forked from openssl/openssl
-
Notifications
You must be signed in to change notification settings - Fork 0
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
Reviewed-by: Paul Dale <[email protected]> Reviewed-by: Bernd Edlinger <[email protected]> (Merged from openssl#8023)
- Loading branch information
1 parent
42151b8
commit 61783db
Showing
6 changed files
with
183 additions
and
33 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -1,6 +1,5 @@ | ||
| LIBS=../../libcrypto | ||
| SOURCE[../../libcrypto]=\ | ||
| randfile.c rand_lib.c rand_err.c rand_crng_test.c rand_egd.c \ | ||
| rand_win.c rand_unix.c rand_vms.c drbg_lib.c drbg_ctr.c \ | ||
| rand_win.c rand_unix.c rand_vms.c drbg_lib.c drbg_ctr.c rand_vxworks.c \ | ||
| drbg_hash.c drbg_hmac.c | ||
|
|
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,171 @@ | ||
| /* | ||
| * Copyright 2019 The OpenSSL Project Authors. All Rights Reserved. | ||
| * | ||
| * Licensed under the OpenSSL license (the "License"). You may not use | ||
| * this file except in compliance with the License. You can obtain a copy | ||
| * in the file LICENSE in the source distribution or at | ||
| * https://www.openssl.org/source/license.html | ||
| */ | ||
|
|
||
| #include <openssl/opensslconf.h> | ||
|
|
||
| #ifndef OPENSSL_SYS_VXWORKS | ||
| NON_EMPTY_TRANSLATION_UNIT | ||
| #else | ||
| # include <openssl/rand.h> | ||
| # include "rand_lcl.h" | ||
| # include "internal/rand_int.h" | ||
| # include "internal/cryptlib.h" | ||
| # include <version.h> | ||
| # include <taskLib.h> | ||
|
|
||
| # if defined(OPENSSL_RAND_SEED_NONE) | ||
| /* none means none */ | ||
| # undef OPENSSL_RAND_SEED_OS | ||
| # endif | ||
|
|
||
| # if defined(OPENSSL_RAND_SEED_OS) | ||
| # if _WRS_VXWORKS_MAJOR >= 7 | ||
| # define RAND_SEED_VXRANDLIB | ||
| # else | ||
| # error "VxWorks <7 only support RAND_SEED_NONE" | ||
| # endif | ||
| # endif | ||
|
|
||
| # if defined(RAND_SEED_VXRANDLIB) | ||
| # include <randomNumGen.h> | ||
| # endif | ||
|
|
||
| /* Macro to convert two thirty two bit values into a sixty four bit one */ | ||
| # define TWO32TO64(a, b) ((((uint64_t)(a)) << 32) + (b)) | ||
|
|
||
| static uint64_t get_time_stamp(void) | ||
| { | ||
| struct timespec ts; | ||
|
|
||
| if (clock_gettime(CLOCK_REALTIME, &ts) == 0) | ||
| return TWO32TO64(ts.tv_sec, ts.tv_nsec); | ||
| return time(NULL); | ||
| } | ||
|
|
||
| static uint64_t get_timer_bits(void) | ||
| { | ||
| uint64_t res = OPENSSL_rdtsc(); | ||
| struct timespec ts; | ||
|
|
||
| if (res != 0) | ||
| return res; | ||
|
|
||
| if (clock_gettime(CLOCK_MONOTONIC, &ts) == 0) | ||
| return TWO32TO64(ts.tv_sec, ts.tv_nsec); | ||
| return time(NULL); | ||
| } | ||
|
|
||
| /* | ||
| * empty implementation | ||
| * vxworks does not need to init/cleanup or keep open the random lib | ||
| */ | ||
| int rand_pool_init(void) | ||
| { | ||
| return 1; | ||
| } | ||
|
|
||
| void rand_pool_cleanup(void) | ||
| { | ||
| } | ||
|
|
||
| void rand_pool_keep_random_devices_open(int keep) | ||
| { | ||
| } | ||
|
|
||
| int rand_pool_add_additional_data(RAND_POOL *pool) | ||
| { | ||
| struct { | ||
| CRYPTO_THREAD_ID tid; | ||
| uint64_t time; | ||
| } data; | ||
|
|
||
| memset(&data, 0, sizeof(data)); | ||
|
|
||
| /* | ||
| * Add some noise from the thread id and a high resolution timer. | ||
| * The thread id adds a little randomness if the drbg is accessed | ||
| * concurrently (which is the case for the <master> drbg). | ||
| */ | ||
| data.tid = CRYPTO_THREAD_get_current_id(); | ||
| data.time = get_timer_bits(); | ||
|
|
||
| return rand_pool_add(pool, (unsigned char *)&data, sizeof(data), 0); | ||
| } | ||
|
|
||
| int rand_pool_add_nonce_data(RAND_POOL *pool) | ||
| { | ||
| struct { | ||
| pid_t pid; | ||
| CRYPTO_THREAD_ID tid; | ||
| uint64_t time; | ||
| } data; | ||
|
|
||
| memset(&data, 0, sizeof(data)); | ||
|
|
||
| /* | ||
| * Add process id, thread id, and a high resolution timestamp to | ||
| * ensure that the nonce is unique with high probability for | ||
| * different process instances. | ||
| */ | ||
| data.pid = getpid(); | ||
| data.tid = CRYPTO_THREAD_get_current_id(); | ||
| data.time = get_time_stamp(); | ||
|
|
||
| return rand_pool_add(pool, (unsigned char *)&data, sizeof(data), 0); | ||
| } | ||
|
|
||
| size_t rand_pool_acquire_entropy(RAND_POOL *pool) | ||
| { | ||
| # if defined(RAND_SEED_VXRANDLIB) | ||
| /* vxRandLib based entropy method */ | ||
| size_t bytes_needed; | ||
|
|
||
| bytes_needed = rand_pool_bytes_needed(pool, 1 /*entropy_factor*/); | ||
| if (bytes_needed > 0) | ||
| { | ||
| int retryCount = 0; | ||
| STATUS result = ERROR; | ||
| unsigned char *buffer; | ||
|
|
||
| buffer = rand_pool_add_begin(pool, bytes_needed); | ||
| while ((result != OK) && (retryCount < 10)) { | ||
| RANDOM_NUM_GEN_STATUS status = randStatus(); | ||
|
|
||
| if ((status == RANDOM_NUM_GEN_ENOUGH_ENTROPY) | ||
| || (status == RANDOM_NUM_GEN_MAX_ENTROPY) ) { | ||
| result = randBytes(buffer, bytes_needed); | ||
| if (result == OK) | ||
| rand_pool_add_end(pool, bytes_needed, 8 * bytes_needed); | ||
| /* | ||
| * no else here: randStatus said ok, if randBytes failed | ||
| * it will result in another loop or no entropy | ||
| */ | ||
| } else { | ||
| /* | ||
| * give a minimum delay here to allow OS to collect more | ||
| * entropy. taskDelay duration will depend on the system tick, | ||
| * this is by design as the sw-random lib uses interrupts | ||
| * which will at least happen during ticks | ||
| */ | ||
| taskDelay(5); | ||
| } | ||
| retryCount++; | ||
| } | ||
| } | ||
| return rand_pool_entropy_available(pool); | ||
| # else | ||
| /* | ||
| * SEED_NONE means none, without randlib we dont have entropy and | ||
| * rely on it being added externally | ||
| */ | ||
| return rand_pool_entropy_available(pool); | ||
| # endif /* defined(RAND_SEED_VXRANDLIB) */ | ||
| } | ||
|
|
||
| #endif /* OPENSSL_SYS_VXWORKS */ |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters