RAND: Rename the RAND_poll_ex() callback and its typedef

[openssl.git] / crypto / rand / rand_lcl.h

diff --git a/crypto/rand/rand_lcl.h b/crypto/rand/rand_lcl.h
index 5c7087c97735ee748112c70b75b213593b317125..20c0ee930ba5d1b044ba75ff971b3591e04c8ee9 100644 (file)
--- a/crypto/rand/rand_lcl.h
+++ b/crypto/rand/rand_lcl.h
@@ -25,6 +25,9 @@
  */
 # define RANDOMNESS_NEEDED              16
 
  */
 # define RANDOMNESS_NEEDED              16
 

+/* How many times to read the TSC as a randomness source. */
+# define TSC_READ_COUNT                 4
+

 /* Maximum amount of randomness to hold in RAND_BYTES_BUFFER. */
 # define MAX_RANDOMNESS_HELD            (4 * RANDOMNESS_NEEDED)
 
 /* Maximum amount of randomness to hold in RAND_BYTES_BUFFER. */
 # define MAX_RANDOMNESS_HELD            (4 * RANDOMNESS_NEEDED)
 


@@ -57,9 +60,10 @@ typedef enum drbg_status_e {
  */
 typedef struct rand_bytes_buffer_st {
     CRYPTO_RWLOCK *lock;
  */
 typedef struct rand_bytes_buffer_st {
     CRYPTO_RWLOCK *lock;

+    unsigned char *buff;

     size_t size;
     size_t curr;
     size_t size;
     size_t curr;

-    unsigned char *buff;
+    int secure;

 } RAND_BYTES_BUFFER;
 
 /*
 } RAND_BYTES_BUFFER;
 
 /*


@@ -88,8 +92,10 @@ struct rand_drbg_st {
     CRYPTO_RWLOCK *lock;
     RAND_DRBG *parent;
     int nid; /* the underlying algorithm */
     CRYPTO_RWLOCK *lock;
     RAND_DRBG *parent;
     int nid; /* the underlying algorithm */

+    int fork_count;

     unsigned short flags; /* various external flags */
     unsigned short flags; /* various external flags */

-    unsigned short filled;
+    char filled;
+    char secure;

     /*
      * This is a fixed-size buffer, but we malloc to make it a little
      * harder to find; a classic security/performance trade-off.
     /*
      * This is a fixed-size buffer, but we malloc to make it a little
      * harder to find; a classic security/performance trade-off.


@@ -97,12 +103,28 @@ struct rand_drbg_st {
     int size;
     unsigned char *randomness;
 
     int size;
     unsigned char *randomness;
 

-    /* These parameters are setup by the per-type "init" function. */
+    /* 
+     * The following parameters are setup by the per-type "init" function.
+     *
+     * Currently the only type is CTR_DRBG, its init function is ctr_init().
+     *
+     * The parameters are closely related to the ones described in 
+     * section '10.2.1 CTR_DRBG' of [NIST SP 800-90Ar1], with one
+     * crucial difference: In the NIST standard, all counts are given
+     * in bits, whereas in OpenSSL entropy counts are given in bits 
+     * and buffer lengths are given in bytes.
+     * 
+     * Since this difference has lead to some confusion in the past,
+     * (see [GitHub Issue #2443], formerly [rt.openssl.org #4055])
+     * the 'len' suffix has been added to all buffer sizes for 
+     * clarification.
+     */
+    

     int strength;
     size_t max_request;
     int strength;
     size_t max_request;

-    size_t min_entropy, max_entropy;
-    size_t min_nonce, max_nonce;
-    size_t max_pers, max_adin;
+    size_t min_entropylen, max_entropylen;
+    size_t min_noncelen, max_noncelen;
+    size_t max_perslen, max_adinlen;

     unsigned int reseed_counter;
     unsigned int reseed_interval;
     size_t seedlen;
     unsigned int reseed_counter;
     unsigned int reseed_interval;
     size_t seedlen;


@@ -127,9 +149,12 @@ extern RAND_BYTES_BUFFER rand_bytes;
 extern RAND_DRBG rand_drbg;
 extern RAND_DRBG priv_drbg;
 
 extern RAND_DRBG rand_drbg;
 extern RAND_DRBG priv_drbg;
 

+/* How often we've forked (only incremented in child). */
+extern int rand_fork_count;
+

 /* Hardware-based seeding functions. */
 /* Hardware-based seeding functions. */

-void rand_read_tsc(RAND_poll_fn cb, void *arg);
-int rand_read_cpu(RAND_poll_fn cb, void *arg);
+void rand_read_tsc(RAND_poll_cb rand_add, void *arg);
+int rand_read_cpu(RAND_poll_cb rand_add, void *arg);

 
 /* DRBG entropy callbacks. */
 void drbg_release_entropy(RAND_DRBG *drbg, unsigned char *out);
 
 /* DRBG entropy callbacks. */
 void drbg_release_entropy(RAND_DRBG *drbg, unsigned char *out);


@@ -144,11 +169,11 @@ size_t drbg_entropy_from_system(RAND_DRBG *drbg,
 int ctr_init(RAND_DRBG *drbg);
 int ctr_uninstantiate(RAND_DRBG *drbg);
 int ctr_instantiate(RAND_DRBG *drbg,
 int ctr_init(RAND_DRBG *drbg);
 int ctr_uninstantiate(RAND_DRBG *drbg);
 int ctr_instantiate(RAND_DRBG *drbg,

-                    const unsigned char *ent, size_t entlen,
+                    const unsigned char *entropy, size_t entropylen,

                     const unsigned char *nonce, size_t noncelen,
                     const unsigned char *pers, size_t perslen);
 int ctr_reseed(RAND_DRBG *drbg,
                     const unsigned char *nonce, size_t noncelen,
                     const unsigned char *pers, size_t perslen);
 int ctr_reseed(RAND_DRBG *drbg,

-               const unsigned char *ent, size_t entlen,
+               const unsigned char *entropy, size_t entropylen,

                const unsigned char *adin, size_t adinlen);
 int ctr_generate(RAND_DRBG *drbg,
                  unsigned char *out, size_t outlen,
                const unsigned char *adin, size_t adinlen);
 int ctr_generate(RAND_DRBG *drbg,
                  unsigned char *out, size_t outlen,