9f6b1ab96115c2d70d6a17a35f43a9375825f30f
[openssl.git] / include / internal / rand.h
1 /*
2  * Copyright 2017-2018 The OpenSSL Project Authors. All Rights Reserved.
3  *
4  * Licensed under the OpenSSL license (the "License").  You may not use
5  * this file except in compliance with the License.  You can obtain a copy
6  * in the file LICENSE in the source distribution or at
7  * https://www.openssl.org/source/license.html
8  */
9
10 #ifndef HEADER_DRBG_RAND_H
11 # define HEADER_DRBG_RAND_H
12
13 /* In CTR mode, disable derivation function ctr_df */
14 #define RAND_DRBG_FLAG_CTR_NO_DF            0x1
15
16 /*
17  * Default security strength (in the sense of [NIST SP 800-90Ar1])
18  *
19  * NIST SP 800-90Ar1 supports the strength of the DRBG being smaller than that
20  * of the cipher by collecting less entropy. The current DRBG implemantion does
21  * not take RAND_DRBG_STRENGTH into account and sets the strength of the DRBG
22  * to that of the cipher.
23  *
24  * RAND_DRBG_STRENGTH is currently only used for the legacy RAND
25  * implementation.
26  *
27  * Currently supported ciphers are: NID_aes_128_ctr, NID_aes_192_ctr and
28  * NID_aes_256_ctr
29  *
30  * TODO(DRBG): would be nice to have the NID and strength configurable
31  */
32 # define RAND_DRBG_STRENGTH             256
33 # define RAND_DRBG_NID                  NID_aes_256_ctr
34
35 /*
36  * Object lifetime functions.
37  */
38 RAND_DRBG *RAND_DRBG_new(int type, unsigned int flags, RAND_DRBG *parent);
39 RAND_DRBG *RAND_DRBG_secure_new(int type, unsigned int flags, RAND_DRBG *parent);
40 int RAND_DRBG_set(RAND_DRBG *drbg, int type, unsigned int flags);
41 int RAND_DRBG_instantiate(RAND_DRBG *drbg,
42                           const unsigned char *pers, size_t perslen);
43 int RAND_DRBG_uninstantiate(RAND_DRBG *drbg);
44 void RAND_DRBG_free(RAND_DRBG *drbg);
45
46 /*
47  * Object "use" functions.
48  */
49 int RAND_DRBG_reseed(RAND_DRBG *drbg,
50                      const unsigned char *adin, size_t adinlen);
51 int RAND_DRBG_generate(RAND_DRBG *drbg, unsigned char *out, size_t outlen,
52                        int prediction_resistance,
53                        const unsigned char *adin, size_t adinlen);
54 int RAND_DRBG_bytes(RAND_DRBG *drbg, unsigned char *out, size_t outlen);
55
56 int RAND_DRBG_set_reseed_interval(RAND_DRBG *drbg, unsigned int interval);
57 int RAND_DRBG_set_reseed_time_interval(RAND_DRBG *drbg, time_t interval);
58
59 int RAND_DRBG_set_reseed_defaults(
60                                   unsigned int master_reseed_interval,
61                                   unsigned int slave_reseed_interval,
62                                   time_t master_reseed_time_interval,
63                                   time_t slave_reseed_time_interval
64                                   );
65
66 RAND_DRBG *RAND_DRBG_get0_master(void);
67 RAND_DRBG *RAND_DRBG_get0_public(void);
68 RAND_DRBG *RAND_DRBG_get0_private(void);
69
70 /*
71  * EXDATA
72  */
73 #define RAND_DRBG_get_ex_new_index(l, p, newf, dupf, freef) \
74     CRYPTO_get_ex_new_index(CRYPTO_EX_INDEX_DRBG, l, p, newf, dupf, freef)
75 int RAND_DRBG_set_ex_data(RAND_DRBG *dctx, int idx, void *arg);
76 void *RAND_DRBG_get_ex_data(const RAND_DRBG *dctx, int idx);
77
78 /*
79  * Callback functions.  See comments in drbg_lib.c
80  */
81 typedef size_t (*RAND_DRBG_get_entropy_fn)(RAND_DRBG *ctx,
82                                            unsigned char **pout,
83                                            int entropy, size_t min_len,
84                                            size_t max_len);
85 typedef void (*RAND_DRBG_cleanup_entropy_fn)(RAND_DRBG *ctx,
86                                              unsigned char *out, size_t outlen);
87 typedef size_t (*RAND_DRBG_get_nonce_fn)(RAND_DRBG *ctx, unsigned char **pout,
88                                          int entropy, size_t min_len,
89                                          size_t max_len);
90 typedef void (*RAND_DRBG_cleanup_nonce_fn)(RAND_DRBG *ctx,
91                                            unsigned char *out, size_t outlen);
92
93 int RAND_DRBG_set_callbacks(RAND_DRBG *dctx,
94                             RAND_DRBG_get_entropy_fn get_entropy,
95                             RAND_DRBG_cleanup_entropy_fn cleanup_entropy,
96                             RAND_DRBG_get_nonce_fn get_nonce,
97                             RAND_DRBG_cleanup_nonce_fn cleanup_nonce);
98
99 /*
100  * RAND_POOL functions
101  */
102 RAND_POOL *RAND_POOL_new(int entropy_requested, size_t min_len, size_t max_len);
103 void RAND_POOL_free(RAND_POOL *pool);
104
105 const unsigned char *RAND_POOL_buffer(RAND_POOL *pool);
106 unsigned char *RAND_POOL_detach(RAND_POOL *pool);
107
108 size_t RAND_POOL_entropy(RAND_POOL *pool);
109 size_t RAND_POOL_length(RAND_POOL *pool);
110
111 size_t RAND_POOL_entropy_available(RAND_POOL *pool);
112 size_t RAND_POOL_entropy_needed(RAND_POOL *pool);
113 size_t RAND_POOL_bytes_needed(RAND_POOL *pool, unsigned int entropy_per_byte);
114 size_t RAND_POOL_bytes_remaining(RAND_POOL *pool);
115
116 size_t RAND_POOL_add(RAND_POOL *pool,
117                      const unsigned char *buffer, size_t len, size_t entropy);
118 unsigned char *RAND_POOL_add_begin(RAND_POOL *pool, size_t len);
119 size_t RAND_POOL_add_end(RAND_POOL *pool, size_t len, size_t entropy);
120
121
122 /*
123  * Add random bytes to the pool to acquire requested amount of entropy
124  *
125  * This function is platform specific and tries to acquire the requested
126  * amount of entropy by polling platform specific entropy sources.
127  *
128  * If the function succeeds in acquiring at least |entropy_requested| bits
129  * of entropy, the total entropy count is returned. If it fails, it returns
130  * an entropy count of 0.
131  */
132 size_t RAND_POOL_acquire_entropy(RAND_POOL *pool);
133 #endif