123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167 |
- /*
- * Copyright 2019-2021 The OpenSSL Project Authors. All Rights Reserved.
- *
- * Licensed under the Apache License 2.0 (the "License"). You may not use
- * this file except in compliance with the License. You can obtain a copy
- * in the file LICENSE in the source distribution or at
- * https://www.openssl.org/source/license.html
- */
- #include <openssl/opensslconf.h>
- #include <openssl/rand.h>
- #include "crypto/rand_pool.h"
- #include "crypto/rand.h"
- #include "internal/cryptlib.h"
- #include "prov/seeding.h"
- #include <version.h>
- #include <taskLib.h>
- #if defined(OPENSSL_RAND_SEED_NONE)
- /* none means none */
- # undef OPENSSL_RAND_SEED_OS
- #endif
- #if defined(OPENSSL_RAND_SEED_OS)
- # if _WRS_VXWORKS_MAJOR >= 7
- # define RAND_SEED_VXRANDLIB
- # else
- # error "VxWorks <7 only support RAND_SEED_NONE"
- # endif
- #endif
- #if defined(RAND_SEED_VXRANDLIB)
- # include <randomNumGen.h>
- #endif
- /* Macro to convert two thirty two bit values into a sixty four bit one */
- #define TWO32TO64(a, b) ((((uint64_t)(a)) << 32) + (b))
- static uint64_t get_time_stamp(void)
- {
- struct timespec ts;
- if (clock_gettime(CLOCK_REALTIME, &ts) == 0)
- return TWO32TO64(ts.tv_sec, ts.tv_nsec);
- return time(NULL);
- }
- static uint64_t get_timer_bits(void)
- {
- uint64_t res = OPENSSL_rdtsc();
- struct timespec ts;
- if (res != 0)
- return res;
- if (clock_gettime(CLOCK_MONOTONIC, &ts) == 0)
- return TWO32TO64(ts.tv_sec, ts.tv_nsec);
- return time(NULL);
- }
- /*
- * empty implementation
- * vxworks does not need to init/cleanup or keep open the random lib
- */
- int ossl_rand_pool_init(void)
- {
- return 1;
- }
- void ossl_rand_pool_cleanup(void)
- {
- }
- void ossl_rand_pool_keep_random_devices_open(int keep)
- {
- }
- int ossl_rand_pool_add_additional_data(RAND_POOL *pool)
- {
- struct {
- CRYPTO_THREAD_ID tid;
- uint64_t time;
- } data;
- memset(&data, 0, sizeof(data));
- /*
- * Add some noise from the thread id and a high resolution timer.
- * The thread id adds a little randomness if the drbg is accessed
- * concurrently (which is the case for the <master> drbg).
- */
- data.tid = CRYPTO_THREAD_get_current_id();
- data.time = get_timer_bits();
- return ossl_rand_pool_add(pool, (unsigned char *)&data, sizeof(data), 0);
- }
- int ossl_pool_add_nonce_data(RAND_POOL *pool)
- {
- struct {
- pid_t pid;
- CRYPTO_THREAD_ID tid;
- uint64_t time;
- } data;
- memset(&data, 0, sizeof(data));
- /*
- * Add process id, thread id, and a high resolution timestamp to
- * ensure that the nonce is unique with high probability for
- * different process instances.
- */
- data.pid = getpid();
- data.tid = CRYPTO_THREAD_get_current_id();
- data.time = get_time_stamp();
- return ossl_rand_pool_add(pool, (unsigned char *)&data, sizeof(data), 0);
- }
- size_t ossl_pool_acquire_entropy(RAND_POOL *pool)
- {
- #if defined(RAND_SEED_VXRANDLIB)
- /* vxRandLib based entropy method */
- size_t bytes_needed;
- bytes_needed = ossl_rand_pool_bytes_needed(pool, 1 /*entropy_factor*/);
- if (bytes_needed > 0)
- {
- int retryCount = 0;
- STATUS result = ERROR;
- unsigned char *buffer;
- buffer = ossl_rand_pool_add_begin(pool, bytes_needed);
- while ((result != OK) && (retryCount < 10)) {
- RANDOM_NUM_GEN_STATUS status = randStatus();
- if ((status == RANDOM_NUM_GEN_ENOUGH_ENTROPY)
- || (status == RANDOM_NUM_GEN_MAX_ENTROPY)) {
- result = randBytes(buffer, bytes_needed);
- if (result == OK)
- ossl_rand_pool_add_end(pool, bytes_needed, 8 * bytes_needed);
- /*
- * no else here: randStatus said ok, if randBytes failed
- * it will result in another loop or no entropy
- */
- } else {
- /*
- * give a minimum delay here to allow OS to collect more
- * entropy. taskDelay duration will depend on the system tick,
- * this is by design as the sw-random lib uses interrupts
- * which will at least happen during ticks
- */
- taskDelay(5);
- }
- retryCount++;
- }
- }
- return ossl_rand_pool_entropy_available(pool);
- #else
- /*
- * SEED_NONE means none, without randlib we dont have entropy and
- * rely on it being added externally
- */
- return ossl_rand_pool_entropy_available(pool);
- #endif /* defined(RAND_SEED_VXRANDLIB) */
- }
|