]>
Commit | Line | Data |
---|---|---|
81aef6ba | 1 | /* |
a28d06f3 | 2 | * Copyright 2020-2021 The OpenSSL Project Authors. All Rights Reserved. |
81aef6ba P |
3 | * |
4 | * Licensed under the Apache License 2.0 (the "License"). You may not use | |
5 | * this file except in compliance with the License. You can obtain a copy | |
6 | * in the file LICENSE in the source distribution or at | |
7 | * https://www.openssl.org/source/license.html | |
8 | */ | |
9 | ||
10 | #include <string.h> | |
11 | #include <openssl/rand.h> | |
12 | #include <openssl/core_dispatch.h> | |
13 | #include <openssl/e_os2.h> | |
14 | #include <openssl/params.h> | |
15 | #include <openssl/core_names.h> | |
16 | #include <openssl/evp.h> | |
17 | #include <openssl/err.h> | |
18 | #include <openssl/randerr.h> | |
2741128e | 19 | #include <openssl/proverr.h> |
81aef6ba P |
20 | #include "prov/implementations.h" |
21 | #include "prov/provider_ctx.h" | |
81aef6ba P |
22 | #include "crypto/rand.h" |
23 | #include "crypto/rand_pool.h" | |
24 | ||
25 | static OSSL_FUNC_rand_newctx_fn seed_src_new; | |
26 | static OSSL_FUNC_rand_freectx_fn seed_src_free; | |
27 | static OSSL_FUNC_rand_instantiate_fn seed_src_instantiate; | |
28 | static OSSL_FUNC_rand_uninstantiate_fn seed_src_uninstantiate; | |
29 | static OSSL_FUNC_rand_generate_fn seed_src_generate; | |
30 | static OSSL_FUNC_rand_reseed_fn seed_src_reseed; | |
31 | static OSSL_FUNC_rand_gettable_ctx_params_fn seed_src_gettable_ctx_params; | |
32 | static OSSL_FUNC_rand_get_ctx_params_fn seed_src_get_ctx_params; | |
33 | static OSSL_FUNC_rand_verify_zeroization_fn seed_src_verify_zeroization; | |
34 | static OSSL_FUNC_rand_enable_locking_fn seed_src_enable_locking; | |
8389eeea P |
35 | static OSSL_FUNC_rand_lock_fn seed_src_lock; |
36 | static OSSL_FUNC_rand_unlock_fn seed_src_unlock; | |
9ed185a9 P |
37 | static OSSL_FUNC_rand_get_seed_fn seed_get_seed; |
38 | static OSSL_FUNC_rand_clear_seed_fn seed_clear_seed; | |
81aef6ba P |
39 | |
40 | typedef struct { | |
41 | void *provctx; | |
42 | int state; | |
43 | } PROV_SEED_SRC; | |
44 | ||
45 | static void *seed_src_new(void *provctx, void *parent, | |
46 | const OSSL_DISPATCH *parent_dispatch) | |
47 | { | |
48 | PROV_SEED_SRC *s; | |
49 | ||
50 | if (parent != NULL) { | |
51 | ERR_raise(ERR_LIB_PROV, PROV_R_SEED_SOURCES_MUST_NOT_HAVE_A_PARENT); | |
52 | return NULL; | |
53 | } | |
54 | ||
55 | s = OPENSSL_zalloc(sizeof(*s)); | |
56 | if (s == NULL) { | |
57 | ERR_raise(ERR_LIB_PROV, ERR_R_MALLOC_FAILURE); | |
58 | return NULL; | |
59 | } | |
60 | ||
61 | s->provctx = provctx; | |
62 | s->state = EVP_RAND_STATE_UNINITIALISED; | |
63 | return s; | |
64 | } | |
65 | ||
66 | static void seed_src_free(void *vseed) | |
67 | { | |
68 | OPENSSL_free(vseed); | |
69 | } | |
70 | ||
71 | static int seed_src_instantiate(void *vseed, unsigned int strength, | |
72 | int prediction_resistance, | |
73 | const unsigned char *pstr, size_t pstr_len) | |
74 | { | |
75 | PROV_SEED_SRC *s = (PROV_SEED_SRC *)vseed; | |
76 | ||
77 | s->state = EVP_RAND_STATE_READY; | |
78 | return 1; | |
79 | } | |
80 | ||
81 | static int seed_src_uninstantiate(void *vseed) | |
