TrustedFirmware Git Browser
Code Review Sign In
review.trustedfirmware.org / mirror / mbed-crypto / refs/heads/dev/mbed-crypto-0.1.0-alpha / . / library / entropy_poll.c
blob: 4c9f61fee6d7bc7d414424c4b454ca09d3c8995b [file] [log] [blame]
Jaeden Ameroe54e6932018-08-06 16:19:58 +0100[diff] [blame]1/*
2 * Platform-specific and custom entropy polling functions
3 *
4 * Copyright (C) 2006-2016, ARM Limited, All Rights Reserved
5 * SPDX-License-Identifier: Apache-2.0
6 *
7 * Licensed under the Apache License, Version 2.0 (the "License"); you may
8 * not use this file except in compliance with the License.
9 * You may obtain a copy of the License at
10 *
11 * http://www.apache.org/licenses/LICENSE-2.0
12 *
13 * Unless required by applicable law or agreed to in writing, software
14 * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
15 * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
16 * See the License for the specific language governing permissions and
17 * limitations under the License.
18 *
19 * This file is part of Mbed Crypto (https://tls.mbed.org)
20 */
21
22#if !defined(MBEDCRYPTO_CONFIG_FILE)
23#include "mbedcrypto/config.h"
24#else
25#include MBEDCRYPTO_CONFIG_FILE
26#endif
27
28#include <string.h>
29
30#if defined(MBEDCRYPTO_ENTROPY_C)
31
32#include "mbedcrypto/entropy.h"
33#include "mbedcrypto/entropy_poll.h"
34
35#if defined(MBEDCRYPTO_TIMING_C)
36#include "mbedcrypto/timing.h"
37#endif
38#if defined(MBEDCRYPTO_HAVEGE_C)
39#include "mbedcrypto/havege.h"
40#endif
41#if defined(MBEDCRYPTO_ENTROPY_NV_SEED)
42#include "mbedcrypto/platform.h"
43#endif
44
45#if !defined(MBEDCRYPTO_NO_PLATFORM_ENTROPY)
46
47#if !defined(unix) && !defined(__unix__) && !defined(__unix) && \
48 !defined(__APPLE__) && !defined(_WIN32) && !defined(__QNXNTO__)
49#error "Platform entropy sources only work on Unix and Windows, see MBEDCRYPTO_NO_PLATFORM_ENTROPY in config.h"
50#endif
51
52#if defined(_WIN32) && !defined(EFIX64) && !defined(EFI32)
53
54#if !defined(_WIN32_WINNT)
55#define _WIN32_WINNT 0x0400
56#endif
57#include <windows.h>
58#include <wincrypt.h>
59
60int mbedcrypto_platform_entropy_poll( void *data, unsigned char *output, size_t len,
61 size_t *olen )
62{
63 HCRYPTPROV provider;
64 ((void) data);
65 *olen = 0;
66
67 if( CryptAcquireContext( &provider, NULL, NULL,
68 PROV_RSA_FULL, CRYPT_VERIFYCONTEXT ) == FALSE )
69 {
70 return( MBEDCRYPTO_ERR_ENTROPY_SOURCE_FAILED );
71 }
72
73 if( CryptGenRandom( provider, (DWORD) len, output ) == FALSE )
74 {
75 CryptReleaseContext( provider, 0 );
76 return( MBEDCRYPTO_ERR_ENTROPY_SOURCE_FAILED );
77 }
78
79 CryptReleaseContext( provider, 0 );
80 *olen = len;
81
82 return( 0 );
83}
84#else /* _WIN32 && !EFIX64 && !EFI32 */
85
86/*
87 * Test for Linux getrandom() support.
88 * Since there is no wrapper in the libc yet, use the generic syscall wrapper
89 * available in GNU libc and compatible libc's (eg uClibc).
90 */
91#if defined(__linux__) && defined(__GLIBC__)
92#include <unistd.h>
93#include <sys/syscall.h>
94#if defined(SYS_getrandom)
95#define HAVE_GETRANDOM
96
97static int getrandom_wrapper( void *buf, size_t buflen, unsigned int flags )
98{
99 /* MemSan cannot understand that the syscall writes to the buffer */
100#if defined(__has_feature)
101#if __has_feature(memory_sanitizer)
102 memset( buf, 0, buflen );
103#endif
104#endif
105
106 return( syscall( SYS_getrandom, buf, buflen, flags ) );
107}
108
109#include <sys/utsname.h>
110/* Check if version is at least 3.17.0 */
111static int check_version_3_17_plus( void )
112{
113 int minor;
114 struct utsname un;
115 const char *ver;
116
117 /* Get version information */
118 uname(&un);
119 ver = un.release;
120
121 /* Check major version; assume a single digit */
122 if( ver[0] < '3' || ver[0] > '9' || ver [1] != '.' )
123 return( -1 );
124
125 if( ver[0] - '0' > 3 )
126 return( 0 );
127
128 /* Ok, so now we know major == 3, check minor.
