[thirdparty/openssl.git] / include / crypto / rand.h

/*
 * Copyright 2016-2018 The OpenSSL Project Authors. All Rights Reserved.
 *
 * Licensed under the Apache License 2.0 (the "License").  You may not use
 * this file except in compliance with the License.  You can obtain a copy
 * in the file LICENSE in the source distribution or at
 * https://www.openssl.org/source/license.html
 */

/*
 * Licensed under the Apache License 2.0 (the "License");
 * you may not use this file except in compliance with the License.
 * You may obtain a copy of the License at
 * https://www.openssl.org/source/license.html
 * or in the file LICENSE in the source distribution.
 */

#ifndef HEADER_RAND_INT_H
# define HEADER_RAND_INT_H

# include <openssl/rand.h>

/* forward declaration */
typedef struct rand_pool_st RAND_POOL;

void rand_cleanup_int(void);

/* Hardware-based seeding functions. */
size_t rand_acquire_entropy_from_tsc(RAND_POOL *pool);
size_t rand_acquire_entropy_from_cpu(RAND_POOL *pool);

/* DRBG entropy callbacks. */
size_t rand_drbg_get_entropy(RAND_DRBG *drbg,
                             unsigned char **pout,
                             int entropy, size_t min_len, size_t max_len,
                             int prediction_resistance);
void rand_drbg_cleanup_entropy(RAND_DRBG *drbg,
                               unsigned char *out, size_t outlen);
size_t rand_drbg_get_nonce(RAND_DRBG *drbg,
                           unsigned char **pout,
                           int entropy, size_t min_len, size_t max_len);
void rand_drbg_cleanup_nonce(RAND_DRBG *drbg,
                             unsigned char *out, size_t outlen);

size_t rand_drbg_get_additional_data(RAND_POOL *pool, unsigned char **pout);

void rand_drbg_cleanup_additional_data(RAND_POOL *pool, unsigned char *out);

/* CRNG test entropy filter callbacks. */
size_t rand_crngt_get_entropy(RAND_DRBG *drbg,
                              unsigned char **pout,
                              int entropy, size_t min_len, size_t max_len,
                              int prediction_resistance);
void rand_crngt_cleanup_entropy(RAND_DRBG *drbg,
                                unsigned char *out, size_t outlen);

/*
 * RAND_POOL functions
 */
RAND_POOL *rand_pool_new(int entropy_requested, int secure,
                         size_t min_len, size_t max_len);
RAND_POOL *rand_pool_attach(const unsigned char *buffer, size_t len,
                            size_t entropy);
void rand_pool_free(RAND_POOL *pool);

const unsigned char *rand_pool_buffer(RAND_POOL *pool);
unsigned char *rand_pool_detach(RAND_POOL *pool);
void rand_pool_reattach(RAND_POOL *pool, unsigned char *buffer);

size_t rand_pool_entropy(RAND_POOL *pool);
size_t rand_pool_length(RAND_POOL *pool);

size_t rand_pool_entropy_available(RAND_POOL *pool);
size_t rand_pool_entropy_needed(RAND_POOL *pool);
/* |entropy_factor| expresses how many bits of data contain 1 bit of entropy */
size_t rand_pool_bytes_needed(RAND_POOL *pool, unsigned int entropy_factor);
size_t rand_pool_bytes_remaining(RAND_POOL *pool);

int rand_pool_add(RAND_POOL *pool,
                  const unsigned char *buffer, size_t len, size_t entropy);
unsigned char *rand_pool_add_begin(RAND_POOL *pool, size_t len);
int rand_pool_add_end(RAND_POOL *pool, size_t len, size_t entropy);


/*
 * Add random bytes to the pool to acquire requested amount of entropy
 *
 * This function is platform specific and tries to acquire the requested
 * amount of entropy by polling platform specific entropy sources.
 *
 * If the function succeeds in acquiring at least |entropy_requested| bits
 * of entropy, the total entropy count is returned. If it fails, it returns
 * an entropy count of 0.
 */
size_t rand_pool_acquire_entropy(RAND_POOL *pool);

