Add --with-rand-seed

[openssl.git] / crypto / rand / rand_lcl.h

diff --git a/crypto/rand/rand_lcl.h b/crypto/rand/rand_lcl.h
index 689e3a34fd00575f7a8da448f071f944c1e56ddb..b9df5d18e2581dbdc16efc6668716d1f9e59f4db 100644 (file)
--- a/crypto/rand/rand_lcl.h
+++ b/crypto/rand/rand_lcl.h
@@ -15,23 +15,26 @@
 # include <openssl/sha.h>
 # include <openssl/hmac.h>
 # include <openssl/ec.h>
-# include "include/internal/rand.h"
+# include "internal/rand.h"
 
-/* we require 256 bits of randomness */
-# define RANDOMNESS_NEEDED (256 / 8)
+/* Amount of randomness (in bytes) we want for initial seeding. */
+# define RANDOMNESS_NEEDED              (128 / 8)
 
 /* Maximum count allowed in reseeding */
 #define MAX_RESEED (1 << 24)
 
 /* DRBG status values */
-#define DRBG_STATUS_UNINITIALISED      0
-#define DRBG_STATUS_READY              1
-#define DRBG_STATUS_RESEED             2
-#define DRBG_STATUS_ERROR              3
+# define DRBG_STATUS_UNINITIALISED     0
+# define DRBG_STATUS_READY             1
+# define DRBG_STATUS_RESEED            2
+# define DRBG_STATUS_ERROR             3
 
 /* A default maximum length: larger than any reasonable value used in pratice */
-#define DRBG_MAX_LENGTH                        0x7ffffff0
+# define DRBG_MAX_LENGTH                0x7ffffff0
 
+/*
+ * The context for DRBG AES-CTR
+ */
 typedef struct drbg_ctr_ctx_st {
     AES_KEY ks;
     size_t keylen;
@@ -46,6 +49,10 @@ typedef struct drbg_ctr_ctx_st {
     unsigned char KX[48];
 } DRBG_CTR_CTX;
 
+
+/*
+ * The context for all DRBG's
+ */
 struct drbg_ctx_st {
     CRYPTO_RWLOCK *lock;
     DRBG_CTX *parent;
@@ -71,25 +78,25 @@ struct drbg_ctx_st {
     DRBG_CTR_CTX ctr;
 
     /* entropy gathering function */
-    size_t (*get_entropy)(DRBG_CTX *ctx, unsigned char **pout,
-            int entropy, size_t min_len, size_t max_len);
+    RAND_DRBG_get_entropy_fn get_entropy;
     /* Indicates we have finished with entropy buffer */
-    void (*cleanup_entropy)(DRBG_CTX *ctx, unsigned char *out, size_t olen);
-
+    RAND_DRBG_cleanup_entropy_fn cleanup_entropy;
     /* nonce gathering function */
-    size_t (*get_nonce)(DRBG_CTX *ctx, unsigned char **pout,
-            int entropy, size_t min_len, size_t max_len);
+    RAND_DRBG_get_nonce_fn get_nonce;
     /* Indicates we have finished with nonce buffer */
-    void (*cleanup_nonce)(DRBG_CTX *ctx, unsigned char *out, size_t olen);
+    RAND_DRBG_cleanup_nonce_fn cleanup_nonce;
 };
 
 
 extern RAND_METHOD openssl_rand_meth;
 void rand_drbg_cleanup(void);
 
+/* Hardware-based seeding functions. */
+void rand_rdtsc(void);
+int rand_rdcpu(void);
+
+/* DRBG functions implementing AES-CTR */
 int ctr_init(DRBG_CTX *dctx);
-int drbg_hash_init(DRBG_CTX *dctx);
-int drbg_hmac_init(DRBG_CTX *dctx);
 int ctr_uninstantiate(DRBG_CTX *dctx);
 int ctr_instantiate(DRBG_CTX *dctx,
                     const unsigned char *ent, size_t entlen,