seed_src.c@ 105132

最後變更在這個檔案從105132是 104078,由 vboxsync 提交於 12 月前
openssl-3.1.5: Applied and adjusted our OpenSSL changes to 3.1.4. bugref:10638
檔案大小: 7.9 KB

行
1	/*
2	* Copyright 2020-2023 The OpenSSL Project Authors. All Rights Reserved.
3	*
4	* Licensed under the Apache License 2.0 (the "License"). You may not use
5	* this file except in compliance with the License. You can obtain a copy
6	* in the file LICENSE in the source distribution or at
7	* https://www.openssl.org/source/license.html
8	*/
9
10	#include <string.h>
11	#include <openssl/rand.h>
12	#include <openssl/core_dispatch.h>
13	#include <openssl/e_os2.h>
14	#include <openssl/params.h>
15	#include <openssl/core_names.h>
16	#include <openssl/evp.h>
17	#include <openssl/err.h>
18	#include <openssl/randerr.h>
19	#include <openssl/proverr.h>
20	#include "prov/implementations.h"
21	#include "prov/provider_ctx.h"
22	#include "crypto/rand.h"
23	#include "crypto/rand_pool.h"
24
25	static OSSL_FUNC_rand_newctx_fn seed_src_new;
26	static OSSL_FUNC_rand_freectx_fn seed_src_free;
27	static OSSL_FUNC_rand_instantiate_fn seed_src_instantiate;
28	static OSSL_FUNC_rand_uninstantiate_fn seed_src_uninstantiate;
29	static OSSL_FUNC_rand_generate_fn seed_src_generate;
30	static OSSL_FUNC_rand_reseed_fn seed_src_reseed;
31	static OSSL_FUNC_rand_gettable_ctx_params_fn seed_src_gettable_ctx_params;
32	static OSSL_FUNC_rand_get_ctx_params_fn seed_src_get_ctx_params;
33	static OSSL_FUNC_rand_verify_zeroization_fn seed_src_verify_zeroization;
34	static OSSL_FUNC_rand_enable_locking_fn seed_src_enable_locking;
35	static OSSL_FUNC_rand_lock_fn seed_src_lock;
36	static OSSL_FUNC_rand_unlock_fn seed_src_unlock;
37	static OSSL_FUNC_rand_get_seed_fn seed_get_seed;
38	static OSSL_FUNC_rand_clear_seed_fn seed_clear_seed;
39
40	typedef struct {
41	void *provctx;
42	int state;
43	} PROV_SEED_SRC;
44
45	static void seed_src_new(void provctx, void *parent,
46	const OSSL_DISPATCH *parent_dispatch)
47	{
48	PROV_SEED_SRC *s;
49
50	if (parent != NULL) {
51	ERR_raise(ERR_LIB_PROV, PROV_R_SEED_SOURCES_MUST_NOT_HAVE_A_PARENT);
52	return NULL;
53	}
54
55	s = OPENSSL_zalloc(sizeof(*s));
56	if (s == NULL) {
57	ERR_raise(ERR_LIB_PROV, ERR_R_MALLOC_FAILURE);
58	return NULL;
59	}
60
61	s->provctx = provctx;
62	s->state = EVP_RAND_STATE_UNINITIALISED;
63	return s;
64	}
65
66	static void seed_src_free(void *vseed)
67	{
68	OPENSSL_free(vseed);
69	}
70
71	static int seed_src_instantiate(void *vseed, unsigned int strength,
72	int prediction_resistance,
73	const unsigned char *pstr, size_t pstr_len,
74	ossl_unused const OSSL_PARAM params[])
75	{
76	PROV_SEED_SRC s = (PROV_SEED_SRC )vseed;
77
78	s->state = EVP_RAND_STATE_READY;
79	return 1;
80	}
81
82	static int seed_src_uninstantiate(void *vseed)
83	{
84	PROV_SEED_SRC s = (PROV_SEED_SRC )vseed;
85
86	s->state = EVP_RAND_STATE_UNINITIALISED;
87	return 1;
88	}
89
90	static int seed_src_generate(void vseed, unsigned char out, size_t outlen,
91	unsigned int strength,
92	ossl_unused int prediction_resistance,
93	ossl_unused const unsigned char *adin,
94	ossl_unused size_t adin_len)
95	{
96	PROV_SEED_SRC s = (PROV_SEED_SRC )vseed;
97	size_t entropy_available;
98	RAND_POOL *pool;
99
100	if (s->state != EVP_RAND_STATE_READY) {
101	ERR_raise(ERR_LIB_PROV,
102	s->state == EVP_RAND_STATE_ERROR ? PROV_R_IN_ERROR_STATE
103	: PROV_R_NOT_INSTANTIATED);
104	return 0;
105	}
106
107	pool = ossl_rand_pool_new(strength, 1, outlen, outlen);
108	if (pool == NULL) {
109	ERR_raise(ERR_LIB_PROV, ERR_R_MALLOC_FAILURE);
110	return 0;
111	}
112
113	/* Get entropy by polling system entropy sources. */
114	entropy_available = ossl_pool_acquire_entropy(pool);
115
116	if (entropy_available > 0)
117	memcpy(out, ossl_rand_pool_buffer(pool), ossl_rand_pool_length(pool));
118
119	ossl_rand_pool_free(pool);
120	return entropy_available > 0;
121	}
122
123	static int seed_src_reseed(void *vseed,
124	ossl_unused int prediction_resistance,
125	ossl_unused const unsigned char *ent,
