TrustedFirmware Git Browser
Code Review Sign In
review.trustedfirmware.org / mirror / mbed-tls / 16799db69a2947b1c30e4fb17116901a93a7918b / . / include / mbedtls / entropy.h
blob: 20fd6872b89b8e563d10a0fe09d64ef19c03f5a1 [file] [log] [blame]
Paul Bakker6083fd22011-12-03 21:45:14 +0000[diff] [blame]1/**
2 * \file entropy.h
3 *
4 * \brief Entropy accumulator implementation
Darryl Greena40a1012018-01-05 15:33:17 +0000[diff] [blame]5 */
6/*
Bence Szépkúti1e148272020-08-07 13:07:28 +0200[diff] [blame]7 * Copyright The Mbed TLS Contributors
Dave Rodgman16799db2023-11-02 19:47:20 +0000[diff] [blame^]8 * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later
Paul Bakker6083fd22011-12-03 21:45:14 +0000[diff] [blame]9 */
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]10#ifndef MBEDTLS_ENTROPY_H
11#define MBEDTLS_ENTROPY_H
Mateusz Starzyk846f0212021-05-19 19:44:07 +0200[diff] [blame]12#include "mbedtls/private_access.h"
Paul Bakker6083fd22011-12-03 21:45:14 +0000[diff] [blame]13
Bence Szépkútic662b362021-05-27 11:25:03 +0200[diff] [blame]14#include "mbedtls/build_info.h"
Paul Bakker28c7e7f2011-12-15 19:49:30 +0000[diff] [blame]15
Rich Evans00ab4702015-02-06 13:43:58 +0000[diff] [blame]16#include <stddef.h>
17
Manuel Pégourié-Gonnard5cd4b642023-02-02 13:14:59 +0100[diff] [blame]18#include "md.h"
19
20#if defined(MBEDTLS_MD_CAN_SHA512) && !defined(MBEDTLS_ENTROPY_FORCE_SHA256)
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]21#define MBEDTLS_ENTROPY_SHA512_ACCUMULATOR
Manuel Pégourié-Gonnard5cd4b642023-02-02 13:14:59 +0100[diff] [blame]22#define MBEDTLS_ENTROPY_MD MBEDTLS_MD_SHA512
23#define MBEDTLS_ENTROPY_BLOCK_SIZE 64 /**< Block size of entropy accumulator (SHA-512) */
Paul Bakkerfb08fd22013-08-27 15:06:26 +0200[diff] [blame]24#else
Manuel Pégourié-Gonnard5cd4b642023-02-02 13:14:59 +0100[diff] [blame]25#if defined(MBEDTLS_MD_CAN_SHA256)
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]26#define MBEDTLS_ENTROPY_SHA256_ACCUMULATOR
Manuel Pégourié-Gonnard5cd4b642023-02-02 13:14:59 +0100[diff] [blame]27#define MBEDTLS_ENTROPY_MD MBEDTLS_MD_SHA256
28#define MBEDTLS_ENTROPY_BLOCK_SIZE 32 /**< Block size of entropy accumulator (SHA-256) */
Paul Bakkerfb08fd22013-08-27 15:06:26 +0200[diff] [blame]29#endif
30#endif
31
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]32#if defined(MBEDTLS_THREADING_C)
Jaeden Ameroc49fbbf2019-07-04 20:01:14 +0100[diff] [blame]33#include "mbedtls/threading.h"
Paul Bakkerf4e7dc52013-09-28 15:23:57 +0200[diff] [blame]34#endif
35
Paul Bakker6083fd22011-12-03 21:45:14 +0000[diff] [blame]36
Gilles Peskined2971572021-07-26 18:48:10 +0200[diff] [blame]37/** Critical entropy source failure. */
38#define MBEDTLS_ERR_ENTROPY_SOURCE_FAILED -0x003C
39/** No more sources can be added. */
40#define MBEDTLS_ERR_ENTROPY_MAX_SOURCES -0x003E
41/** No sources have been added to poll. */
42#define MBEDTLS_ERR_ENTROPY_NO_SOURCES_DEFINED -0x0040
43/** No strong sources have been added to poll. */
44#define MBEDTLS_ERR_ENTROPY_NO_STRONG_SOURCE -0x003D
45/** Read/write error in file. */
46#define MBEDTLS_ERR_ENTROPY_FILE_IO_ERROR -0x003F
Paul Bakker6083fd22011-12-03 21:45:14 +0000[diff] [blame]47
Paul Bakker088c5c52014-04-25 11:11:10 +0200[diff] [blame]48/**
49 * \name SECTION: Module settings
50 *
51 * The configuration options you can set for this module are in this section.
