entropy_poll.c 6.5 KB

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177178179180181182183184185186187188189190191192193194195196197198199200201202203204205206207208209210211212213214215216217218219220221222223224225226227228229230231232233234235236237238239240241242243244245246247248249250251252253254255256257258259260261262263264265266267268
  1. /*
  2. * Platform-specific and custom entropy polling functions
  3. *
  4. * Copyright (C) 2006-2016, ARM Limited, All Rights Reserved
  5. * SPDX-License-Identifier: Apache-2.0
  6. *
  7. * Licensed under the Apache License, Version 2.0 (the "License"); you may
  8. * not use this file except in compliance with the License.
  9. * You may obtain a copy of the License at
  10. *
  11. * http://www.apache.org/licenses/LICENSE-2.0
  12. *
  13. * Unless required by applicable law or agreed to in writing, software
  14. * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
  15. * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
  16. * See the License for the specific language governing permissions and
  17. * limitations under the License.
  18. *
  19. * This file is part of mbed TLS (https://tls.mbed.org)
  20. */
  21. #if !defined(MBEDTLS_CONFIG_FILE)
  22. #include "mbedtls/config.h"
  23. #else
  24. #include MBEDTLS_CONFIG_FILE
  25. #endif
  26. #if defined(MBEDTLS_ENTROPY_C)
  27. #include "mbedtls/entropy.h"
  28. #include "mbedtls/entropy_poll.h"
  29. #if defined(MBEDTLS_TIMING_C)
  30. #include <string.h>
  31. #include "mbedtls/timing.h"
  32. #endif
  33. #if defined(MBEDTLS_HAVEGE_C)
  34. #include "mbedtls/havege.h"
  35. #endif
  36. #if defined(MBEDTLS_ENTROPY_NV_SEED)
  37. #include "mbedtls/platform.h"
  38. #endif
  39. #if !defined(MBEDTLS_NO_PLATFORM_ENTROPY)
  40. #if !defined(unix) && !defined(__unix__) && !defined(__unix) && \
  41. !defined(__APPLE__) && !defined(_WIN32)
  42. #error "Platform entropy sources only work on Unix and Windows, see MBEDTLS_NO_PLATFORM_ENTROPY in config.h"
  43. #endif
  44. #if defined(_WIN32) && !defined(EFIX64) && !defined(EFI32)
  45. #if !defined(_WIN32_WINNT)
  46. #define _WIN32_WINNT 0x0400
  47. #endif
  48. #include <windows.h>
  49. #include <wincrypt.h>
  50. int mbedtls_platform_entropy_poll( void *data, unsigned char *output, size_t len,
  51. size_t *olen )
  52. {
  53. HCRYPTPROV provider;
  54. ((void) data);
  55. *olen = 0;
  56. if( CryptAcquireContext( &provider, NULL, NULL,
  57. PROV_RSA_FULL, CRYPT_VERIFYCONTEXT ) == FALSE )
  58. {
  59. return( MBEDTLS_ERR_ENTROPY_SOURCE_FAILED );
  60. }
  61. if( CryptGenRandom( provider, (DWORD) len, output ) == FALSE )
  62. {
  63. CryptReleaseContext( provider, 0 );
  64. return( MBEDTLS_ERR_ENTROPY_SOURCE_FAILED );
  65. }
  66. CryptReleaseContext( provider, 0 );
  67. *olen = len;
  68. return( 0 );
  69. }
  70. #else /* _WIN32 && !EFIX64 && !EFI32 */
  71. /*
  72. * Test for Linux getrandom() support.
  73. * Since there is no wrapper in the libc yet, use the generic syscall wrapper
  74. * available in GNU libc and compatible libc's (eg uClibc).
  75. */
  76. #if defined(__linux__) && defined(__GLIBC__)
  77. #include <unistd.h>
  78. #include <sys/syscall.h>
  79. #if defined(SYS_getrandom)
  80. #define HAVE_GETRANDOM
  81. static int getrandom_wrapper( void *buf, size_t buflen, unsigned int flags )
  82. {
  83. /* MemSan cannot understand that the syscall writes to the buffer */
  84. #if defined(__has_feature)
  85. #if __has_feature(memory_sanitizer)
  86. memset( buf, 0, buflen );
  87. #endif
  88. #endif
  89. return( syscall( SYS_getrandom, buf, buflen, flags ) );
  90. }
  91. #include <sys/utsname.h>
  92. /* Check if version is at least 3.17.0 */
  93. static int check_version_3_17_plus( void )
  94. {
  95. int minor;
  96. struct utsname un;
  97. const char *ver;
  98. /* Get version information */
  99. uname(&un);
  100. ver = un.release;
  101. /* Check major version; assume a single digit */
  102. if( ver[0] < '3' || ver[0] > '9' || ver [1] != '.' )
  103. return( -1 );
  104. if( ver[0] - '0' > 3 )
  105. return( 0 );
  106. /* Ok, so now we know major == 3, check minor.