129 * Assume 1 or 2 digits. */
130 if( ver[2] < '0' || ver[2] > '9' )
131 return( -1 );
132
133 minor = ver[2] - '0';
134
135 if( ver[3] >= '0' && ver[3] <= '9' )
136 minor = 10 * minor + ver[3] - '0';
137 else if( ver [3] != '.' )
138 return( -1 );
139
140 if( minor < 17 )
141 return( -1 );
142
143 return( 0 );
144}
145static int has_getrandom = -1;
146#endif /* SYS_getrandom */
147#endif /* __linux__ */
148
149#include <stdio.h>
150
151int mbedcrypto_platform_entropy_poll( void *data,
152 unsigned char *output, size_t len, size_t *olen )
153{
154 FILE *file;
155 size_t read_len;
156 ((void) data);
157
158#if defined(HAVE_GETRANDOM)
159 if( has_getrandom == -1 )
160 has_getrandom = ( check_version_3_17_plus() == 0 );
161
162 if( has_getrandom )
163 {
164 int ret;
165
166 if( ( ret = getrandom_wrapper( output, len, 0 ) ) < 0 )
167 return( MBEDCRYPTO_ERR_ENTROPY_SOURCE_FAILED );
168
169 *olen = ret;
170 return( 0 );
171 }
172#endif /* HAVE_GETRANDOM */
173
174 *olen = 0;
175
176 file = fopen( "/dev/urandom", "rb" );
177 if( file == NULL )
178 return( MBEDCRYPTO_ERR_ENTROPY_SOURCE_FAILED );
179
180 read_len = fread( output, 1, len, file );
181 if( read_len != len )
182 {
183 fclose( file );
184 return( MBEDCRYPTO_ERR_ENTROPY_SOURCE_FAILED );
185 }
186
187 fclose( file );
188 *olen = len;
189
190 return( 0 );
191}
192#endif /* _WIN32 && !EFIX64 && !EFI32 */
193#endif /* !MBEDCRYPTO_NO_PLATFORM_ENTROPY */
194
195#if defined(MBEDCRYPTO_TEST_NULL_ENTROPY)
196int mbedcrypto_null_entropy_poll( void *data,
197 unsigned char *output, size_t len, size_t *olen )
198{
199 ((void) data);
200 ((void) output);
201 *olen = 0;
202
203 if( len < sizeof(unsigned char) )
204 return( 0 );
205
206 *olen = sizeof(unsigned char);
207
208 return( 0 );
209}
210#endif
211
212#if defined(MBEDCRYPTO_TIMING_C)
213int mbedcrypto_hardclock_poll( void *data,
214 unsigned char *output, size_t len, size_t *olen )
215{
216 unsigned long timer = mbedcrypto_timing_hardclock();
217 ((void) data);
218 *olen = 0;
219
220 if( len < sizeof(unsigned long) )
221 return( 0 );
222
223 memcpy( output, &timer, sizeof(unsigned long) );
224 *olen = sizeof(unsigned long);
225
226 return( 0 );
227}
228#endif /* MBEDCRYPTO_TIMING_C */
229
230#if defined(MBEDCRYPTO_HAVEGE_C)
231int mbedcrypto_havege_poll( void *data,
232 unsigned char *output, size_t len, size_t *olen )
233{
234 mbedcrypto_havege_state *hs = (mbedcrypto_havege_state *) data;
235 *olen = 0;
236
237 if( mbedcrypto_havege_random( hs, output, len ) != 0 )
238 return( MBEDCRYPTO_ERR_ENTROPY_SOURCE_FAILED );
239
240 *olen = len;
241
242 return( 0 );
243}
244#endif /* MBEDCRYPTO_HAVEGE_C */
245
246#if defined(MBEDCRYPTO_ENTROPY_NV_SEED)
247int mbedcrypto_nv_seed_poll( void *data,
248 unsigned char *output, size_t len, size_t *olen )
249{
250 unsigned char buf[MBEDCRYPTO_ENTROPY_BLOCK_SIZE];
251 size_t use_len = MBEDCRYPTO_ENTROPY_BLOCK_SIZE;
252 ((void) data);
253
254 memset( buf, 0, MBEDCRYPTO_ENTROPY_BLOCK_SIZE );
255
256 if( mbedcrypto_nv_seed_read( buf, MBEDCRYPTO_ENTROPY_BLOCK_SIZE ) < 0 )
257 return( MBEDCRYPTO_ERR_ENTROPY_SOURCE_FAILED );
258
259 if( len < use_len )
260 use_len = len;
261
262 memcpy( output, buf, use_len );
263 *olen = use_len;
264
265 return( 0 );
266}
267#endif /* MBEDCRYPTO_ENTROPY_NV_SEED */
268
269#endif /* MBEDCRYPTO_ENTROPY_C */