Bence Szépkútibb0cfeb2021-05-28 09:42:25 +0200[diff] [blame]52 * Either change them in mbedtls_config.h or define them on the compiler command line.
Paul Bakker088c5c52014-04-25 11:11:10 +0200[diff] [blame]53 * \{
54 */
55
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]56#if !defined(MBEDTLS_ENTROPY_MAX_SOURCES)
57#define MBEDTLS_ENTROPY_MAX_SOURCES 20 /**< Maximum number of sources supported */
Paul Bakker088c5c52014-04-25 11:11:10 +0200[diff] [blame]58#endif
59
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]60#if !defined(MBEDTLS_ENTROPY_MAX_GATHER)
61#define MBEDTLS_ENTROPY_MAX_GATHER 128 /**< Maximum amount requested from entropy sources */
Paul Bakker088c5c52014-04-25 11:11:10 +0200[diff] [blame]62#endif
63
Andrzej Kurek38d4fdd2021-12-28 16:22:52 +0100[diff] [blame]64/** \} name SECTION: Module settings */
Paul Bakker9bcf16c2013-06-24 19:31:17 +0200[diff] [blame]65
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]66#define MBEDTLS_ENTROPY_MAX_SEED_SIZE 1024 /**< Maximum size of seed we read from seed file */
67#define MBEDTLS_ENTROPY_SOURCE_MANUAL MBEDTLS_ENTROPY_MAX_SOURCES
Paul Bakker6083fd22011-12-03 21:45:14 +0000[diff] [blame]68
Manuel Pégourié-Gonnard7580ba42015-06-19 10:26:32 +0200[diff] [blame]69#define MBEDTLS_ENTROPY_SOURCE_STRONG 1 /**< Entropy source is strong */
70#define MBEDTLS_ENTROPY_SOURCE_WEAK 0 /**< Entropy source is weak */
71
Paul Bakker6083fd22011-12-03 21:45:14 +0000[diff] [blame]72#ifdef __cplusplus
73extern "C" {
74#endif
75
76/**
77 * \brief Entropy poll callback pointer
78 *
79 * \param data Callback-specific data pointer
80 * \param output Data to fill
81 * \param len Maximum size to provide
82 * \param olen The actual amount of bytes put into the buffer (Can be 0)
83 *
84 * \return 0 if no critical failures occurred,
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]85 * MBEDTLS_ERR_ENTROPY_SOURCE_FAILED otherwise
Paul Bakker6083fd22011-12-03 21:45:14 +0000[diff] [blame]86 */
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]87typedef int (*mbedtls_entropy_f_source_ptr)(void *data, unsigned char *output, size_t len,
Gilles Peskine449bd832023-01-11 14:50:10 +0100[diff] [blame]88 size_t *olen);
Paul Bakker6083fd22011-12-03 21:45:14 +0000[diff] [blame]89
90/**
Paul Bakkerbd4a9d02011-12-10 17:02:19 +0000[diff] [blame]91 * \brief Entropy source state
92 */
Gilles Peskine449bd832023-01-11 14:50:10 +0100[diff] [blame]93typedef struct mbedtls_entropy_source_state {
Mateusz Starzyk846f0212021-05-19 19:44:07 +0200[diff] [blame]94 mbedtls_entropy_f_source_ptr MBEDTLS_PRIVATE(f_source); /**< The entropy source callback */
Gilles Peskine449bd832023-01-11 14:50:10 +0100[diff] [blame]95 void *MBEDTLS_PRIVATE(p_source); /**< The callback data pointer */
Mateusz Starzyk846f0212021-05-19 19:44:07 +0200[diff] [blame]96 size_t MBEDTLS_PRIVATE(size); /**< Amount received in bytes */
97 size_t MBEDTLS_PRIVATE(threshold); /**< Minimum bytes required before release */
98 int MBEDTLS_PRIVATE(strong); /**< Is the source strong? */
Paul Bakkerbd4a9d02011-12-10 17:02:19 +0000[diff] [blame]99}
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]100mbedtls_entropy_source_state;
Paul Bakkerbd4a9d02011-12-10 17:02:19 +0000[diff] [blame]101
102/**
Paul Bakker6083fd22011-12-03 21:45:14 +0000[diff] [blame]103 * \brief Entropy context structure
104 */
Gilles Peskine449bd832023-01-11 14:50:10 +0100[diff] [blame]105typedef struct mbedtls_entropy_context {
Dave Rodgman864f5942023-08-16 18:04:44 +0100[diff] [blame]106 mbedtls_md_context_t MBEDTLS_PRIVATE(accumulator);
Mateusz Starzyk846f0212021-05-19 19:44:07 +0200[diff] [blame]107 int MBEDTLS_PRIVATE(accumulator_started); /* 0 after init.
