]>
git.ipfire.org Git - thirdparty/openssl.git/blob - include/crypto/rand.h
2 * Copyright 2016-2018 The OpenSSL Project Authors. All Rights Reserved.
4 * Licensed under the Apache License 2.0 (the "License"). You may not use
5 * this file except in compliance with the License. You can obtain a copy
6 * in the file LICENSE in the source distribution or at
7 * https://www.openssl.org/source/license.html
11 * Licensed under the Apache License 2.0 (the "License");
12 * you may not use this file except in compliance with the License.
13 * You may obtain a copy of the License at
14 * https://www.openssl.org/source/license.html
15 * or in the file LICENSE in the source distribution.
18 #ifndef HEADER_RAND_INT_H
19 # define HEADER_RAND_INT_H
21 # include <openssl/rand.h>
23 /* forward declaration */
24 typedef struct rand_pool_st RAND_POOL
;
26 void rand_cleanup_int(void);
28 /* Hardware-based seeding functions. */
29 size_t rand_acquire_entropy_from_tsc(RAND_POOL
*pool
);
30 size_t rand_acquire_entropy_from_cpu(RAND_POOL
*pool
);
32 /* DRBG entropy callbacks. */
33 size_t rand_drbg_get_entropy(RAND_DRBG
*drbg
,
35 int entropy
, size_t min_len
, size_t max_len
,
36 int prediction_resistance
);
37 void rand_drbg_cleanup_entropy(RAND_DRBG
*drbg
,
38 unsigned char *out
, size_t outlen
);
39 size_t rand_drbg_get_nonce(RAND_DRBG
*drbg
,
41 int entropy
, size_t min_len
, size_t max_len
);
42 void rand_drbg_cleanup_nonce(RAND_DRBG
*drbg
,
43 unsigned char *out
, size_t outlen
);
45 size_t rand_drbg_get_additional_data(RAND_POOL
*pool
, unsigned char **pout
);
47 void rand_drbg_cleanup_additional_data(RAND_POOL
*pool
, unsigned char *out
);
49 /* CRNG test entropy filter callbacks. */
50 size_t rand_crngt_get_entropy(RAND_DRBG
*drbg
,
52 int entropy
, size_t min_len
, size_t max_len
,
53 int prediction_resistance
);
54 void rand_crngt_cleanup_entropy(RAND_DRBG
*drbg
,
55 unsigned char *out
, size_t outlen
);
60 RAND_POOL
*rand_pool_new(int entropy_requested
, int secure
,
61 size_t min_len
, size_t max_len
);
62 RAND_POOL
*rand_pool_attach(const unsigned char *buffer
, size_t len
,
64 void rand_pool_free(RAND_POOL
*pool
);
66 const unsigned char *rand_pool_buffer(RAND_POOL
*pool
);
67 unsigned char *rand_pool_detach(RAND_POOL
*pool
);
68 void rand_pool_reattach(RAND_POOL
*pool
, unsigned char *buffer
);
70 size_t rand_pool_entropy(RAND_POOL
*pool
);
71 size_t rand_pool_length(RAND_POOL
*pool
);
73 size_t rand_pool_entropy_available(RAND_POOL
*pool
);
74 size_t rand_pool_entropy_needed(RAND_POOL
*pool
);
75 /* |entropy_factor| expresses how many bits of data contain 1 bit of entropy */
76 size_t rand_pool_bytes_needed(RAND_POOL
*pool
, unsigned int entropy_factor
);
77 size_t rand_pool_bytes_remaining(RAND_POOL
*pool
);
79 int rand_pool_add(RAND_POOL
*pool
,
80 const unsigned char *buffer
, size_t len
, size_t entropy
);
81 unsigned char *rand_pool_add_begin(RAND_POOL
*pool
, size_t len
);
82 int rand_pool_add_end(RAND_POOL
*pool
, size_t len
, size_t entropy
);
86 * Add random bytes to the pool to acquire requested amount of entropy
88 * This function is platform specific and tries to acquire the requested
89 * amount of entropy by polling platform specific entropy sources.
91 * If the function succeeds in acquiring at least |entropy_requested| bits
92 * of entropy, the total entropy count is returned. If it fails, it returns
93 * an entropy count of 0.
95 size_t rand_pool_acquire_entropy(RAND_POOL
*pool
);
98 * Add some application specific nonce data
100 * This function is platform specific and adds some application specific
101 * data to the nonce used for instantiating the drbg.
103 * This data currently consists of the process and thread id, and a high
104 * resolution timestamp. The data does not include an atomic counter,
105 * because that is added by the calling function rand_drbg_get_nonce().
107 * Returns 1 on success and 0 on failure.
109 int rand_pool_add_nonce_data(RAND_POOL
*pool
);
113 * Add some platform specific additional data
115 * This function is platform specific and adds some random noise to the
116 * additional data used for generating random bytes and for reseeding
119 * Returns 1 on success and 0 on failure.
121 int rand_pool_add_additional_data(RAND_POOL
*pool
);
124 * Initialise the random pool reseeding sources.
126 * Returns 1 on success and 0 on failure.
128 int rand_pool_init(void);
131 * Finalise the random pool reseeding sources.
133 void rand_pool_cleanup(void);
136 * Control the random pool use of open file descriptors.
138 void rand_pool_keep_random_devices_open(int keep
);
140 /* Equivalent of RAND_priv_bytes() but additionally taking an OPENSSL_CTX */
141 int rand_priv_bytes_ex(OPENSSL_CTX
*ctx
, unsigned char *buf
, int num
);
143 /* Equivalent of RAND_bytes() but additionally taking an OPENSSL_CTX */
144 int rand_bytes_ex(OPENSSL_CTX
*ctx
, unsigned char *buf
, int num
);