/*
 * Add some application specific nonce data
 *
 * This function is platform specific and adds some application specific
 * data to the nonce used for instantiating the drbg.
 *
 * This data currently consists of the process and thread id, and a high
 * resolution timestamp. The data does not include an atomic counter,
 * because that is added by the calling function rand_drbg_get_nonce().
 *
 * Returns 1 on success and 0 on failure.
 */
int rand_pool_add_nonce_data(RAND_POOL *pool);


/*
 * Add some platform specific additional data
 *
 * This function is platform specific and adds some random noise to the
 * additional data used for generating random bytes and for reseeding
 * the drbg.
 *
 * Returns 1 on success and 0 on failure.
 */
int rand_pool_add_additional_data(RAND_POOL *pool);

/*
 * Initialise the random pool reseeding sources.
 *
 * Returns 1 on success and 0 on failure.
 */
int rand_pool_init(void);

/*
 * Finalise the random pool reseeding sources.
 */
void rand_pool_cleanup(void);

/*
 * Control the random pool use of open file descriptors.
 */
void rand_pool_keep_random_devices_open(int keep);

/* Equivalent of RAND_priv_bytes() but additionally taking an OPENSSL_CTX */
int rand_priv_bytes_ex(OPENSSL_CTX *ctx, unsigned char *buf, int num);

/* Equivalent of RAND_bytes() but additionally taking an OPENSSL_CTX */
int rand_bytes_ex(OPENSSL_CTX *ctx, unsigned char *buf, int num);

