1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
|
/*
* Copyright 2020-2023 The OpenSSL Project Authors. All Rights Reserved.
*
* Licensed under the Apache License 2.0 (the "License"). You may not use
* this file except in compliance with the License. You can obtain a copy
* in the file LICENSE in the source distribution or at
* https://www.openssl.org/source/license.html
*/
#include "rand_local.h"
#include "crypto/evp.h"
#include "crypto/rand.h"
#include "crypto/rand_pool.h"
#include "internal/core.h"
#include <openssl/core_dispatch.h>
#include <openssl/err.h>
size_t ossl_rand_get_entropy(ossl_unused OSSL_LIB_CTX *ctx,
unsigned char **pout, int entropy,
size_t min_len, size_t max_len)
{
size_t ret = 0;
size_t entropy_available;
RAND_POOL *pool;
pool = ossl_rand_pool_new(entropy, 1, min_len, max_len);
if (pool == NULL) {
ERR_raise(ERR_LIB_RAND, ERR_R_RAND_LIB);
return 0;
}
/* Get entropy by polling system entropy sources. */
entropy_available = ossl_pool_acquire_entropy(pool);
if (entropy_available > 0) {
ret = ossl_rand_pool_length(pool);
*pout = ossl_rand_pool_detach(pool);
}
ossl_rand_pool_free(pool);
return ret;
}
size_t ossl_rand_get_user_entropy(OSSL_LIB_CTX *ctx,
unsigned char **pout, int entropy,
size_t min_len, size_t max_len)
{
EVP_RAND_CTX *rng = ossl_rand_get0_seed_noncreating(ctx);
if (rng != NULL && evp_rand_can_seed(rng))
return evp_rand_get_seed(rng, pout, entropy, min_len, max_len,
0, NULL, 0);
else
return ossl_rand_get_entropy(ctx, pout, entropy, min_len, max_len);
}
void ossl_rand_cleanup_entropy(ossl_unused OSSL_LIB_CTX *ctx,
unsigned char *buf, size_t len)
{
OPENSSL_secure_clear_free(buf, len);
}
void ossl_rand_cleanup_user_entropy(OSSL_LIB_CTX *ctx,
unsigned char *buf, size_t len)
{
EVP_RAND_CTX *rng = ossl_rand_get0_seed_noncreating(ctx);
if (rng != NULL && evp_rand_can_seed(rng))
evp_rand_clear_seed(rng, buf, len);
else
OPENSSL_secure_clear_free(buf, len);
}
size_t ossl_rand_get_nonce(ossl_unused OSSL_LIB_CTX *ctx,
unsigned char **pout,
size_t min_len, ossl_unused size_t max_len,
const void *salt, size_t salt_len)
{
size_t ret = 0;
RAND_POOL *pool;
pool = ossl_rand_pool_new(0, 0, min_len, max_len);
if (pool == NULL) {
ERR_raise(ERR_LIB_RAND, ERR_R_RAND_LIB);
return 0;
}
if (!ossl_pool_add_nonce_data(pool))
goto err;
if (salt != NULL && !ossl_rand_pool_add(pool, salt, salt_len, 0))
goto err;
ret = ossl_rand_pool_length(pool);
*pout = ossl_rand_pool_detach(pool);
err:
ossl_rand_pool_free(pool);
return ret;
}
size_t ossl_rand_get_user_nonce(OSSL_LIB_CTX *ctx,
unsigned char **pout,
size_t min_len, size_t max_len,
const void *salt, size_t salt_len)
{
unsigned char *buf;
EVP_RAND_CTX *rng = ossl_rand_get0_seed_noncreating(ctx);
if (rng == NULL)
return ossl_rand_get_nonce(ctx, pout, min_len, max_len, salt, salt_len);
if ((buf = OPENSSL_malloc(min_len)) == NULL)
return 0;
if (!EVP_RAND_generate(rng, buf, min_len, 0, 0, salt, salt_len)) {
OPENSSL_free(buf);
return 0;
}
*pout = buf;
return min_len;
}
void ossl_rand_cleanup_nonce(ossl_unused OSSL_LIB_CTX *ctx,
unsigned char *buf, size_t len)
{
OPENSSL_clear_free(buf, len);
}
void ossl_rand_cleanup_user_nonce(ossl_unused OSSL_LIB_CTX *ctx,
unsigned char *buf, size_t len)
{
OPENSSL_clear_free(buf, len);
}
|
