2
0

rand_cpu_x86.c 3.4 KB

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107
  1. /*
  2. * Copyright 1995-2021 The OpenSSL Project Authors. All Rights Reserved.
  3. *
  4. * Licensed under the Apache License 2.0 (the "License"). You may not use
  5. * this file except in compliance with the License. You can obtain a copy
  6. * in the file LICENSE in the source distribution or at
  7. * https://www.openssl.org/source/license.html
  8. */
  9. #include "internal/cryptlib.h"
  10. #include <openssl/opensslconf.h>
  11. #include "crypto/rand_pool.h"
  12. #include "prov/seeding.h"
  13. #ifdef OPENSSL_RAND_SEED_RDCPU
  14. # if defined(OPENSSL_SYS_TANDEM) && defined(_TNS_X_TARGET)
  15. # include <builtin.h> /* _rdrand64 */
  16. # include <string.h> /* memcpy */
  17. # else
  18. size_t OPENSSL_ia32_rdseed_bytes(unsigned char *buf, size_t len);
  19. size_t OPENSSL_ia32_rdrand_bytes(unsigned char *buf, size_t len);
  20. # endif
  21. static size_t get_hardware_random_value(unsigned char *buf, size_t len);
  22. /*
  23. * Acquire entropy using Intel-specific cpu instructions
  24. *
  25. * Uses the RDSEED instruction if available, otherwise uses
  26. * RDRAND if available.
  27. *
  28. * For the differences between RDSEED and RDRAND, and why RDSEED
  29. * is the preferred choice, see https://goo.gl/oK3KcN
  30. *
  31. * Returns the total entropy count, if it exceeds the requested
  32. * entropy count. Otherwise, returns an entropy count of 0.
  33. */
  34. size_t ossl_prov_acquire_entropy_from_cpu(RAND_POOL *pool)
  35. {
  36. size_t bytes_needed;
  37. unsigned char *buffer;
  38. bytes_needed = ossl_rand_pool_bytes_needed(pool, 1 /*entropy_factor*/);
  39. if (bytes_needed > 0) {
  40. buffer = ossl_rand_pool_add_begin(pool, bytes_needed);
  41. if (buffer != NULL) {
  42. if (get_hardware_random_value(buffer, bytes_needed) == bytes_needed) {
  43. ossl_rand_pool_add_end(pool, bytes_needed, 8 * bytes_needed);
  44. } else {
  45. ossl_rand_pool_add_end(pool, 0, 0);
  46. }
  47. }
  48. }
  49. return ossl_rand_pool_entropy_available(pool);
  50. }
  51. #if defined(OPENSSL_SYS_TANDEM) && defined(_TNS_X_TARGET)
  52. /* Obtain random bytes from the x86 hardware random function in 64 bit chunks */
  53. static size_t get_hardware_random_value(unsigned char *buf, size_t len)
  54. {
  55. size_t bytes_remaining = len;
  56. while (bytes_remaining > 0) {
  57. /* Always use 64 bit fetch, then use the lower bytes as needed. */
  58. /* The platform is big-endian. */
  59. uint64_t random_value = 0;
  60. if (_rdrand64(&random_value) != 0) {
  61. unsigned char *random_buffer = (unsigned char *)&random_value;
  62. if (bytes_remaining >= sizeof(random_value)) {
  63. memcpy(buf, random_buffer, sizeof(random_value));
  64. bytes_remaining -= sizeof(random_value);
  65. buf += sizeof(random_value);
  66. } else {
  67. memcpy(buf,
  68. random_buffer + (sizeof(random_value) - bytes_remaining),
  69. bytes_remaining);
  70. bytes_remaining = 0; /* This will terminate the loop */
  71. }
  72. } else
  73. break;
  74. }
  75. if (bytes_remaining == 0)
  76. return len;
  77. return 0;
  78. }
  79. #else
  80. static size_t get_hardware_random_value(unsigned char *buf, size_t len) {
  81. /* Whichever comes first, use RDSEED, RDRAND or nothing */
  82. if ((OPENSSL_ia32cap_P[2] & (1 << 18)) != 0) {
  83. if (OPENSSL_ia32_rdseed_bytes(buf, len) != len)
  84. return 0;
  85. } else if ((OPENSSL_ia32cap_P[1] & (1 << (62 - 32))) != 0) {
  86. if (OPENSSL_ia32_rdrand_bytes(buf, len) != len)
  87. return 0;
  88. } else
  89. return 0;
  90. return len;
  91. }
  92. #endif
  93. #else
  94. NON_EMPTY_TRANSLATION_UNIT
  95. #endif