[thirdparty/rng-tools.git] / rngd_entsource.c

/*
 * rngd_entsource.c -- Entropy source and conditioning
 *
 * Copyright (C) 2001 Philipp Rumpf
 *
 * This program is free software; you can redistribute it and/or modify
 * it under the terms of the GNU General Public License as published by
 * the Free Software Foundation; either version 2 of the License, or
 * (at your option) any later version.
 *
 * This program is distributed in the hope that it will be useful,
 * but WITHOUT ANY WARRANTY; without even the implied warranty of
 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
 * GNU General Public License for more details.
 *
 * You should have received a copy of the GNU General Public License
 * along with this program; if not, write to the Free Software
 * Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA  02111-1307  USA
 */

#define _GNU_SOURCE

#ifndef HAVE_CONFIG_H
#error Invalid or missing autoconf build environment
#endif

#include "rng-tools-config.h"

#include <unistd.h>
#include <stdint.h>
#include <stdlib.h>
#include <sys/types.h>
#include <sys/stat.h>
#include <fcntl.h>
#include <errno.h>
#include <syslog.h>
#include <string.h>

#include "rngd.h"
#include "fips.h"
#include "exits.h"
#include "rngd_entsource.h"


/* The overhead incured when tpm returns the random nos as per TCG spec
 * it is 14 bytes.*/
#define TPM_GET_RNG_OVERHEAD	14

/* Read data from the entropy source */
int xread(void *buf, size_t size, struct rng *ent_src)
{
	size_t off = 0;
	ssize_t r;

	while (size > 0) {
		do {
			r = read(ent_src->rng_fd, buf + off, size);
		} while ((r == -1) && (errno == EINTR));
		if (r <= 0)
			break;
		off += r;
		size -= r;
	}

	if (size) {
		message(LOG_DAEMON|LOG_ERR, "read error\n");
		return -1;
	}
	return 0;
}

/* tpm rng read call to kernel has 13 bytes of overhead
 * the logic to process this involves reading to a temporary_buf
 * and copying the no generated to buf */
int xread_tpm(void *buf, size_t size, struct rng *ent_src)
{
	size_t bytes_read = 0;
	ssize_t r;
	int retval;
	unsigned char *temp_buf = NULL;
	unsigned char rng_cmd[] = {
		0, 193,            /* TPM_TAG_RQU_COMMAND */
		0, 0, 0, 14,       /* length */
		0, 0, 0, 70,       /* TPM_ORD_GetRandom */
		0, 0, 0, 0,        /* number of bytes to return */
	};
	char *offset;

	ent_src->rng_fd = open(ent_src->rng_name, O_RDWR);
	if (ent_src->rng_fd == -1) {
		return -1;
	}

	temp_buf = (unsigned char *) malloc(size + TPM_GET_RNG_OVERHEAD);
	memset(temp_buf, 0, (size+TPM_GET_RNG_OVERHEAD));
	if (temp_buf == NULL) {
		message(LOG_ERR|LOG_INFO,"No memory");
		return -1;
	}
	/* 32 bits has been reserved for random byte size */
	rng_cmd[13] = (unsigned char)(size & 0xFF);
	rng_cmd[12] = (unsigned char)((size >> 8) & 0xFF);
	rng_cmd[11] = (unsigned char)((size >> 16) & 0xFF);
	rng_cmd[10] = (unsigned char)((size >> 24) & 0xFF);
	offset = buf;
	while (bytes_read < size) {
		r=0;
		while (r < sizeof(rng_cmd)) {
			retval = write(ent_src->rng_fd,
				       rng_cmd + r,
				       sizeof(rng_cmd) - r);
			if (retval < 0) {
				message(LOG_ERR|LOG_INFO,
					"Error writing %s\n",
					ent_src->rng_name);
				retval = -1;
				goto error_out;
			}
			r += retval;
		}
		if (r < sizeof(rng_cmd)) {
			message(LOG_ERR|LOG_INFO,
				"Error writing %s\n", ent_src->rng_name);
			retval = -1;
			goto error_out;
		}
		r = read(ent_src->rng_fd, temp_buf,size);
		r = (r - TPM_GET_RNG_OVERHEAD);
		bytes_read = bytes_read + r;
		if (bytes_read > size) {
			memcpy(offset,temp_buf + TPM_GET_RNG_OVERHEAD,
				r - (bytes_read - size));
			break;
		}
		memcpy(offset, temp_buf + TPM_GET_RNG_OVERHEAD, r);
		offset = offset + r;
	}
	retval = 0;
error_out:
    close(ent_src->rng_fd);
	free(temp_buf);
	return retval;
}

