Xuyi Wang / wolfSSL

Important changes to repositories hosted on mbed.com

Mbed hosted mercurial repositories are deprecated and are due to be permanently deleted in July 2026.

To keep a copy of this software download the repository Zip archive or clone locally using Mercurial.

It is also possible to export all your personal repositories from the account settings page.

Dependents:   OS

wolfssl/wolfcrypt/random.h@15:117db924cf7c, 2018-08-18 (annotated)

Committer:
wolfSSL
Date:
Sat Aug 18 22:20:43 2018 +0000
Revision:
15:117db924cf7c
wolfSSL 3.15.3

Who changed what in which revision?

UserRevisionLine numberNew contents of line
wolfSSL 15:117db924cf7c 1 /* random.h
wolfSSL 15:117db924cf7c 2 *
wolfSSL 15:117db924cf7c 3 * Copyright (C) 2006-2017 wolfSSL Inc.
wolfSSL 15:117db924cf7c 4 *
wolfSSL 15:117db924cf7c 5 * This file is part of wolfSSL.
wolfSSL 15:117db924cf7c 6 *
wolfSSL 15:117db924cf7c 7 * wolfSSL is free software; you can redistribute it and/or modify
wolfSSL 15:117db924cf7c 8 * it under the terms of the GNU General Public License as published by
wolfSSL 15:117db924cf7c 9 * the Free Software Foundation; either version 2 of the License, or
wolfSSL 15:117db924cf7c 10 * (at your option) any later version.
wolfSSL 15:117db924cf7c 11 *
wolfSSL 15:117db924cf7c 12 * wolfSSL is distributed in the hope that it will be useful,
wolfSSL 15:117db924cf7c 13 * but WITHOUT ANY WARRANTY; without even the implied warranty of
wolfSSL 15:117db924cf7c 14 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
wolfSSL 15:117db924cf7c 15 * GNU General Public License for more details.
wolfSSL 15:117db924cf7c 16 *
wolfSSL 15:117db924cf7c 17 * You should have received a copy of the GNU General Public License
wolfSSL 15:117db924cf7c 18 * along with this program; if not, write to the Free Software
wolfSSL 15:117db924cf7c 19 * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1335, USA
wolfSSL 15:117db924cf7c 20 */
wolfSSL 15:117db924cf7c 21
wolfSSL 15:117db924cf7c 22 /*!
wolfSSL 15:117db924cf7c 23 \file wolfssl/wolfcrypt/random.h
wolfSSL 15:117db924cf7c 24 */
wolfSSL 15:117db924cf7c 25
wolfSSL 15:117db924cf7c 26
wolfSSL 15:117db924cf7c 27
wolfSSL 15:117db924cf7c 28 #ifndef WOLF_CRYPT_RANDOM_H
wolfSSL 15:117db924cf7c 29 #define WOLF_CRYPT_RANDOM_H
wolfSSL 15:117db924cf7c 30
wolfSSL 15:117db924cf7c 31 #include <wolfssl/wolfcrypt/types.h>
wolfSSL 15:117db924cf7c 32
wolfSSL 15:117db924cf7c 33 #if defined(HAVE_FIPS) && \
wolfSSL 15:117db924cf7c 34 defined(HAVE_FIPS_VERSION) && (HAVE_FIPS_VERSION >= 2)
wolfSSL 15:117db924cf7c 35 #include <wolfssl/wolfcrypt/fips.h>
wolfSSL 15:117db924cf7c 36 #endif /* HAVE_FIPS_VERSION >= 2 */
wolfSSL 15:117db924cf7c 37
wolfSSL 15:117db924cf7c 38 /* included for fips @wc_fips */
wolfSSL 15:117db924cf7c 39 #if defined(HAVE_FIPS) && \
wolfSSL 15:117db924cf7c 40 (!defined(HAVE_FIPS_VERSION) || (HAVE_FIPS_VERSION < 2))
wolfSSL 15:117db924cf7c 41 #include <cyassl/ctaocrypt/random.h>
