TrustedFirmware Git Browser
Code Review Sign In
review.trustedfirmware.org / mirror / mbed-tls / ea0a865c69b643fbadbd79e40eda18e9f7f82995 / . / library / entropy_poll.c
blob: 4fbe1ee112d6a13008bfd8ce89baa74f1fc80802 [file] [log] [blame]
Paul Bakker6083fd22011-12-03 21:45:14 +0000[diff] [blame]1/*
2 * Platform-specific and custom entropy polling functions
3 *
Bence Szépkúti1e148272020-08-07 13:07:28 +0200[diff] [blame]4 * Copyright The Mbed TLS Contributors
Manuel Pégourié-Gonnard37ff1402015-09-04 14:21:07 +0200[diff] [blame]5 * SPDX-License-Identifier: Apache-2.0
6 *
7 * Licensed under the Apache License, Version 2.0 (the "License"); you may
8 * not use this file except in compliance with the License.
9 * You may obtain a copy of the License at
10 *
11 * http://www.apache.org/licenses/LICENSE-2.0
12 *
13 * Unless required by applicable law or agreed to in writing, software
14 * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
15 * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
16 * See the License for the specific language governing permissions and
17 * limitations under the License.
Paul Bakker6083fd22011-12-03 21:45:14 +0000[diff] [blame]18 */
19
Gilles Peskinea1f9ef02020-09-30 22:18:13 +0200[diff] [blame]20#if defined(__linux__) && !defined(_GNU_SOURCE)
Nicholas Wilson2682edf2017-12-05 12:08:15 +0000[diff] [blame]21/* Ensure that syscall() is available even when compiling with -std=c99 */
22#define _GNU_SOURCE
23#endif
24
Gilles Peskinedb09ef62020-06-03 01:43:33 +0200[diff] [blame]25#include "common.h"
Paul Bakker6083fd22011-12-03 21:45:14 +0000[diff] [blame]26
Gilles Peskine02b93292018-06-01 14:38:45 +0200[diff] [blame]27#include <string.h>
28
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]29#if defined(MBEDTLS_ENTROPY_C)
Paul Bakker6083fd22011-12-03 21:45:14 +0000[diff] [blame]30
Manuel Pégourié-Gonnard7f809972015-03-09 17:05:11 +0000[diff] [blame]31#include "mbedtls/entropy.h"
Chris Jonesea0a8652021-03-09 19:11:19 +0000[diff] [blame^]32#include "entropy_poll.h"
Janos Follath24eed8d2019-11-22 13:21:35 +0000[diff] [blame]33#include "mbedtls/error.h"
Paul Bakker6083fd22011-12-03 21:45:14 +0000[diff] [blame]34
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]35#if defined(MBEDTLS_TIMING_C)
Manuel Pégourié-Gonnard7f809972015-03-09 17:05:11 +0000[diff] [blame]36#include "mbedtls/timing.h"
Paul Bakker6083fd22011-12-03 21:45:14 +0000[diff] [blame]37#endif
Paul Bakker9988d6b2016-06-01 11:29:42 +0100[diff] [blame]38#if defined(MBEDTLS_ENTROPY_NV_SEED)
39#include "mbedtls/platform.h"
40#endif
Paul Bakker6083fd22011-12-03 21:45:14 +0000[diff] [blame]41
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]42#if !defined(MBEDTLS_NO_PLATFORM_ENTROPY)
Manuel Pégourié-Gonnard325ce092016-02-22 10:33:34 +0100[diff] [blame]43
44#if !defined(unix) && !defined(__unix__) && !defined(__unix) && \
Augustin Cavalier60bc47d2018-04-11 20:27:32 -0400[diff] [blame]45 !defined(__APPLE__) && !defined(_WIN32) && !defined(__QNXNTO__) && \
Ørjan Malde479d8de2020-05-20 09:32:39 +0000[diff] [blame]46 !defined(__HAIKU__) && !defined(__midipix__)
Manuel Pégourié-Gonnard325ce092016-02-22 10:33:34 +0100[diff] [blame]47#error "Platform entropy sources only work on Unix and Windows, see MBEDTLS_NO_PLATFORM_ENTROPY in config.h"
48#endif
49
Paul Bakkerfa6a6202013-10-28 18:48:30 +0100[diff] [blame]50#if defined(_WIN32) && !defined(EFIX64) && !defined(EFI32)
Paul Bakker6083fd22011-12-03 21:45:14 +0000[diff] [blame]51