82 | { | |
83 | PROV_SEED_SRC *s = (PROV_SEED_SRC *)vseed; | |
84 | ||
85 | s->state = EVP_RAND_STATE_UNINITIALISED; | |
86 | return 1; | |
87 | } | |
88 | ||
89 | static int seed_src_generate(void *vseed, unsigned char *out, size_t outlen, | |
90 | unsigned int strength, | |
91 | ossl_unused int prediction_resistance, | |
92 | ossl_unused const unsigned char *adin, | |
93 | ossl_unused size_t adin_len) | |
94 | { | |
95 | PROV_SEED_SRC *s = (PROV_SEED_SRC *)vseed; | |
96 | size_t entropy_available; | |
97 | RAND_POOL *pool; | |
98 | ||
99 | if (s->state != EVP_RAND_STATE_READY) { | |
100 | ERR_raise(ERR_LIB_PROV, | |
101 | s->state == EVP_RAND_STATE_ERROR ? PROV_R_IN_ERROR_STATE | |
102 | : PROV_R_NOT_INSTANTIATED); | |
103 | return 0; | |
104 | } | |
105 | ||
106 | pool = rand_pool_new(strength, 1, outlen, outlen); | |
107 | if (pool == NULL) { | |
108 | ERR_raise(ERR_LIB_PROV, ERR_R_MALLOC_FAILURE); | |
109 | return 0; | |
110 | } | |
111 | ||
112 | /* Get entropy by polling system entropy sources. */ | |
113 | entropy_available = ossl_pool_acquire_entropy(pool); | |
114 | ||
115 | if (entropy_available > 0) | |
a678506e | 116 | memcpy(out, rand_pool_buffer(pool), rand_pool_length(pool)); |
81aef6ba P |
117 | |
118 | rand_pool_free(pool); | |
119 | return entropy_available > 0; | |
120 | } | |
121 | ||
122 | static int seed_src_reseed(void *vseed, | |
123 | ossl_unused int prediction_resistance, | |
124 | ossl_unused const unsigned char *ent, | |
125 | ossl_unused size_t ent_len, | |
126 | ossl_unused const unsigned char *adin, | |
127 | ossl_unused size_t adin_len) | |
128 | { | |
129 | PROV_SEED_SRC *s = (PROV_SEED_SRC *)vseed; | |
130 | ||
131 | if (s->state != EVP_RAND_STATE_READY) { | |
132 | ERR_raise(ERR_LIB_PROV, | |
133 | s->state == EVP_RAND_STATE_ERROR ? PROV_R_IN_ERROR_STATE | |
134 | : PROV_R_NOT_INSTANTIATED); | |
135 | return 0; | |
136 | } | |
137 | return 1; | |
138 | } | |
139 | ||
140 | static int seed_src_get_ctx_params(void *vseed, OSSL_PARAM params[]) | |
141 | { | |
142 | PROV_SEED_SRC *s = (PROV_SEED_SRC *)vseed; | |
143 | OSSL_PARAM *p; | |
144 | ||
145 | p = OSSL_PARAM_locate(params, OSSL_RAND_PARAM_STATE); | |
146 | if (p != NULL && !OSSL_PARAM_set_int(p, s->state)) | |
147 | return 0; | |
148 | ||
149 | p = OSSL_PARAM_locate(params, OSSL_RAND_PARAM_STRENGTH); | |
150 | if (p != NULL && !OSSL_PARAM_set_int(p, 1024)) | |
151 | return 0; | |
152 | ||
153 | p = OSSL_PARAM_locate(params, OSSL_RAND_PARAM_MAX_REQUEST); | |
154 | if (p != NULL && !OSSL_PARAM_set_size_t(p, 128)) | |
155 | return 0; | |
156 | return 1; | |
157 | } | |
158 | ||
159 | static const OSSL_PARAM *seed_src_gettable_ctx_params(ossl_unused void *provctx) | |
160 | { | |
161 | static const OSSL_PARAM known_gettable_ctx_params[] = { | |
162 | OSSL_PARAM_int(OSSL_RAND_PARAM_STATE, NULL), | |
163 | OSSL_PARAM_uint(OSSL_RAND_PARAM_STRENGTH, NULL), | |
164 | OSSL_PARAM_size_t(OSSL_RAND_PARAM_MAX_REQUEST, NULL), | |
165 | OSSL_PARAM_END | |
166 | }; | |
167 | return known_gettable_ctx_params; | |
168 | } | |
169 | ||
170 | static int seed_src_verify_zeroization(ossl_unused void *vseed) | |