Gilles Peskine449bd832023-01-11 14:50:10 +0100[diff] [blame]108 * 1 after the first update.
109 * -1 after free. */
Mateusz Starzyk846f0212021-05-19 19:44:07 +0200[diff] [blame]110 int MBEDTLS_PRIVATE(source_count); /* Number of entries used in source. */
111 mbedtls_entropy_source_state MBEDTLS_PRIVATE(source)[MBEDTLS_ENTROPY_MAX_SOURCES];
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]112#if defined(MBEDTLS_THREADING_C)
Mateusz Starzyk846f0212021-05-19 19:44:07 +0200[diff] [blame]113 mbedtls_threading_mutex_t MBEDTLS_PRIVATE(mutex); /*!< mutex */
Paul Bakkerf4e7dc52013-09-28 15:23:57 +0200[diff] [blame]114#endif
Paul Bakker96029232016-06-01 15:25:50 +0100[diff] [blame]115#if defined(MBEDTLS_ENTROPY_NV_SEED)
Mateusz Starzyk846f0212021-05-19 19:44:07 +0200[diff] [blame]116 int MBEDTLS_PRIVATE(initial_entropy_run);
Paul Bakker96029232016-06-01 15:25:50 +0100[diff] [blame]117#endif
Paul Bakker6083fd22011-12-03 21:45:14 +0000[diff] [blame]118}
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]119mbedtls_entropy_context;
Paul Bakker6083fd22011-12-03 21:45:14 +0000[diff] [blame]120
Chris Jonesa1df4942021-03-11 17:44:43 +0000[diff] [blame]121#if !defined(MBEDTLS_NO_PLATFORM_ENTROPY)
122/**
123 * \brief Platform-specific entropy poll callback
124 */
Gilles Peskine449bd832023-01-11 14:50:10 +0100[diff] [blame]125int mbedtls_platform_entropy_poll(void *data,
126 unsigned char *output, size_t len, size_t *olen);
Chris Jonesa1df4942021-03-11 17:44:43 +0000[diff] [blame]127#endif
128
Paul Bakker6083fd22011-12-03 21:45:14 +0000[diff] [blame]129/**
130 * \brief Initialize the context
131 *
132 * \param ctx Entropy context to initialize
133 */
Gilles Peskine449bd832023-01-11 14:50:10 +0100[diff] [blame]134void mbedtls_entropy_init(mbedtls_entropy_context *ctx);
Paul Bakker6083fd22011-12-03 21:45:14 +0000[diff] [blame]135
136/**
Paul Bakker1ffefac2013-09-28 15:23:03 +0200[diff] [blame]137 * \brief Free the data in the context
138 *
139 * \param ctx Entropy context to free
140 */
Gilles Peskine449bd832023-01-11 14:50:10 +0100[diff] [blame]141void mbedtls_entropy_free(mbedtls_entropy_context *ctx);
Paul Bakker1ffefac2013-09-28 15:23:03 +0200[diff] [blame]142
143/**
Paul Bakker6083fd22011-12-03 21:45:14 +0000[diff] [blame]144 * \brief Adds an entropy source to poll
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]145 * (Thread-safe if MBEDTLS_THREADING_C is enabled)
Paul Bakker6083fd22011-12-03 21:45:14 +0000[diff] [blame]146 *
147 * \param ctx Entropy context
148 * \param f_source Entropy function
149 * \param p_source Function data
Paul Bakkerbd4a9d02011-12-10 17:02:19 +0000[diff] [blame]150 * \param threshold Minimum required from source before entropy is released
Manuel Pégourié-Gonnardbf82ff02015-06-19 09:40:51 +0200[diff] [blame]151 * ( with mbedtls_entropy_func() ) (in bytes)
Manuel Pégourié-Gonnard7580ba42015-06-19 10:26:32 +0200[diff] [blame]152 * \param strong MBEDTLS_ENTROPY_SOURCE_STRONG or
Darryl Green11999bb2018-03-13 15:22:58 +0000[diff] [blame]153 * MBEDTLS_ENTROPY_SOURCE_WEAK.