Paul Bakker6083fd22011-12-03 21:45:14 +0000[diff] [blame]52#if !defined(_WIN32_WINNT)
53#define _WIN32_WINNT 0x0400
54#endif
Paul Bakker4a2bd0d2012-11-02 11:06:08 +0000[diff] [blame]55#include <windows.h>
Paul Bakker6083fd22011-12-03 21:45:14 +0000[diff] [blame]56#include <wincrypt.h>
57
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]58int mbedtls_platform_entropy_poll( void *data, unsigned char *output, size_t len,
Paul Bakker6083fd22011-12-03 21:45:14 +0000[diff] [blame]59 size_t *olen )
60{
61 HCRYPTPROV provider;
Paul Bakker6bcfc672011-12-05 13:54:00 +0000[diff] [blame]62 ((void) data);
Paul Bakker6083fd22011-12-03 21:45:14 +0000[diff] [blame]63 *olen = 0;
64
65 if( CryptAcquireContext( &provider, NULL, NULL,
66 PROV_RSA_FULL, CRYPT_VERIFYCONTEXT ) == FALSE )
67 {
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]68 return( MBEDTLS_ERR_ENTROPY_SOURCE_FAILED );
Paul Bakker6083fd22011-12-03 21:45:14 +0000[diff] [blame]69 }
70
Paul Bakkerb9cfaa02013-10-11 18:58:55 +0200[diff] [blame]71 if( CryptGenRandom( provider, (DWORD) len, output ) == FALSE )
Attila Molnar2791ba12016-01-26 11:39:26 +0100[diff] [blame]72 {
73 CryptReleaseContext( provider, 0 );
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]74 return( MBEDTLS_ERR_ENTROPY_SOURCE_FAILED );
Attila Molnar2791ba12016-01-26 11:39:26 +0100[diff] [blame]75 }
Paul Bakker6083fd22011-12-03 21:45:14 +0000[diff] [blame]76
77 CryptReleaseContext( provider, 0 );
78 *olen = len;
79
80 return( 0 );
81}
Paul Bakker9af723c2014-05-01 13:03:14 +0200[diff] [blame]82#else /* _WIN32 && !EFIX64 && !EFI32 */
Paul Bakker6083fd22011-12-03 21:45:14 +0000[diff] [blame]83
Manuel Pégourié-Gonnard18292452015-01-09 14:34:13 +0100[diff] [blame]84/*
85 * Test for Linux getrandom() support.
Gilles Peskinec6468ee2020-09-30 22:11:13 +0200[diff] [blame]86 * Since there is no wrapper in the libc yet, use the generic syscall wrapper
Manuel Pégourié-Gonnard18292452015-01-09 14:34:13 +0100[diff] [blame]87 * available in GNU libc and compatible libc's (eg uClibc).
88 */
Gilles Peskinec6468ee2020-09-30 22:11:13 +0200[diff] [blame]89#if ((defined(__linux__) && defined(__GLIBC__)) || defined(__midipix__))
Manuel Pégourié-Gonnard18292452015-01-09 14:34:13 +0100[diff] [blame]90#include <unistd.h>
91#include <sys/syscall.h>
92#if defined(SYS_getrandom)
93#define HAVE_GETRANDOM
Hanno Becker27516972018-10-18 11:49:25 +0100[diff] [blame]94#include <errno.h>
Manuel Pégourié-Gonnardbcf13ba2015-06-22 18:06:17 +0200[diff] [blame]95
Manuel Pégourié-Gonnard18292452015-01-09 14:34:13 +0100[diff] [blame]96static int getrandom_wrapper( void *buf, size_t buflen, unsigned int flags )
97{
Manuel Pégourié-Gonnardbcf13ba2015-06-22 18:06:17 +0200[diff] [blame]98 /* MemSan cannot understand that the syscall writes to the buffer */
99#if defined(__has_feature)
100#if __has_feature(memory_sanitizer)
101 memset( buf, 0, buflen );
102#endif
103#endif
Manuel Pégourié-Gonnard18292452015-01-09 14:34:13 +0100[diff] [blame]104 return( syscall( SYS_getrandom, buf, buflen, flags ) );
105}
Manuel Pégourié-Gonnardd97828e2015-04-29 14:03:28 +0200[diff] [blame]106#endif /* SYS_getrandom */
Ørjan Malde479d8de2020-05-20 09:32:39 +0000[diff] [blame]107#endif /* __linux__ || __midipix__ */
Manuel Pégourié-Gonnard18292452015-01-09 14:34:13 +0100[diff] [blame]108
nia9f5312c2020-06-11 13:32:13 +0100[diff] [blame]109/*
110 * Some BSD systems provide KERN_ARND.
