endif