#endif
Commit	Line	Data
aa6bb135	1	/*
b0edda11	2	* Copyright 2016-2018 The OpenSSL Project Authors. All Rights Reserved.
aa6bb135	3	*
48f4ad77	4	* Licensed under the Apache License 2.0 (the "License"). You may not use
aa6bb135 RS	5	* this file except in compliance with the License. You can obtain a copy
	6	* in the file LICENSE in the source distribution or at
	7	* https://www.openssl.org/source/license.html
	8	*/
	9
f3cd81d6	10	/*
48f4ad77	11	* Licensed under the Apache License 2.0 (the "License");
f3cd81d6 MC	12	* you may not use this file except in compliance with the License.
	13	* You may obtain a copy of the License at
	14	* https://www.openssl.org/source/license.html
	15	* or in the file LICENSE in the source distribution.
	16	*/
	17
6decf943 DMSP	18	#ifndef HEADER_RAND_INT_H
	19	# define HEADER_RAND_INT_H
	20
	21	# include <openssl/rand.h>
	22
	23	/* forward declaration */
	24	typedef struct rand_pool_st RAND_POOL;
f3cd81d6	25
b3599dbb	26	void rand_cleanup_int(void);
6decf943 DMSP	27
	28	/* Hardware-based seeding functions. */
	29	size_t rand_acquire_entropy_from_tsc(RAND_POOL *pool);
	30	size_t rand_acquire_entropy_from_cpu(RAND_POOL *pool);
	31
	32	/* DRBG entropy callbacks. */
	33	size_t rand_drbg_get_entropy(RAND_DRBG *drbg,
	34	unsigned char **pout,
eb238134 KR	35	int entropy, size_t min_len, size_t max_len,
eb238134 KR	36	int prediction_resistance);
6decf943 DMSP	37	void rand_drbg_cleanup_entropy(RAND_DRBG *drbg,
6decf943 DMSP	38	unsigned char *out, size_t outlen);
5bc6bcf8 DMSP	39	size_t rand_drbg_get_nonce(RAND_DRBG *drbg,
	40	unsigned char **pout,
	41	int entropy, size_t min_len, size_t max_len);
	42	void rand_drbg_cleanup_nonce(RAND_DRBG *drbg,
	43	unsigned char *out, size_t outlen);
	44
54f3e855	45	size_t rand_drbg_get_additional_data(RAND_POOL pool, unsigned char *pout);
6decf943	46
54f3e855	47	void rand_drbg_cleanup_additional_data(RAND_POOL pool, unsigned char out);
6decf943	48
d69226a3 P	49	/* CRNG test entropy filter callbacks. */
	50	size_t rand_crngt_get_entropy(RAND_DRBG *drbg,
	51	unsigned char **pout,
	52	int entropy, size_t min_len, size_t max_len,
	53	int prediction_resistance);
	54	void rand_crngt_cleanup_entropy(RAND_DRBG *drbg,
	55	unsigned char *out, size_t outlen);
	56
6decf943 DMSP	57	/*
	58	* RAND_POOL functions
	59	*/
1372560f BE	60	RAND_POOL *rand_pool_new(int entropy_requested, int secure,
1372560f BE	61	size_t min_len, size_t max_len);
3064b551 DMSP	62	RAND_POOL rand_pool_attach(const unsigned char buffer, size_t len,
3064b551 DMSP	63	size_t entropy);
6decf943 DMSP	64	void rand_pool_free(RAND_POOL *pool);
	65
	66	const unsigned char rand_pool_buffer(RAND_POOL pool);
	67	unsigned char rand_pool_detach(RAND_POOL pool);
54f3e855	68	void rand_pool_reattach(RAND_POOL pool, unsigned char buffer);
6decf943 DMSP	69
	70	size_t rand_pool_entropy(RAND_POOL *pool);
	71	size_t rand_pool_length(RAND_POOL *pool);
	72
	73	size_t rand_pool_entropy_available(RAND_POOL *pool);
	74	size_t rand_pool_entropy_needed(RAND_POOL *pool);
6ebb49f3 RL	75	/* \|entropy_factor\| expresses how many bits of data contain 1 bit of entropy */
6ebb49f3 RL	76	size_t rand_pool_bytes_needed(RAND_POOL *pool, unsigned int entropy_factor);
6decf943 DMSP	77	size_t rand_pool_bytes_remaining(RAND_POOL *pool);
6decf943 DMSP	78
4845aeba RL	79	int rand_pool_add(RAND_POOL *pool,
4845aeba RL	80	const unsigned char *buffer, size_t len, size_t entropy);
6decf943	81	unsigned char rand_pool_add_begin(RAND_POOL pool, size_t len);
4845aeba	82	int rand_pool_add_end(RAND_POOL *pool, size_t len, size_t entropy);
6decf943 DMSP	83
	84
	85	/*
	86	* Add random bytes to the pool to acquire requested amount of entropy
	87	*
	88	* This function is platform specific and tries to acquire the requested
	89	* amount of entropy by polling platform specific entropy sources.
	90	*
	91	* If the function succeeds in acquiring at least \|entropy_requested\| bits
	92	* of entropy, the total entropy count is returned. If it fails, it returns
	93	* an entropy count of 0.
	94	*/
	95	size_t rand_pool_acquire_entropy(RAND_POOL *pool);
	96
5bc6bcf8 DMSP	97	/*
	98	* Add some application specific nonce data
	99	*
	100	* This function is platform specific and adds some application specific
	101	* data to the nonce used for instantiating the drbg.
	102	*
	103	* This data currently consists of the process and thread id, and a high
	104	* resolution timestamp. The data does not include an atomic counter,
	105	* because that is added by the calling function rand_drbg_get_nonce().
	106	*
	107	* Returns 1 on success and 0 on failure.
	108	*/
	109	int rand_pool_add_nonce_data(RAND_POOL *pool);
	110
	111
	112	/*
	113	* Add some platform specific additional data
	114	*
	115	* This function is platform specific and adds some random noise to the
	116	* additional data used for generating random bytes and for reseeding
	117	* the drbg.
	118	*
	119	* Returns 1 on success and 0 on failure.
	120	*/
	121	int rand_pool_add_additional_data(RAND_POOL *pool);
	122
c7504aeb P	123	/*
	124	* Initialise the random pool reseeding sources.
	125	*
	126	* Returns 1 on success and 0 on failure.
	127	*/
	128	int rand_pool_init(void);
	129
	130	/*
	131	* Finalise the random pool reseeding sources.
	132	*/
	133	void rand_pool_cleanup(void);
	134
	135	/*
	136	* Control the random pool use of open file descriptors.
	137	*/
	138	void rand_pool_keep_random_devices_open(int keep);
	139
6694e51d MC	140	/* Equivalent of RAND_priv_bytes() but additionally taking an OPENSSL_CTX */
	141	int rand_priv_bytes_ex(OPENSSL_CTX ctx, unsigned char buf, int num);
	142
	143	/* Equivalent of RAND_bytes() but additionally taking an OPENSSL_CTX */
	144	int rand_bytes_ex(OPENSSL_CTX ctx, unsigned char buf, int num);
	145
6decf943	146	#endif