126	ossl_unused size_t ent_len,
127	ossl_unused const unsigned char *adin,
128	ossl_unused size_t adin_len)
129	{
130	PROV_SEED_SRC s = (PROV_SEED_SRC )vseed;
131
132	if (s->state != EVP_RAND_STATE_READY) {
133	ERR_raise(ERR_LIB_PROV,
134	s->state == EVP_RAND_STATE_ERROR ? PROV_R_IN_ERROR_STATE
135	: PROV_R_NOT_INSTANTIATED);
136	return 0;
137	}
138	return 1;
139	}
140
141	static int seed_src_get_ctx_params(void *vseed, OSSL_PARAM params[])
142	{
143	PROV_SEED_SRC s = (PROV_SEED_SRC )vseed;
144	OSSL_PARAM *p;
145
146	p = OSSL_PARAM_locate(params, OSSL_RAND_PARAM_STATE);
147	if (p != NULL && !OSSL_PARAM_set_int(p, s->state))
148	return 0;
149
150	p = OSSL_PARAM_locate(params, OSSL_RAND_PARAM_STRENGTH);
151	if (p != NULL && !OSSL_PARAM_set_int(p, 1024))
152	return 0;
153
154	p = OSSL_PARAM_locate(params, OSSL_RAND_PARAM_MAX_REQUEST);
155	if (p != NULL && !OSSL_PARAM_set_size_t(p, 128))
156	return 0;
157	return 1;
158	}
159
160	static const OSSL_PARAM seed_src_gettable_ctx_params(ossl_unused void vseed,
161	ossl_unused void *provctx)
162	{
163	static const OSSL_PARAM known_gettable_ctx_params[] = {
164	OSSL_PARAM_int(OSSL_RAND_PARAM_STATE, NULL),
165	OSSL_PARAM_uint(OSSL_RAND_PARAM_STRENGTH, NULL),
166	OSSL_PARAM_size_t(OSSL_RAND_PARAM_MAX_REQUEST, NULL),
167	OSSL_PARAM_END
168	};
169	return known_gettable_ctx_params;
170	}
171
172	static int seed_src_verify_zeroization(ossl_unused void *vseed)
173	{
174	return 1;
175	}
176
177	static size_t seed_get_seed(void vseed, unsigned char *pout,
178	int entropy, size_t min_len, size_t max_len,
179	int prediction_resistance,
180	const unsigned char *adin, size_t adin_len)
181	{
182	size_t ret = 0;
183	size_t entropy_available = 0;
184	size_t i;
185	RAND_POOL *pool;
186
187	pool = ossl_rand_pool_new(entropy, 1, min_len, max_len);
188	if (pool == NULL) {
189	ERR_raise(ERR_LIB_PROV, ERR_R_RAND_LIB);
190	return 0;
191	}
192
193	/* Get entropy by polling system entropy sources. */
194	entropy_available = ossl_pool_acquire_entropy(pool);
195
196	if (entropy_available > 0) {
197	ret = ossl_rand_pool_length(pool);
198	*pout = ossl_rand_pool_detach(pool);
199
200	/* xor the additional data into the output */
201	for (i = 0 ; i < adin_len ; ++i)
202	(*pout)[i % ret] ^= adin[i];
203	} else {
204	ERR_raise(ERR_LIB_PROV, PROV_R_ENTROPY_SOURCE_STRENGTH_TOO_WEAK);
205	}
206	ossl_rand_pool_free(pool);
207	return ret;
208	}
209
210	static void seed_clear_seed(ossl_unused void *vdrbg,
211	unsigned char *out, size_t outlen)
212	{
213	OPENSSL_secure_clear_free(out, outlen);
214	}
215
216	static int seed_src_enable_locking(ossl_unused void *vseed)
217	{
218	return 1;
219	}
220
221	int seed_src_lock(ossl_unused void *vctx)
222	{
223	return 1;
224	}
225
226	void seed_src_unlock(ossl_unused void *vctx)
227	{
228	}
229
230	const OSSL_DISPATCH ossl_seed_src_functions[] = {
231	{ OSSL_FUNC_RAND_NEWCTX, (void(*)(void))seed_src_new },
232	{ OSSL_FUNC_RAND_FREECTX, (void(*)(void))seed_src_free },
233	{ OSSL_FUNC_RAND_INSTANTIATE,
234	(void(*)(void))seed_src_instantiate },
235	{ OSSL_FUNC_RAND_UNINSTANTIATE,
236	(void(*)(void))seed_src_uninstantiate },
237	{ OSSL_FUNC_RAND_GENERATE, (void(*)(void))seed_src_generate },
238	{ OSSL_FUNC_RAND_RESEED, (void(*)(void))seed_src_reseed },
239	{ OSSL_FUNC_RAND_ENABLE_LOCKING, (void(*)(void))seed_src_enable_locking },
240	{ OSSL_FUNC_RAND_LOCK, (void(*)(void))seed_src_lock },
241	{ OSSL_FUNC_RAND_UNLOCK, (void(*)(void))seed_src_unlock },
242	{ OSSL_FUNC_RAND_GETTABLE_CTX_PARAMS,
243	(void(*)(void))seed_src_gettable_ctx_params },
244	{ OSSL_FUNC_RAND_GET_CTX_PARAMS, (void(*)(void))seed_src_get_ctx_params },
245	{ OSSL_FUNC_RAND_VERIFY_ZEROIZATION,
246	(void(*)(void))seed_src_verify_zeroization },
247	{ OSSL_FUNC_RAND_GET_SEED, (void(*)(void))seed_get_seed },
248	{ OSSL_FUNC_RAND_CLEAR_SEED, (void(*)(void))seed_clear_seed },
249	{ 0, NULL }
250	};

注意: 瀏覽 TracBrowser 來幫助您使用儲存庫瀏覽器

source: vbox/trunk/src/libs/openssl-3.1.5/providers/implementations/rands/seed_src.c@ 105132

以其他格式下載: