X-Git-Url: https://git.openssl.org/gitweb/?p=openssl.git;a=blobdiff_plain;f=crypto%2Frand%2Frand_lcl.h;h=20c0ee930ba5d1b044ba75ff971b3591e04c8ee9;hp=5c7087c97735ee748112c70b75b213593b317125;hb=4871fa49cdd0d4473b6a815fc01fbde3e6ced339;hpb=ddc6a5c8f5900959bdbdfee79e1625a3f7808acd diff --git a/crypto/rand/rand_lcl.h b/crypto/rand/rand_lcl.h index 5c7087c977..20c0ee930b 100644 --- a/crypto/rand/rand_lcl.h +++ b/crypto/rand/rand_lcl.h @@ -25,6 +25,9 @@ */ # define RANDOMNESS_NEEDED 16 +/* How many times to read the TSC as a randomness source. */ +# define TSC_READ_COUNT 4 + /* Maximum amount of randomness to hold in RAND_BYTES_BUFFER. */ # define MAX_RANDOMNESS_HELD (4 * RANDOMNESS_NEEDED) @@ -57,9 +60,10 @@ typedef enum drbg_status_e { */ typedef struct rand_bytes_buffer_st { CRYPTO_RWLOCK *lock; + unsigned char *buff; size_t size; size_t curr; - unsigned char *buff; + int secure; } RAND_BYTES_BUFFER; /* @@ -88,8 +92,10 @@ struct rand_drbg_st { CRYPTO_RWLOCK *lock; RAND_DRBG *parent; int nid; /* the underlying algorithm */ + int fork_count; unsigned short flags; /* various external flags */ - unsigned short filled; + char filled; + char secure; /* * This is a fixed-size buffer, but we malloc to make it a little * harder to find; a classic security/performance trade-off. @@ -97,12 +103,28 @@ struct rand_drbg_st { int size; unsigned char *randomness; - /* These parameters are setup by the per-type "init" function. */ + /* + * The following parameters are setup by the per-type "init" function. + * + * Currently the only type is CTR_DRBG, its init function is ctr_init(). + * + * The parameters are closely related to the ones described in + * section '10.2.1 CTR_DRBG' of [NIST SP 800-90Ar1], with one + * crucial difference: In the NIST standard, all counts are given + * in bits, whereas in OpenSSL entropy counts are given in bits + * and buffer lengths are given in bytes. + * + * Since this difference has lead to some confusion in the past, + * (see [GitHub Issue #2443], formerly [rt.openssl.org #4055]) + * the 'len' suffix has been added to all buffer sizes for + * clarification. + */ + int strength; size_t max_request; - size_t min_entropy, max_entropy; - size_t min_nonce, max_nonce; - size_t max_pers, max_adin; + size_t min_entropylen, max_entropylen; + size_t min_noncelen, max_noncelen; + size_t max_perslen, max_adinlen; unsigned int reseed_counter; unsigned int reseed_interval; size_t seedlen; @@ -127,9 +149,12 @@ extern RAND_BYTES_BUFFER rand_bytes; extern RAND_DRBG rand_drbg; extern RAND_DRBG priv_drbg; +/* How often we've forked (only incremented in child). */ +extern int rand_fork_count; + /* Hardware-based seeding functions. */ -void rand_read_tsc(RAND_poll_fn cb, void *arg); -int rand_read_cpu(RAND_poll_fn cb, void *arg); +void rand_read_tsc(RAND_poll_cb rand_add, void *arg); +int rand_read_cpu(RAND_poll_cb rand_add, void *arg); /* DRBG entropy callbacks. */ void drbg_release_entropy(RAND_DRBG *drbg, unsigned char *out); @@ -144,11 +169,11 @@ size_t drbg_entropy_from_system(RAND_DRBG *drbg, int ctr_init(RAND_DRBG *drbg); int ctr_uninstantiate(RAND_DRBG *drbg); int ctr_instantiate(RAND_DRBG *drbg, - const unsigned char *ent, size_t entlen, + const unsigned char *entropy, size_t entropylen, const unsigned char *nonce, size_t noncelen, const unsigned char *pers, size_t perslen); int ctr_reseed(RAND_DRBG *drbg, - const unsigned char *ent, size_t entlen, + const unsigned char *entropy, size_t entropylen, const unsigned char *adin, size_t adinlen); int ctr_generate(RAND_DRBG *drbg, unsigned char *out, size_t outlen,