  107. * Assume 1 or 2 digits. */
  108. if( ver[2] < '0' || ver[2] > '9' )
  109. return( -1 );
  110. minor = ver[2] - '0';
  111. if( ver[3] >= '0' && ver[3] <= '9' )
  112. minor = 10 * minor + ver[3] - '0';
  113. else if( ver [3] != '.' )
  114. return( -1 );
  115. if( minor < 17 )
  116. return( -1 );
  117. return( 0 );
  118. }
  119. static int has_getrandom = -1;
  120. #endif /* SYS_getrandom */
  121. #endif /* __linux__ */
  122. #include <stdio.h>
  123. int mbedtls_platform_entropy_poll( void *data,
  124. unsigned char *output, size_t len, size_t *olen )
  125. {
  126. FILE *file;
  127. size_t read_len;
  128. ((void) data);
  129. #if defined(HAVE_GETRANDOM)
  130. if( has_getrandom == -1 )
  131. has_getrandom = ( check_version_3_17_plus() == 0 );
  132. if( has_getrandom )
  133. {
  134. int ret;
  135. if( ( ret = getrandom_wrapper( output, len, 0 ) ) < 0 )
  136. return( MBEDTLS_ERR_ENTROPY_SOURCE_FAILED );
  137. *olen = ret;
  138. return( 0 );
  139. }
  140. #endif /* HAVE_GETRANDOM */
  141. *olen = 0;
  142. file = fopen( "/dev/urandom", "rb" );
  143. if( file == NULL )
  144. return( MBEDTLS_ERR_ENTROPY_SOURCE_FAILED );
  145. read_len = fread( output, 1, len, file );
  146. if( read_len != len )
  147. {
  148. fclose( file );
  149. return( MBEDTLS_ERR_ENTROPY_SOURCE_FAILED );
  150. }
  151. fclose( file );
  152. *olen = len;
  153. return( 0 );
  154. }
  155. #endif /* _WIN32 && !EFIX64 && !EFI32 */
  156. #endif /* !MBEDTLS_NO_PLATFORM_ENTROPY */
  157. #if defined(MBEDTLS_TEST_NULL_ENTROPY)
  158. int mbedtls_null_entropy_poll( void *data,
  159. unsigned char *output, size_t len, size_t *olen )
  160. {
  161. ((void) data);
  162. ((void) output);
  163. *olen = 0;
  164. if( len < sizeof(unsigned char) )
  165. return( 0 );
  166. *olen = sizeof(unsigned char);
  167. return( 0 );
  168. }
  169. #endif
  170. #if defined(MBEDTLS_TIMING_C)
  171. int mbedtls_hardclock_poll( void *data,
  172. unsigned char *output, size_t len, size_t *olen )
  173. {
  174. unsigned long timer = mbedtls_timing_hardclock();
  175. ((void) data);
  176. *olen = 0;
  177. if( len < sizeof(unsigned long) )
  178. return( 0 );
  179. memcpy( output, &timer, sizeof(unsigned long) );
  180. *olen = sizeof(unsigned long);
  181. return( 0 );
  182. }
  183. #endif /* MBEDTLS_TIMING_C */
  184. #if defined(MBEDTLS_HAVEGE_C)
  185. int mbedtls_havege_poll( void *data,
  186. unsigned char *output, size_t len, size_t *olen )
  187. {
  188. mbedtls_havege_state *hs = (mbedtls_havege_state *) data;
  189. *olen = 0;
  190. if( mbedtls_havege_random( hs, output, len ) != 0 )
  191. return( MBEDTLS_ERR_ENTROPY_SOURCE_FAILED );
  192. *olen = len;
  193. return( 0 );
  194. }
  195. #endif /* MBEDTLS_HAVEGE_C */
  196. #if defined(MBEDTLS_ENTROPY_NV_SEED)
  197. int mbedtls_nv_seed_poll( void *data,
  198. unsigned char *output, size_t len, size_t *olen )
  199. {
  200. unsigned char buf[MBEDTLS_ENTROPY_BLOCK_SIZE];
  201. size_t use_len = MBEDTLS_ENTROPY_BLOCK_SIZE;
  202. ((void) data);
  203. memset( buf, 0, MBEDTLS_ENTROPY_BLOCK_SIZE );
  204. if( mbedtls_nv_seed_read( buf, MBEDTLS_ENTROPY_BLOCK_SIZE ) < 0 )
  205. return( MBEDTLS_ERR_ENTROPY_SOURCE_FAILED );
  206. if( len < use_len )
  207. use_len = len;
  208. memcpy( output, buf, use_len );
  209. *olen = use_len;
  210. return( 0 );
  211. }
  212. #endif /* MBEDTLS_ENTROPY_NV_SEED */
  213. #endif /* MBEDTLS_ENTROPY_C */