111 * This is equivalent to reading from /dev/urandom, only it doesn't require an
112 * open file descriptor, and provides up to 256 bytes per call (basically the
113 * same as getentropy(), but with a longer history).
114 *
115 * Documentation: https://netbsd.gw.com/cgi-bin/man-cgi?sysctl+7
116 */
117#if (defined(__FreeBSD__) || defined(__NetBSD__)) && !defined(HAVE_GETRANDOM)
118#include <sys/param.h>
119#include <sys/sysctl.h>
120#if defined(KERN_ARND)
121#define HAVE_SYSCTL_ARND
122
nia8373c862020-06-24 17:15:02 +0100[diff] [blame]123static int sysctl_arnd_wrapper( unsigned char *buf, size_t buflen )
nia9f5312c2020-06-11 13:32:13 +0100[diff] [blame]124{
125 int name[2];
126 size_t len;
127
128 name[0] = CTL_KERN;
129 name[1] = KERN_ARND;
130
131 while( buflen > 0 )
132 {
133 len = buflen > 256 ? 256 : buflen;
nia8373c862020-06-24 17:15:02 +0100[diff] [blame]134 if( sysctl(name, 2, buf, &len, NULL, 0) == -1 )
nia9f5312c2020-06-11 13:32:13 +0100[diff] [blame]135 return( -1 );
136 buflen -= len;
nia8373c862020-06-24 17:15:02 +0100[diff] [blame]137 buf += len;
nia9f5312c2020-06-11 13:32:13 +0100[diff] [blame]138 }
139 return( 0 );
140}
141#endif /* KERN_ARND */
142#endif /* __FreeBSD__ || __NetBSD__ */
143
Paul Bakker6083fd22011-12-03 21:45:14 +0000[diff] [blame]144#include <stdio.h>
145
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]146int mbedtls_platform_entropy_poll( void *data,
Paul Bakker6083fd22011-12-03 21:45:14 +0000[diff] [blame]147 unsigned char *output, size_t len, size_t *olen )
148{
149 FILE *file;
Manuel Pégourié-Gonnardea356662015-08-27 12:02:40 +0200[diff] [blame]150 size_t read_len;
Janos Follath24eed8d2019-11-22 13:21:35 +0000[diff] [blame]151 int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
Paul Bakker6083fd22011-12-03 21:45:14 +0000[diff] [blame]152 ((void) data);
153
Manuel Pégourié-Gonnardd97828e2015-04-29 14:03:28 +0200[diff] [blame]154#if defined(HAVE_GETRANDOM)
Hanno Becker27516972018-10-18 11:49:25 +0100[diff] [blame]155 ret = getrandom_wrapper( output, len, 0 );
156 if( ret >= 0 )
Manuel Pégourié-Gonnardd97828e2015-04-29 14:03:28 +0200[diff] [blame]157 {
Manuel Pégourié-Gonnardd97828e2015-04-29 14:03:28 +0200[diff] [blame]158 *olen = ret;
159 return( 0 );
160 }
Hanno Becker27516972018-10-18 11:49:25 +0100[diff] [blame]161 else if( errno != ENOSYS )
162 return( MBEDTLS_ERR_ENTROPY_SOURCE_FAILED );
163 /* Fall through if the system call isn't known. */
164#else
Hanno Becker9772da82018-11-05 11:43:07 +0000[diff] [blame]165 ((void) ret);
Manuel Pégourié-Gonnardd97828e2015-04-29 14:03:28 +0200[diff] [blame]166#endif /* HAVE_GETRANDOM */
167
nia9f5312c2020-06-11 13:32:13 +0100[diff] [blame]168#if defined(HAVE_SYSCTL_ARND)
169 ((void) file);
170 ((void) read_len);
niaf4d9f212020-06-19 16:14:27 +0100[diff] [blame]171 if( sysctl_arnd_wrapper( output, len ) == -1 )
nia9f5312c2020-06-11 13:32:13 +0100[diff] [blame]172 return( MBEDTLS_ERR_ENTROPY_SOURCE_FAILED );
173 *olen = len;
174 return( 0 );
175#else
176
Paul Bakker6083fd22011-12-03 21:45:14 +0000[diff] [blame]177 *olen = 0;
178
179 file = fopen( "/dev/urandom", "rb" );
180 if( file == NULL )