Manuel Pégourié-Gonnard7580ba42015-06-19 10:26:32 +0200[diff] [blame]154 * At least one strong source needs to be added.
155 * Weaker sources (such as the cycle counter) can be used as
156 * a complement.
Paul Bakker6083fd22011-12-03 21:45:14 +0000[diff] [blame]157 *
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]158 * \return 0 if successful or MBEDTLS_ERR_ENTROPY_MAX_SOURCES
Paul Bakker6083fd22011-12-03 21:45:14 +0000[diff] [blame]159 */
Gilles Peskine449bd832023-01-11 14:50:10 +0100[diff] [blame]160int mbedtls_entropy_add_source(mbedtls_entropy_context *ctx,
161 mbedtls_entropy_f_source_ptr f_source, void *p_source,
162 size_t threshold, int strong);
Paul Bakker6083fd22011-12-03 21:45:14 +0000[diff] [blame]163
164/**
165 * \brief Trigger an extra gather poll for the accumulator
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]166 * (Thread-safe if MBEDTLS_THREADING_C is enabled)
Paul Bakker6083fd22011-12-03 21:45:14 +0000[diff] [blame]167 *
168 * \param ctx Entropy context
169 *
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]170 * \return 0 if successful, or MBEDTLS_ERR_ENTROPY_SOURCE_FAILED
Paul Bakker6083fd22011-12-03 21:45:14 +0000[diff] [blame]171 */
Gilles Peskine449bd832023-01-11 14:50:10 +0100[diff] [blame]172int mbedtls_entropy_gather(mbedtls_entropy_context *ctx);
Paul Bakker6083fd22011-12-03 21:45:14 +0000[diff] [blame]173
174/**
Paul Bakkerb9e4e2c2014-05-01 14:18:25 +0200[diff] [blame]175 * \brief Retrieve entropy from the accumulator
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]176 * (Maximum length: MBEDTLS_ENTROPY_BLOCK_SIZE)
177 * (Thread-safe if MBEDTLS_THREADING_C is enabled)
Paul Bakker6083fd22011-12-03 21:45:14 +0000[diff] [blame]178 *
179 * \param data Entropy context
180 * \param output Buffer to fill
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]181 * \param len Number of bytes desired, must be at most MBEDTLS_ENTROPY_BLOCK_SIZE
Paul Bakker6083fd22011-12-03 21:45:14 +0000[diff] [blame]182 *
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]183 * \return 0 if successful, or MBEDTLS_ERR_ENTROPY_SOURCE_FAILED
Paul Bakker6083fd22011-12-03 21:45:14 +0000[diff] [blame]184 */
Gilles Peskine449bd832023-01-11 14:50:10 +0100[diff] [blame]185int mbedtls_entropy_func(void *data, unsigned char *output, size_t len);
Paul Bakker6083fd22011-12-03 21:45:14 +0000[diff] [blame]186
187/**
188 * \brief Add data to the accumulator manually
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]189 * (Thread-safe if MBEDTLS_THREADING_C is enabled)
Paul Bakker9af723c2014-05-01 13:03:14 +0200[diff] [blame]190 *
Paul Bakker6083fd22011-12-03 21:45:14 +0000[diff] [blame]191 * \param ctx Entropy context
192 * \param data Data to add
193 * \param len Length of data
194 *
195 * \return 0 if successful
196 */
Gilles Peskine449bd832023-01-11 14:50:10 +0100[diff] [blame]197int mbedtls_entropy_update_manual(mbedtls_entropy_context *ctx,
198 const unsigned char *data, size_t len);
Paul Bakker6083fd22011-12-03 21:45:14 +0000[diff] [blame]199
Paul Bakker7da30712016-06-01 11:30:54 +0100[diff] [blame]200#if defined(MBEDTLS_ENTROPY_NV_SEED)
201/**
202 * \brief Trigger an update of the seed file in NV by using the
203 * current entropy pool.
