1 /* 2 * Copyright 2019-2024 The OpenSSL Project Authors. All Rights Reserved. 3 * 4 * Licensed under the Apache License 2.0 (the "License"). You may not use 5 * this file except in compliance with the License. You can obtain a copy 6 * in the file LICENSE in the source distribution or at 7 * https://www.openssl.org/source/license.html 8 */ 9 10 #include <openssl/opensslconf.h> 11 12 #include <openssl/rand.h> 13 #include "crypto/rand_pool.h" 14 #include "crypto/rand.h" 15 #include "internal/cryptlib.h" 16 #include "prov/seeding.h" 17 #include <version.h> 18 #include <taskLib.h> 19 20 #if defined(OPENSSL_RAND_SEED_NONE) 21 /* none means none */ 22 # undef OPENSSL_RAND_SEED_OS 23 #endif 24 25 #if defined(OPENSSL_RAND_SEED_OS) 26 # if _WRS_VXWORKS_MAJOR >= 7 27 # define RAND_SEED_VXRANDLIB 28 # else 29 # error "VxWorks <7 only support RAND_SEED_NONE" 30 # endif 31 #endif 32 33 #if defined(RAND_SEED_VXRANDLIB) 34 # include <randomNumGen.h> 35 #endif 36 37 /* Macro to convert two thirty two bit values into a sixty four bit one */ 38 #define TWO32TO64(a, b) ((((uint64_t)(a)) << 32) + (b)) 39 40 static uint64_t get_time_stamp(void) 41 { 42 struct timespec ts; 43 44 if (clock_gettime(CLOCK_REALTIME, &ts) == 0) 45 return TWO32TO64(ts.tv_sec, ts.tv_nsec); 46 return time(NULL); 47 } 48 49 static uint64_t get_timer_bits(void) 50 { 51 uint64_t res = OPENSSL_rdtsc(); 52 struct timespec ts; 53 54 if (res != 0) 55 return res; 56 57 if (clock_gettime(CLOCK_MONOTONIC, &ts) == 0) 58 return TWO32TO64(ts.tv_sec, ts.tv_nsec); 59 return time(NULL); 60 } 61 62 /* 63 * empty implementation 64 * vxworks does not need to init/cleanup or keep open the random lib 65 */ 66 int ossl_rand_pool_init(void) 67 { 68 return 1; 69 } 70 71 void ossl_rand_pool_cleanup(void) 72 { 73 } 74 75 void ossl_rand_pool_keep_random_devices_open(int keep) 76 { 77 } 78 79 int ossl_pool_add_nonce_data(RAND_POOL *pool) 80 { 81 struct { 82 pid_t pid; 83 CRYPTO_THREAD_ID tid; 84 uint64_t time; 85 } data; 86 87 memset(&data, 0, sizeof(data)); 88 89 /* 90 * Add process id, thread id, and a high resolution timestamp to 91 * ensure that the nonce is unique with high probability for 92 * different process instances. 93 */ 94 data.pid = getpid(); 95 data.tid = CRYPTO_THREAD_get_current_id(); 96 data.time = get_time_stamp(); 97 98 return ossl_rand_pool_add(pool, (unsigned char *)&data, sizeof(data), 0); 99 } 100 101 size_t ossl_pool_acquire_entropy(RAND_POOL *pool) 102 { 103 #if defined(RAND_SEED_VXRANDLIB) 104 /* vxRandLib based entropy method */ 105 size_t bytes_needed; 106 107 bytes_needed = ossl_rand_pool_bytes_needed(pool, 1 /*entropy_factor*/); 108 if (bytes_needed > 0) { 109 int retryCount = 0; 110 STATUS result = ERROR; 111 unsigned char *buffer; 112 113 buffer = ossl_rand_pool_add_begin(pool, bytes_needed); 114 while ((result != OK) && (retryCount < 10)) { 115 RANDOM_NUM_GEN_STATUS status = randStatus(); 116 117 if ((status == RANDOM_NUM_GEN_ENOUGH_ENTROPY) 118 || (status == RANDOM_NUM_GEN_MAX_ENTROPY)) { 119 result = randBytes(buffer, bytes_needed); 120 if (result == OK) 121 ossl_rand_pool_add_end(pool, bytes_needed, 8 * bytes_needed); 122 /* 123 * no else here: randStatus said ok, if randBytes failed 124 * it will result in another loop or no entropy 125 */ 126 } else { 127 /* 128 * give a minimum delay here to allow OS to collect more 129 * entropy. taskDelay duration will depend on the system tick, 130 * this is by design as the sw-random lib uses interrupts 131 * which will at least happen during ticks 132 */ 133 taskDelay(5); 134 } 135 retryCount++; 136 } 137 } 138 return ossl_rand_pool_entropy_available(pool); 139 #else 140 /* 141 * SEED_NONE means none, without randlib we dont have entropy and 142 * rely on it being added externally 143 */ 144 return ossl_rand_pool_entropy_available(pool); 145 #endif /* defined(RAND_SEED_VXRANDLIB) */ 146 } 147