/* Initialize entropy source */
static int discard_initial_data(struct rng *ent_src)
{
	/* Trash 32 bits of what is probably stale (non-random)
	 * initial state from the RNG.  For Intel's, 8 bits would
	 * be enough, but since AMD's generates 32 bits at a time...
	 *
	 * The kernel drivers should be doing this at device powerup,
	 * but at least up to 2.4.24, it doesn't. */
	unsigned char tempbuf[4];
	xread(tempbuf, sizeof tempbuf, ent_src);

	/* Return 32 bits of bootstrap data */
	xread(tempbuf, sizeof tempbuf, ent_src);

	return tempbuf[0] | (tempbuf[1] << 8) |
		(tempbuf[2] << 16) | (tempbuf[3] << 24);
}

/*
 * Open entropy source, and initialize it
 */
int init_entropy_source(struct rng *ent_src)
{
	ent_src->rng_fd = open(ent_src->rng_name, O_RDONLY);
	if (ent_src->rng_fd == -1) {
		return 1;
	}
	src_list_add(ent_src);
	/* Bootstrap FIPS tests */
	ent_src->fipsctx = malloc(sizeof(fips_ctx_t));
	fips_init(ent_src->fipsctx, discard_initial_data(ent_src));
	return 0;
}

/*
 * Open tpm entropy source, and initialize it
 */
int init_tpm_entropy_source(struct rng *ent_src)
{
	ent_src->rng_fd = open(ent_src->rng_name, O_RDWR);
	if (ent_src->rng_fd == -1) {
		return 1;
	}
	src_list_add(ent_src);
	/* Bootstrap FIPS tests */
	ent_src->fipsctx = malloc(sizeof(fips_ctx_t));
	fips_init(ent_src->fipsctx, 0);
	close(ent_src->rng_fd);
	return 0;
}
Commit	Line	Data
61af3de3 JG	1	/*
	2	* rngd_entsource.c -- Entropy source and conditioning
	3	*
	4	* Copyright (C) 2001 Philipp Rumpf
	5	*
	6	* This program is free software; you can redistribute it and/or modify
	7	* it under the terms of the GNU General Public License as published by
	8	* the Free Software Foundation; either version 2 of the License, or
	9	* (at your option) any later version.
d1b4c504	10	*
61af3de3 JG	11	* This program is distributed in the hope that it will be useful,
	12	* but WITHOUT ANY WARRANTY; without even the implied warranty of
	13	* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
	14	* GNU General Public License for more details.
	15	*
	16	* You should have received a copy of the GNU General Public License
	17	* along with this program; if not, write to the Free Software
	18	* Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA
	19	*/
	20
	21	#define _GNU_SOURCE
	22
	23	#ifndef HAVE_CONFIG_H
	24	#error Invalid or missing autoconf build environment
	25	#endif
	26
	27	#include "rng-tools-config.h"
	28
	29	#include <unistd.h>
	30	#include <stdint.h>
	31	#include <stdlib.h>
	32	#include <sys/types.h>
	33	#include <sys/stat.h>
	34	#include <fcntl.h>
	35	#include <errno.h>
	36	#include <syslog.h>
	37	#include <string.h>
	38
	39	#include "rngd.h"
	40	#include "fips.h"
	41	#include "exits.h"
	42	#include "rngd_entsource.h"
	43
	44
d1b4c504 JG	45	/* The overhead incured when tpm returns the random nos as per TCG spec
	46	* it is 14 bytes.*/
	47	#define TPM_GET_RNG_OVERHEAD 14
61af3de3 JG	48
61af3de3 JG	49	/* Read data from the entropy source */
d1b4c504	50	int xread(void buf, size_t size, struct rng ent_src)
61af3de3 JG	51	{
	52	size_t off = 0;
	53	ssize_t r;
	54
	55	while (size > 0) {
	56	do {
d1b4c504	57	r = read(ent_src->rng_fd, buf + off, size);
61af3de3 JG	58	} while ((r == -1) && (errno == EINTR));
	59	if (r <= 0)
	60	break;
	61	off += r;
	62	size -= r;
	63	}
	64
	65	if (size) {
	66	message(LOG_DAEMON\|LOG_ERR, "read error\n");
d1b4c504 JG	67	return -1;
	68	}
	69	return 0;
	70	}
	71
	72	/* tpm rng read call to kernel has 13 bytes of overhead
	73	* the logic to process this involves reading to a temporary_buf
	74	* and copying the no generated to buf */
	75	int xread_tpm(void buf, size_t size, struct rng ent_src)
	76	{
	77	size_t bytes_read = 0;