204 *
205 * \param ctx Entropy context
206 *
207 * \return 0 if successful
208 */
Gilles Peskine449bd832023-01-11 14:50:10 +0100[diff] [blame]209int mbedtls_entropy_update_nv_seed(mbedtls_entropy_context *ctx);
Paul Bakker7da30712016-06-01 11:30:54 +0100[diff] [blame]210#endif /* MBEDTLS_ENTROPY_NV_SEED */
211
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]212#if defined(MBEDTLS_FS_IO)
Paul Bakker66ff70d2014-03-26 11:54:05 +0100[diff] [blame]213/**
214 * \brief Write a seed file
215 *
216 * \param ctx Entropy context
217 * \param path Name of the file
218 *
219 * \return 0 if successful,
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]220 * MBEDTLS_ERR_ENTROPY_FILE_IO_ERROR on file error, or
221 * MBEDTLS_ERR_ENTROPY_SOURCE_FAILED
Paul Bakker66ff70d2014-03-26 11:54:05 +0100[diff] [blame]222 */
Gilles Peskine449bd832023-01-11 14:50:10 +0100[diff] [blame]223int mbedtls_entropy_write_seed_file(mbedtls_entropy_context *ctx, const char *path);
Paul Bakker66ff70d2014-03-26 11:54:05 +0100[diff] [blame]224
225/**
226 * \brief Read and update a seed file. Seed is added to this
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]227 * instance. No more than MBEDTLS_ENTROPY_MAX_SEED_SIZE bytes are
Paul Bakker66ff70d2014-03-26 11:54:05 +0100[diff] [blame]228 * read from the seed file. The rest is ignored.
229 *
230 * \param ctx Entropy context
231 * \param path Name of the file
232 *
233 * \return 0 if successful,
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]234 * MBEDTLS_ERR_ENTROPY_FILE_IO_ERROR on file error,
235 * MBEDTLS_ERR_ENTROPY_SOURCE_FAILED
Paul Bakker66ff70d2014-03-26 11:54:05 +0100[diff] [blame]236 */
Gilles Peskine449bd832023-01-11 14:50:10 +0100[diff] [blame]237int mbedtls_entropy_update_seed_file(mbedtls_entropy_context *ctx, const char *path);
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]238#endif /* MBEDTLS_FS_IO */
Paul Bakker66ff70d2014-03-26 11:54:05 +0100[diff] [blame]239
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]240#if defined(MBEDTLS_SELF_TEST)
Manuel Pégourié-Gonnard4dd73922014-05-30 10:34:15 +0200[diff] [blame]241/**
242 * \brief Checkup routine
243 *
Andres Amaya Garciaa928e672016-09-13 13:30:02 +0100[diff] [blame]244 * This module self-test also calls the entropy self-test,
245 * mbedtls_entropy_source_self_test();
246 *
Manuel Pégourié-Gonnard4dd73922014-05-30 10:34:15 +0200[diff] [blame]247 * \return 0 if successful, or 1 if a test failed
248 */
Gilles Peskine449bd832023-01-11 14:50:10 +0100[diff] [blame]249int mbedtls_entropy_self_test(int verbose);
Andres AGb34e42e2016-08-22 11:08:50 +0100[diff] [blame]250
Andres AGe7723ec2016-08-25 10:18:50 +0100[diff] [blame]251#if defined(MBEDTLS_ENTROPY_HARDWARE_ALT)
Andres AGb34e42e2016-08-22 11:08:50 +0100[diff] [blame]252/**
253 * \brief Checkup routine
254 *
Andres Amaya Garciaa928e672016-09-13 13:30:02 +0100[diff] [blame]255 * Verifies the integrity of the hardware entropy source
256 * provided by the function 'mbedtls_hardware_poll()'.
257 *
258 * Note this is the only hardware entropy source that is known
259 * at link time, and other entropy sources configured
260 * dynamically at runtime by the function
261 * mbedtls_entropy_add_source() will not be tested.
262 *
Andres AGb34e42e2016-08-22 11:08:50 +0100[diff] [blame]263 * \return 0 if successful, or 1 if a test failed
264 */
Gilles Peskine449bd832023-01-11 14:50:10 +0100[diff] [blame]265int mbedtls_entropy_source_self_test(int verbose);
Andres AGe7723ec2016-08-25 10:18:50 +0100[diff] [blame]266#endif /* MBEDTLS_ENTROPY_HARDWARE_ALT */
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]267#endif /* MBEDTLS_SELF_TEST */
Manuel Pégourié-Gonnard4dd73922014-05-30 10:34:15 +0200[diff] [blame]268
Paul Bakker6083fd22011-12-03 21:45:14 +0000[diff] [blame]269#ifdef __cplusplus
270}
271#endif
272
273#endif /* entropy.h */