wolfSSL 15:117db924cf7c 42 #endif
wolfSSL 15:117db924cf7c 43
wolfSSL 15:117db924cf7c 44 #ifdef __cplusplus
wolfSSL 15:117db924cf7c 45 extern "C" {
wolfSSL 15:117db924cf7c 46 #endif
wolfSSL 15:117db924cf7c 47
wolfSSL 15:117db924cf7c 48 /* Maximum generate block length */
wolfSSL 15:117db924cf7c 49 #ifndef RNG_MAX_BLOCK_LEN
wolfSSL 15:117db924cf7c 50 #ifdef HAVE_INTEL_QA
wolfSSL 15:117db924cf7c 51 #define RNG_MAX_BLOCK_LEN (0xFFFF)
wolfSSL 15:117db924cf7c 52 #else
wolfSSL 15:117db924cf7c 53 #define RNG_MAX_BLOCK_LEN (0x10000)
wolfSSL 15:117db924cf7c 54 #endif
wolfSSL 15:117db924cf7c 55 #endif
wolfSSL 15:117db924cf7c 56
wolfSSL 15:117db924cf7c 57 /* Size of the BRBG seed */
wolfSSL 15:117db924cf7c 58 #ifndef DRBG_SEED_LEN
wolfSSL 15:117db924cf7c 59 #define DRBG_SEED_LEN (440/8)
wolfSSL 15:117db924cf7c 60 #endif
wolfSSL 15:117db924cf7c 61
wolfSSL 15:117db924cf7c 62
wolfSSL 15:117db924cf7c 63 #if !defined(CUSTOM_RAND_TYPE)
wolfSSL 15:117db924cf7c 64 /* To maintain compatibility the default is byte */
wolfSSL 15:117db924cf7c 65 #define CUSTOM_RAND_TYPE byte
wolfSSL 15:117db924cf7c 66 #endif
wolfSSL 15:117db924cf7c 67
wolfSSL 15:117db924cf7c 68 /* make sure Hash DRBG is enabled, unless WC_NO_HASHDRBG is defined
wolfSSL 15:117db924cf7c 69 or CUSTOM_RAND_GENERATE_BLOCK is defined*/
wolfSSL 15:117db924cf7c 70 #if !defined(WC_NO_HASHDRBG) || !defined(CUSTOM_RAND_GENERATE_BLOCK)
wolfSSL 15:117db924cf7c 71 #undef HAVE_HASHDRBG
wolfSSL 15:117db924cf7c 72 #define HAVE_HASHDRBG
wolfSSL 15:117db924cf7c 73 #ifndef WC_RESEED_INTERVAL
wolfSSL 15:117db924cf7c 74 #define WC_RESEED_INTERVAL (1000000)
wolfSSL 15:117db924cf7c 75 #endif
wolfSSL 15:117db924cf7c 76 #endif
wolfSSL 15:117db924cf7c 77
wolfSSL 15:117db924cf7c 78
wolfSSL 15:117db924cf7c 79 /* avoid redefinition of structs */
wolfSSL 15:117db924cf7c 80 #if !defined(HAVE_FIPS) || \
wolfSSL 15:117db924cf7c 81 (defined(HAVE_FIPS_VERSION) && (HAVE_FIPS_VERSION >= 2))
wolfSSL 15:117db924cf7c 82
wolfSSL 15:117db924cf7c 83 /* RNG supports the following sources (in order):
wolfSSL 15:117db924cf7c 84 * 1. CUSTOM_RAND_GENERATE_BLOCK: Defines name of function as RNG source and
wolfSSL 15:117db924cf7c 85 * bypasses the options below.
wolfSSL 15:117db924cf7c 86 * 2. HAVE_INTEL_RDRAND: Uses the Intel RDRAND if supported by CPU.
wolfSSL 15:117db924cf7c 87 * 3. HAVE_HASHDRBG (requires SHA256 enabled): Uses SHA256 based P-RNG
wolfSSL 15:117db924cf7c 88 * seeded via wc_GenerateSeed. This is the default source.
wolfSSL 15:117db924cf7c 89 */
wolfSSL 15:117db924cf7c 90
wolfSSL 15:117db924cf7c 91 /* Seed source can be overriden by defining one of these:
wolfSSL 15:117db924cf7c 92 CUSTOM_RAND_GENERATE_SEED
wolfSSL 15:117db924cf7c 93 CUSTOM_RAND_GENERATE_SEED_OS
wolfSSL 15:117db924cf7c 94 CUSTOM_RAND_GENERATE */
wolfSSL 15:117db924cf7c 95
wolfSSL 15:117db924cf7c 96
wolfSSL 15:117db924cf7c 97 #if defined(CUSTOM_RAND_GENERATE_BLOCK)
wolfSSL 15:117db924cf7c 98 /* To use define the following:
wolfSSL 15:117db924cf7c 99 * #define CUSTOM_RAND_GENERATE_BLOCK myRngFunc
wolfSSL 15:117db924cf7c 100 * extern int myRngFunc(byte* output, word32 sz);
wolfSSL 15:117db924cf7c 101 */
wolfSSL 15:117db924cf7c 102 #elif defined(HAVE_HASHDRBG)
wolfSSL 15:117db924cf7c 103 #ifdef NO_SHA256
wolfSSL 15:117db924cf7c 104 #error "Hash DRBG requires SHA-256."
wolfSSL 15:117db924cf7c 105 #endif /* NO_SHA256 */
wolfSSL 15:117db924cf7c 106 #include <wolfssl/wolfcrypt/sha256.h>
wolfSSL 15:117db924cf7c 107 #elif defined(HAVE_WNR)
wolfSSL 15:117db924cf7c 108 /* allow whitewood as direct RNG source using wc_GenerateSeed directly */
wolfSSL 15:117db924cf7c 109 #else
wolfSSL 15:117db924cf7c 110 #error No RNG source defined!
wolfSSL 15:117db924cf7c 111 #endif
wolfSSL 15:117db924cf7c 112
wolfSSL 15:117db924cf7c 113 #ifdef HAVE_WNR
wolfSSL 15:117db924cf7c 114 #include <wnr.h>
wolfSSL 15:117db924cf7c 115 #endif
wolfSSL 15:117db924cf7c 116
wolfSSL 15:117db924cf7c 117 #ifdef WOLFSSL_ASYNC_CRYPT
wolfSSL 15:117db924cf7c 118 #include <wolfssl/wolfcrypt/async.h>
wolfSSL 15:117db924cf7c 119 #endif
wolfSSL 15:117db924cf7c 120
wolfSSL 15:117db924cf7c 121
wolfSSL 15:117db924cf7c 122 #if defined(USE_WINDOWS_API)
wolfSSL 15:117db924cf7c 123 #if defined(_WIN64)
wolfSSL 15:117db924cf7c 124 typedef unsigned __int64 ProviderHandle;
wolfSSL 15:117db924cf7c 125 /* type HCRYPTPROV, avoid #include <windows.h> */
wolfSSL 15:117db924cf7c 126 #else
wolfSSL 15:117db924cf7c 127 typedef unsigned long ProviderHandle;
wolfSSL 15:117db924cf7c 128 #endif
wolfSSL 15:117db924cf7c 129 #endif
wolfSSL 15:117db924cf7c 130
wolfSSL 15:117db924cf7c 131
wolfSSL 15:117db924cf7c 132 /* OS specific seeder */
wolfSSL 15:117db924cf7c 133 typedef struct OS_Seed {
wolfSSL 15:117db924cf7c 134 #if defined(USE_WINDOWS_API)
wolfSSL 15:117db924cf7c 135 ProviderHandle handle;
wolfSSL 15:117db924cf7c 136 #else
wolfSSL 15:117db924cf7c 137 int fd;
wolfSSL 15:117db924cf7c 138 #endif
wolfSSL 15:117db924cf7c 139 } OS_Seed;
wolfSSL 15:117db924cf7c 140
wolfSSL 15:117db924cf7c 141
wolfSSL 15:117db924cf7c 142 #ifndef WC_RNG_TYPE_DEFINED /* guard on redeclaration */
wolfSSL 15:117db924cf7c 143 typedef struct WC_RNG WC_RNG;
wolfSSL 15:117db924cf7c 144 #define WC_RNG_TYPE_DEFINED
wolfSSL 15:117db924cf7c 145 #endif
wolfSSL 15:117db924cf7c 146
wolfSSL 15:117db924cf7c 147 /* RNG context */
wolfSSL 15:117db924cf7c 148 struct WC_RNG {
wolfSSL 15:117db924cf7c 149 OS_Seed seed;
wolfSSL 15:117db924cf7c 150 void* heap;
wolfSSL 15:117db924cf7c 151 #ifdef HAVE_HASHDRBG
wolfSSL 15:117db924cf7c 152 /* Hash-based Deterministic Random Bit Generator */
wolfSSL 15:117db924cf7c 153 struct DRBG* drbg;
wolfSSL 15:117db924cf7c 154 byte status;
wolfSSL 15:117db924cf7c 155 #endif
wolfSSL 15:117db924cf7c 156 #ifdef WOLFSSL_ASYNC_CRYPT
wolfSSL 15:117db924cf7c 157 WC_ASYNC_DEV asyncDev;
wolfSSL 15:117db924cf7c 158 int devId;
wolfSSL 15:117db924cf7c 159 #endif
wolfSSL 15:117db924cf7c 160 };
wolfSSL 15:117db924cf7c 161
