Gitly


1 /*
2  *  Platform-specific and custom entropy polling functions
3  *
4  *  Copyright The Mbed TLS Contributors
5  *  SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later
6  */
7 
8 #if defined(__linux__) || defined(__midipix__)
9 /* Ensure that syscall() is available even when compiling with -std=c99 */
10 #if !defined(_GNU_SOURCE)
11 #define _GNU_SOURCE
12 #endif
13 #endif
14 
15 #include "common.h"
16 
17 #include <string.h>
18 
19 #if defined(MBEDTLS_ENTROPY_C)
20 
21 #include "mbedtls/entropy.h"
22 #include "entropy_poll.h"
23 #include "mbedtls/error.h"
24 
25 #if defined(MBEDTLS_TIMING_C)
26 #include "mbedtls/timing.h"
27 #endif
28 #include "mbedtls/platform.h"
29 
30 #if !defined(MBEDTLS_NO_PLATFORM_ENTROPY)
31 
32 #if !defined(unix) && !defined(__unix__) && !defined(__unix) && \
33     !defined(__APPLE__) && !defined(_WIN32) && !defined(__QNXNTO__) && \
34     !defined(__HAIKU__) && !defined(__midipix__) && !defined(__MVS__)
35 #error \
36     "Platform entropy sources only work on Unix and Windows, see MBEDTLS_NO_PLATFORM_ENTROPY in mbedtls_config.h"
37 #endif
38 
39 #if defined(_WIN32) && !defined(EFIX64) && !defined(EFI32)
40 
41 // fallback to 3.3.0 implmentation, as 3.6.5 need a high version of Windows SDK
42 #if !defined(_WIN32_WINNT)
43 #define _WIN32_WINNT 0x0400
44 #endif
45 #include <windows.h>
46 #include <wincrypt.h>
47 
48 int mbedtls_platform_entropy_poll( void *data, unsigned char *output, size_t len,
49                            size_t *olen )
50 {
51     HCRYPTPROV provider;
52     ((void) data);
53     *olen = 0;
54 
55     if( CryptAcquireContext( &provider, NULL, NULL,
56                               PROV_RSA_FULL, CRYPT_VERIFYCONTEXT ) == FALSE )
57     {
58         return( MBEDTLS_ERR_ENTROPY_SOURCE_FAILED );
59     }
60 
61     if( CryptGenRandom( provider, (DWORD) len, output ) == FALSE )
62     {
63         CryptReleaseContext( provider, 0 );
64         return( MBEDTLS_ERR_ENTROPY_SOURCE_FAILED );
65     }
66 
67     CryptReleaseContext( provider, 0 );
68     *olen = len;
69 
70     return( 0 );
71 }
72 #else /* _WIN32 && !EFIX64 && !EFI32 */
73 
74 /*
75  * Test for Linux getrandom() support.
76  * Since there is no wrapper in the libc yet, use the generic syscall wrapper
77  * available in GNU libc and compatible libc's (eg uClibc).
78  */
79 #if ((defined(__linux__) && defined(__GLIBC__)) || defined(__midipix__))
80 #include <unistd.h>
81 #include <sys/syscall.h>
82 #if defined(SYS_getrandom)
83 #define HAVE_GETRANDOM
84 #include <errno.h>
85 
86 static int getrandom_wrapper(void *buf, size_t buflen, unsigned int flags)
87 {
88     /* MemSan cannot understand that the syscall writes to the buffer */
89 #if defined(__has_feature)
90 #if __has_feature(memory_sanitizer)
91     memset(buf, 0, buflen);
92 #endif
93 #endif
94     return (int) syscall(SYS_getrandom, buf, buflen, flags);
95 }
96 #endif /* SYS_getrandom */
97 #endif /* __linux__ || __midipix__ */
98 
99 #if defined(__FreeBSD__) || defined(__DragonFly__)
100 #include <sys/param.h>
101 #if (defined(__FreeBSD__) && __FreeBSD_version >= 1200000) || \
102     (defined(__DragonFly__) && __DragonFly_version >= 500700)
103 #include <errno.h>
104 #include <sys/random.h>
105 #define HAVE_GETRANDOM
106 static int getrandom_wrapper(void *buf, size_t buflen, unsigned int flags)
107 {
108     return (int) getrandom(buf, buflen, flags);
109 }
110 #endif /* (__FreeBSD__ && __FreeBSD_version >= 1200000) ||
111           (__DragonFly__ && __DragonFly_version >= 500700) */
112 #endif /* __FreeBSD__ || __DragonFly__ */
113 
114 /*
115  * Some BSD systems provide KERN_ARND.
116  * This is equivalent to reading from /dev/urandom, only it doesn't require an
117  * open file descriptor, and provides up to 256 bytes per call (basically the
118  * same as getentropy(), but with a longer history).