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]181 return( MBEDTLS_ERR_ENTROPY_SOURCE_FAILED );
Paul Bakker9af723c2014-05-01 13:03:14 +0200[diff] [blame]182
Manuel Pégourié-Gonnardea356662015-08-27 12:02:40 +0200[diff] [blame]183 read_len = fread( output, 1, len, file );
184 if( read_len != len )
Paul Bakker6083fd22011-12-03 21:45:14 +0000[diff] [blame]185 {
186 fclose( file );
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]187 return( MBEDTLS_ERR_ENTROPY_SOURCE_FAILED );
Paul Bakker6083fd22011-12-03 21:45:14 +0000[diff] [blame]188 }
189
190 fclose( file );
191 *olen = len;
192
193 return( 0 );
nia9f5312c2020-06-11 13:32:13 +0100[diff] [blame]194#endif /* HAVE_SYSCTL_ARND */
Paul Bakker6083fd22011-12-03 21:45:14 +0000[diff] [blame]195}
Paul Bakker9af723c2014-05-01 13:03:14 +0200[diff] [blame]196#endif /* _WIN32 && !EFIX64 && !EFI32 */
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]197#endif /* !MBEDTLS_NO_PLATFORM_ENTROPY */
Paul Bakker6083fd22011-12-03 21:45:14 +0000[diff] [blame]198
Simon Butcherab5df402016-06-11 02:31:21 +0100[diff] [blame]199#if defined(MBEDTLS_TEST_NULL_ENTROPY)
Simon Butcher4157b602016-06-12 00:31:33 +0100[diff] [blame]200int mbedtls_null_entropy_poll( void *data,
Janos Follath53de7842016-06-08 15:29:18 +0100[diff] [blame]201 unsigned char *output, size_t len, size_t *olen )
202{
203 ((void) data);
Simon Butcherab5df402016-06-11 02:31:21 +0100[diff] [blame]204 ((void) output);
Janos Follath53de7842016-06-08 15:29:18 +0100[diff] [blame]205 *olen = 0;
206
207 if( len < sizeof(unsigned char) )
208 return( 0 );
209
210 *olen = sizeof(unsigned char);
211
212 return( 0 );
213}
214#endif
215
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]216#if defined(MBEDTLS_TIMING_C)
217int mbedtls_hardclock_poll( void *data,
Paul Bakker6083fd22011-12-03 21:45:14 +0000[diff] [blame]218 unsigned char *output, size_t len, size_t *olen )
219{
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]220 unsigned long timer = mbedtls_timing_hardclock();
Paul Bakker6083fd22011-12-03 21:45:14 +0000[diff] [blame]221 ((void) data);
222 *olen = 0;
223
224 if( len < sizeof(unsigned long) )
225 return( 0 );
226
227 memcpy( output, &timer, sizeof(unsigned long) );
228 *olen = sizeof(unsigned long);
229
230 return( 0 );
231}
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]232#endif /* MBEDTLS_TIMING_C */
Paul Bakker6083fd22011-12-03 21:45:14 +0000[diff] [blame]233
Paul Bakker9988d6b2016-06-01 11:29:42 +0100[diff] [blame]234#if defined(MBEDTLS_ENTROPY_NV_SEED)
235int mbedtls_nv_seed_poll( void *data,
236 unsigned char *output, size_t len, size_t *olen )
237{
238 unsigned char buf[MBEDTLS_ENTROPY_BLOCK_SIZE];
239 size_t use_len = MBEDTLS_ENTROPY_BLOCK_SIZE;
240 ((void) data);
241
242 memset( buf, 0, MBEDTLS_ENTROPY_BLOCK_SIZE );
243
244 if( mbedtls_nv_seed_read( buf, MBEDTLS_ENTROPY_BLOCK_SIZE ) < 0 )
245 return( MBEDTLS_ERR_ENTROPY_SOURCE_FAILED );
246
247 if( len < use_len )
248 use_len = len;
249
250 memcpy( output, buf, use_len );
251 *olen = use_len;
252
253 return( 0 );
254}
255#endif /* MBEDTLS_ENTROPY_NV_SEED */
256
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]257#endif /* MBEDTLS_ENTROPY_C */