wolfSSL 15:117db924cf7c 162 #endif /* NO FIPS or have FIPS v2*/
wolfSSL 15:117db924cf7c 163
wolfSSL 15:117db924cf7c 164 /* NO_OLD_RNGNAME removes RNG struct name to prevent possible type conflicts,
wolfSSL 15:117db924cf7c 165 * can't be used with CTaoCrypt FIPS */
wolfSSL 15:117db924cf7c 166 #if !defined(NO_OLD_RNGNAME) && !defined(HAVE_FIPS)
wolfSSL 15:117db924cf7c 167 #define RNG WC_RNG
wolfSSL 15:117db924cf7c 168 #endif
wolfSSL 15:117db924cf7c 169
wolfSSL 15:117db924cf7c 170
wolfSSL 15:117db924cf7c 171 WOLFSSL_LOCAL
wolfSSL 15:117db924cf7c 172 int wc_GenerateSeed(OS_Seed* os, byte* seed, word32 sz);
wolfSSL 15:117db924cf7c 173
wolfSSL 15:117db924cf7c 174
wolfSSL 15:117db924cf7c 175 #ifdef HAVE_WNR
wolfSSL 15:117db924cf7c 176 /* Whitewood netRandom client library */
wolfSSL 15:117db924cf7c 177 WOLFSSL_API int wc_InitNetRandom(const char*, wnr_hmac_key, int);
wolfSSL 15:117db924cf7c 178 WOLFSSL_API int wc_FreeNetRandom(void);
wolfSSL 15:117db924cf7c 179 #endif /* HAVE_WNR */
wolfSSL 15:117db924cf7c 180
wolfSSL 15:117db924cf7c 181
wolfSSL 15:117db924cf7c 182 WOLFSSL_API int wc_InitRng(WC_RNG*);
wolfSSL 15:117db924cf7c 183 WOLFSSL_API int wc_InitRng_ex(WC_RNG* rng, void* heap, int devId);
wolfSSL 15:117db924cf7c 184 WOLFSSL_API int wc_InitRngNonce(WC_RNG* rng, byte* nonce, word32 nonceSz);
wolfSSL 15:117db924cf7c 185 WOLFSSL_API int wc_InitRngNonce_ex(WC_RNG* rng, byte* nonce, word32 nonceSz,
wolfSSL 15:117db924cf7c 186 void* heap, int devId);
wolfSSL 15:117db924cf7c 187 WOLFSSL_API int wc_RNG_GenerateBlock(WC_RNG*, byte*, word32 sz);
wolfSSL 15:117db924cf7c 188 WOLFSSL_API int wc_RNG_GenerateByte(WC_RNG*, byte*);
wolfSSL 15:117db924cf7c 189 WOLFSSL_API int wc_FreeRng(WC_RNG*);
wolfSSL 15:117db924cf7c 190
wolfSSL 15:117db924cf7c 191
wolfSSL 15:117db924cf7c 192 #ifdef HAVE_HASHDRBG
wolfSSL 15:117db924cf7c 193 WOLFSSL_LOCAL int wc_RNG_DRBG_Reseed(WC_RNG* rng, const byte* entropy,
wolfSSL 15:117db924cf7c 194 word32 entropySz);
wolfSSL 15:117db924cf7c 195 WOLFSSL_API int wc_RNG_HealthTest(int reseed,
wolfSSL 15:117db924cf7c 196 const byte* entropyA, word32 entropyASz,
wolfSSL 15:117db924cf7c 197 const byte* entropyB, word32 entropyBSz,
wolfSSL 15:117db924cf7c 198 byte* output, word32 outputSz);
wolfSSL 15:117db924cf7c 199 WOLFSSL_API int wc_RNG_HealthTest_ex(int reseed,
wolfSSL 15:117db924cf7c 200 const byte* nonce, word32 nonceSz,
wolfSSL 15:117db924cf7c 201 const byte* entropyA, word32 entropyASz,
wolfSSL 15:117db924cf7c 202 const byte* entropyB, word32 entropyBSz,
wolfSSL 15:117db924cf7c 203 byte* output, word32 outputSz,
wolfSSL 15:117db924cf7c 204 void* heap, int devId);
wolfSSL 15:117db924cf7c 205 #endif /* HAVE_HASHDRBG */
wolfSSL 15:117db924cf7c 206
wolfSSL 15:117db924cf7c 207 #ifdef __cplusplus
wolfSSL 15:117db924cf7c 208 } /* extern "C" */
wolfSSL 15:117db924cf7c 209 #endif
wolfSSL 15:117db924cf7c 210
wolfSSL 15:117db924cf7c 211 #endif /* WOLF_CRYPT_RANDOM_H */
wolfSSL 15:117db924cf7c 212
wolfSSL 15:117db924cf7c 213