	78	ssize_t r;
	79	int retval;
	80	unsigned char *temp_buf = NULL;
	81	unsigned char rng_cmd[] = {
	82	0, 193, /* TPM_TAG_RQU_COMMAND */
	83	0, 0, 0, 14, /* length */
	84	0, 0, 0, 70, /* TPM_ORD_GetRandom */
	85	0, 0, 0, 0, /* number of bytes to return */
	86	};
	87	char *offset;
	88
	89	ent_src->rng_fd = open(ent_src->rng_name, O_RDWR);
	90	if (ent_src->rng_fd == -1) {
	91	return -1;
	92	}
	93
	94	temp_buf = (unsigned char *) malloc(size + TPM_GET_RNG_OVERHEAD);
	95	memset(temp_buf, 0, (size+TPM_GET_RNG_OVERHEAD));
	96	if (temp_buf == NULL) {
	97	message(LOG_ERR\|LOG_INFO,"No memory");
	98	return -1;
61af3de3	99	}
d1b4c504 JG	100	/* 32 bits has been reserved for random byte size */
	101	rng_cmd[13] = (unsigned char)(size & 0xFF);
	102	rng_cmd[12] = (unsigned char)((size >> 8) & 0xFF);
	103	rng_cmd[11] = (unsigned char)((size >> 16) & 0xFF);
	104	rng_cmd[10] = (unsigned char)((size >> 24) & 0xFF);
	105	offset = buf;
	106	while (bytes_read < size) {
	107	r=0;
	108	while (r < sizeof(rng_cmd)) {
	109	retval = write(ent_src->rng_fd,
	110	rng_cmd + r,
	111	sizeof(rng_cmd) - r);
	112	if (retval < 0) {
	113	message(LOG_ERR\|LOG_INFO,
	114	"Error writing %s\n",
	115	ent_src->rng_name);
	116	retval = -1;
	117	goto error_out;
	118	}
	119	r += retval;
	120	}
	121	if (r < sizeof(rng_cmd)) {
	122	message(LOG_ERR\|LOG_INFO,
	123	"Error writing %s\n", ent_src->rng_name);
	124	retval = -1;
	125	goto error_out;
	126	}
	127	r = read(ent_src->rng_fd, temp_buf,size);
	128	r = (r - TPM_GET_RNG_OVERHEAD);
	129	bytes_read = bytes_read + r;
	130	if (bytes_read > size) {
	131	memcpy(offset,temp_buf + TPM_GET_RNG_OVERHEAD,
	132	r - (bytes_read - size));
	133	break;
	134	}
	135	memcpy(offset, temp_buf + TPM_GET_RNG_OVERHEAD, r);
	136	offset = offset + r;
	137	}
	138	retval = 0;
	139	error_out:
	140	close(ent_src->rng_fd);
	141	free(temp_buf);
	142	return retval;
61af3de3 JG	143	}
	144
	145	/* Initialize entropy source */
d1b4c504	146	static int discard_initial_data(struct rng *ent_src)
61af3de3 JG	147	{
	148	/* Trash 32 bits of what is probably stale (non-random)
	149	* initial state from the RNG. For Intel's, 8 bits would
	150	* be enough, but since AMD's generates 32 bits at a time...
d1b4c504	151	*
61af3de3 JG	152	* The kernel drivers should be doing this at device powerup,
	153	* but at least up to 2.4.24, it doesn't. */
	154	unsigned char tempbuf[4];
d1b4c504	155	xread(tempbuf, sizeof tempbuf, ent_src);
61af3de3 JG	156
61af3de3 JG	157	/* Return 32 bits of bootstrap data */
d1b4c504	158	xread(tempbuf, sizeof tempbuf, ent_src);
61af3de3	159
d1b4c504	160	return tempbuf[0] \| (tempbuf[1] << 8) \|
61af3de3 JG	161	(tempbuf[2] << 16) \| (tempbuf[3] << 24);
	162	}
	163
	164	/*
	165	* Open entropy source, and initialize it
	166	*/
d1b4c504	167	int init_entropy_source(struct rng *ent_src)
61af3de3	168	{
d1b4c504 JG	169	ent_src->rng_fd = open(ent_src->rng_name, O_RDONLY);
	170	if (ent_src->rng_fd == -1) {
	171	return 1;
61af3de3	172	}
a26d20cf	173	src_list_add(ent_src);
61af3de3	174	/* Bootstrap FIPS tests */
d1b4c504 JG	175	ent_src->fipsctx = malloc(sizeof(fips_ctx_t));
	176	fips_init(ent_src->fipsctx, discard_initial_data(ent_src));
	177	return 0;
61af3de3 JG	178	}
61af3de3 JG	179
d1b4c504 JG	180	/*
	181	* Open tpm entropy source, and initialize it
	182	*/
	183	int init_tpm_entropy_source(struct rng *ent_src)
	184	{
	185	ent_src->rng_fd = open(ent_src->rng_name, O_RDWR);
	186	if (ent_src->rng_fd == -1) {
	187	return 1;
	188	}
a26d20cf	189	src_list_add(ent_src);
d1b4c504 JG	190	/* Bootstrap FIPS tests */
	191	ent_src->fipsctx = malloc(sizeof(fips_ctx_t));
	192	fips_init(ent_src->fipsctx, 0);
	193	close(ent_src->rng_fd);
	194	return 0;
	195	}