171 | { | |
172 | return 1; | |
173 | } | |
174 | ||
9ed185a9 P |
175 | static size_t seed_get_seed(void *vseed, unsigned char **pout, |
176 | int entropy, size_t min_len, size_t max_len, | |
177 | int prediction_resistance, | |
178 | const unsigned char *adin, size_t adin_len) | |
179 | { | |
180 | size_t bytes_needed; | |
181 | unsigned char *p; | |
182 | ||
183 | /* | |
184 | * Figure out how many bytes we need. | |
185 | * This assumes that the seed sources provide eight bits of entropy | |
186 | * per byte. For lower quality sources, the formula will need to be | |
187 | * different. | |
188 | */ | |
189 | bytes_needed = entropy >= 0 ? (entropy + 7) / 8 : 0; | |
190 | if (bytes_needed < min_len) | |
191 | bytes_needed = min_len; | |
192 | if (bytes_needed > max_len) { | |
193 | ERR_raise(ERR_LIB_PROV, PROV_R_ENTROPY_SOURCE_STRENGTH_TOO_WEAK); | |
194 | return 0; | |
195 | } | |
196 | ||
197 | p = OPENSSL_secure_malloc(bytes_needed); | |
198 | if (p == NULL) { | |
199 | ERR_raise(ERR_LIB_PROV, ERR_R_MALLOC_FAILURE); | |
200 | return 0; | |
201 | } | |
202 | *pout = p; | |
203 | if (seed_src_generate(vseed, p, bytes_needed, 0, prediction_resistance, | |
204 | adin, adin_len) != 0) | |
205 | return bytes_needed; | |
206 | OPENSSL_secure_clear_free(p, bytes_needed); | |
207 | return 0; | |
208 | } | |
209 | ||
210 | static void seed_clear_seed(ossl_unused void *vdrbg, | |
211 | unsigned char *out, size_t outlen) | |
212 | { | |
213 | OPENSSL_secure_clear_free(out, outlen); | |
214 | } | |
215 | ||
81aef6ba P |
216 | static int seed_src_enable_locking(ossl_unused void *vseed) |
217 | { | |
218 | return 1; | |
219 | } | |
220 | ||
8389eeea P |
221 | int seed_src_lock(ossl_unused void *vctx) |
222 | { | |
223 | return 1; | |
224 | } | |
225 | ||
226 | void seed_src_unlock(ossl_unused void *vctx) | |
227 | { | |
228 | } | |
229 | ||
81aef6ba P |
230 | const OSSL_DISPATCH ossl_seed_src_functions[] = { |
231 | { OSSL_FUNC_RAND_NEWCTX, (void(*)(void))seed_src_new }, | |
232 | { OSSL_FUNC_RAND_FREECTX, (void(*)(void))seed_src_free }, | |
233 | { OSSL_FUNC_RAND_INSTANTIATE, | |
234 | (void(*)(void))seed_src_instantiate }, | |
235 | { OSSL_FUNC_RAND_UNINSTANTIATE, | |
236 | (void(*)(void))seed_src_uninstantiate }, | |
237 | { OSSL_FUNC_RAND_GENERATE, (void(*)(void))seed_src_generate }, | |
238 | { OSSL_FUNC_RAND_RESEED, (void(*)(void))seed_src_reseed }, | |
239 | { OSSL_FUNC_RAND_ENABLE_LOCKING, (void(*)(void))seed_src_enable_locking }, | |
8389eeea P |
240 | { OSSL_FUNC_RAND_LOCK, (void(*)(void))seed_src_lock }, |
241 | { OSSL_FUNC_RAND_UNLOCK, (void(*)(void))seed_src_unlock }, | |
81aef6ba P |
242 | { OSSL_FUNC_RAND_GETTABLE_CTX_PARAMS, |
243 | (void(*)(void))seed_src_gettable_ctx_params }, | |
244 | { OSSL_FUNC_RAND_GET_CTX_PARAMS, (void(*)(void))seed_src_get_ctx_params }, | |
245 | { OSSL_FUNC_RAND_VERIFY_ZEROIZATION, | |
246 | (void(*)(void))seed_src_verify_zeroization }, | |
9ed185a9 P |
247 | { OSSL_FUNC_RAND_GET_SEED, (void(*)(void))seed_get_seed }, |
248 | { OSSL_FUNC_RAND_CLEAR_SEED, (void(*)(void))seed_clear_seed }, | |
81aef6ba P |
249 | { 0, NULL } |
250 | }; |