2
0

rand.h 4.4 KB

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134
  1. /*
  2. * Copyright 2016-2019 The OpenSSL Project Authors. All Rights Reserved.
  3. *
  4. * Licensed under the OpenSSL license (the "License"). You may not use
  5. * this file except in compliance with the License. You can obtain a copy
  6. * in the file LICENSE in the source distribution or at
  7. * https://www.openssl.org/source/license.html
  8. */
  9. /*
  10. * Licensed under the OpenSSL licenses, (the "License");
  11. * you may not use this file except in compliance with the License.
  12. * You may obtain a copy of the License at
  13. * https://www.openssl.org/source/license.html
  14. * or in the file LICENSE in the source distribution.
  15. */
  16. #ifndef OSSL_CRYPTO_RAND_H
  17. # define OSSL_CRYPTO_RAND_H
  18. # include <openssl/rand.h>
  19. /* forward declaration */
  20. typedef struct rand_pool_st RAND_POOL;
  21. void rand_cleanup_int(void);
  22. void rand_drbg_cleanup_int(void);
  23. void drbg_delete_thread_state(void);
  24. /* Hardware-based seeding functions. */
  25. size_t rand_acquire_entropy_from_tsc(RAND_POOL *pool);
  26. size_t rand_acquire_entropy_from_cpu(RAND_POOL *pool);
  27. /* DRBG entropy callbacks. */
  28. size_t rand_drbg_get_entropy(RAND_DRBG *drbg,
  29. unsigned char **pout,
  30. int entropy, size_t min_len, size_t max_len,
  31. int prediction_resistance);
  32. void rand_drbg_cleanup_entropy(RAND_DRBG *drbg,
  33. unsigned char *out, size_t outlen);
  34. size_t rand_drbg_get_nonce(RAND_DRBG *drbg,
  35. unsigned char **pout,
  36. int entropy, size_t min_len, size_t max_len);
  37. void rand_drbg_cleanup_nonce(RAND_DRBG *drbg,
  38. unsigned char *out, size_t outlen);
  39. size_t rand_drbg_get_additional_data(RAND_POOL *pool, unsigned char **pout);
  40. void rand_drbg_cleanup_additional_data(RAND_POOL *pool, unsigned char *out);
  41. /*
  42. * RAND_POOL functions
  43. */
  44. RAND_POOL *rand_pool_new(int entropy_requested, int secure,
  45. size_t min_len, size_t max_len);
  46. RAND_POOL *rand_pool_attach(const unsigned char *buffer, size_t len,
  47. size_t entropy);
  48. void rand_pool_free(RAND_POOL *pool);
  49. const unsigned char *rand_pool_buffer(RAND_POOL *pool);
  50. unsigned char *rand_pool_detach(RAND_POOL *pool);
  51. void rand_pool_reattach(RAND_POOL *pool, unsigned char *buffer);
  52. size_t rand_pool_entropy(RAND_POOL *pool);
  53. size_t rand_pool_length(RAND_POOL *pool);
  54. size_t rand_pool_entropy_available(RAND_POOL *pool);
  55. size_t rand_pool_entropy_needed(RAND_POOL *pool);
  56. /* |entropy_factor| expresses how many bits of data contain 1 bit of entropy */
  57. size_t rand_pool_bytes_needed(RAND_POOL *pool, unsigned int entropy_factor);
  58. size_t rand_pool_bytes_remaining(RAND_POOL *pool);
  59. int rand_pool_add(RAND_POOL *pool,
  60. const unsigned char *buffer, size_t len, size_t entropy);
  61. unsigned char *rand_pool_add_begin(RAND_POOL *pool, size_t len);
  62. int rand_pool_add_end(RAND_POOL *pool, size_t len, size_t entropy);
  63. /*
  64. * Add random bytes to the pool to acquire requested amount of entropy
  65. *
  66. * This function is platform specific and tries to acquire the requested
  67. * amount of entropy by polling platform specific entropy sources.
  68. *
  69. * If the function succeeds in acquiring at least |entropy_requested| bits
  70. * of entropy, the total entropy count is returned. If it fails, it returns
  71. * an entropy count of 0.
  72. */
  73. size_t rand_pool_acquire_entropy(RAND_POOL *pool);
  74. /*
  75. * Add some application specific nonce data
  76. *
  77. * This function is platform specific and adds some application specific
  78. * data to the nonce used for instantiating the drbg.
  79. *
  80. * This data currently consists of the process and thread id, and a high
  81. * resolution timestamp. The data does not include an atomic counter,
  82. * because that is added by the calling function rand_drbg_get_nonce().
  83. *
  84. * Returns 1 on success and 0 on failure.
  85. */
  86. int rand_pool_add_nonce_data(RAND_POOL *pool);
  87. /*
  88. * Add some platform specific additional data
  89. *
  90. * This function is platform specific and adds some random noise to the
  91. * additional data used for generating random bytes and for reseeding
  92. * the drbg.
  93. *
  94. * Returns 1 on success and 0 on failure.
  95. */
  96. int rand_pool_add_additional_data(RAND_POOL *pool);
  97. /*
  98. * Initialise the random pool reseeding sources.
  99. *
  100. * Returns 1 on success and 0 on failure.
  101. */
  102. int rand_pool_init(void);
  103. /*
  104. * Finalise the random pool reseeding sources.
  105. */
  106. void rand_pool_cleanup(void);
  107. /*
  108. * Control the random pool use of open file descriptors.
  109. */
  110. void rand_pool_keep_random_devices_open(int keep);
  111. #endif