119  *
120  * Documentation: https://netbsd.gw.com/cgi-bin/man-cgi?sysctl+7
121  */
122 #if defined(__APPLE__)
123 #include <stdlib.h>
124 #define HAVE_ARC4RANDOM
125 #endif
126 
127 #if (defined(__FreeBSD__) || defined(__NetBSD__)) && !defined(HAVE_GETRANDOM)
128 #include <sys/param.h>
129 #include <sys/sysctl.h>
130 #if defined(KERN_ARND)
131 #define HAVE_SYSCTL_ARND
132 
133 static int sysctl_arnd_wrapper(unsigned char *buf, size_t buflen)
134 {
135     int name[2];
136     size_t len;
137 
138     name[0] = CTL_KERN;
139     name[1] = KERN_ARND;
140 
141     while (buflen > 0) {
142         len = buflen > 256 ? 256 : buflen;
143         if (sysctl(name, 2, buf, &len, NULL, 0) == -1) {
144             return -1;
145         }
146         buflen -= len;
147         buf += len;
148     }
149     return 0;
150 }
151 #endif /* KERN_ARND */
152 #endif /* __FreeBSD__ || __NetBSD__ */
153 
154 #include <stdio.h>
155 
156 const char *mbedtls_platform_dev_random = MBEDTLS_PLATFORM_DEV_RANDOM;
157 
158 int mbedtls_platform_entropy_poll(void *data,
159                                   unsigned char *output, size_t len, size_t *olen)
160 {
161     FILE *file;
162     size_t read_len;
163     int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
164     ((void) data);
165 
166 #if defined(HAVE_GETRANDOM)
167     ret = getrandom_wrapper(output, len, 0);
168     if (ret >= 0) {
169         *olen = (size_t) ret;
170         return 0;
171     } else if (errno != ENOSYS) {
172         return MBEDTLS_ERR_ENTROPY_SOURCE_FAILED;
173     }
174     /* Fall through if the system call isn't known. */
175 #else
176     ((void) ret);
177 #endif /* HAVE_GETRANDOM */
178 
179 #if defined(HAVE_ARC4RANDOM)
180     ((void) file);
181     ((void) read_len);
182     arc4random_buf(output, len);
183     *olen = len;
184     return 0;
185 #elif defined(HAVE_SYSCTL_ARND)
186     ((void) file);
187     ((void) read_len);
188     if (sysctl_arnd_wrapper(output, len) == -1) {
189         return MBEDTLS_ERR_ENTROPY_SOURCE_FAILED;
190     }
191     *olen = len;
192     return 0;
193 #else
194 
195     *olen = 0;
196 
197     file = fopen(mbedtls_platform_dev_random, "rb");
198     if (file == NULL) {
199         return MBEDTLS_ERR_ENTROPY_SOURCE_FAILED;
200     }
201 
202     /* Ensure no stdio buffering of secrets, as such buffers cannot be wiped. */
203     mbedtls_setbuf(file, NULL);
204 
205     read_len = fread(output, 1, len, file);
206     if (read_len != len) {
207         fclose(file);
208         return MBEDTLS_ERR_ENTROPY_SOURCE_FAILED;
209     }
210 
211     fclose(file);
212     *olen = len;
213 
214     return 0;
215 #endif /* HAVE_SYSCTL_ARND */
216 }
217 #endif /* _WIN32 && !EFIX64 && !EFI32 */
218 #endif /* !MBEDTLS_NO_PLATFORM_ENTROPY */
219 
220 #if defined(MBEDTLS_ENTROPY_NV_SEED)
221 int mbedtls_nv_seed_poll(void *data,
222                          unsigned char *output, size_t len, size_t *olen)
223 {
224     unsigned char buf[MBEDTLS_ENTROPY_BLOCK_SIZE];
225     size_t use_len = MBEDTLS_ENTROPY_BLOCK_SIZE;
226     ((void) data);
227 
228     memset(buf, 0, MBEDTLS_ENTROPY_BLOCK_SIZE);
229 
230     if (mbedtls_nv_seed_read(buf, MBEDTLS_ENTROPY_BLOCK_SIZE) < 0) {
231         return MBEDTLS_ERR_ENTROPY_SOURCE_FAILED;
232     }
233 
234     if (len < use_len) {
235         use_len = len;
236     }
237 
238     memcpy(output, buf, use_len);
239     *olen = use_len;
240 
241     return 0;
242 }
243 #endif /* MBEDTLS_ENTROPY_NV_SEED */
244 
245 #endif /* MBEDTLS_ENTROPY_C */
246

1	/*
2	* Platform-specific and custom entropy polling functions
3	*
4	* Copyright The Mbed TLS Contributors
5	* SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later
6	*/
7
8	#if defined(__linux__) \|\| defined(__midipix__)
9	/ Ensure that syscall() is available even when compiling with -std=c99 /
10	#if !defined(_GNU_SOURCE)
11	#define _GNU_SOURCE
12	#endif
13	#endif
14
15	#include "common.h"
16
17	#include <string.h>
18
19	#if defined(MBEDTLS_ENTROPY_C)
20
21	#include "mbedtls/entropy.h"
22	#include "entropy_poll.h"
23	#include "mbedtls/error.h"
24
25	#if defined(MBEDTLS_TIMING_C)
26	#include "mbedtls/timing.h"
27	#endif
28	#include "mbedtls/platform.h"
29
30	#if !defined(MBEDTLS_NO_PLATFORM_ENTROPY)
31
32	#if !defined(unix) && !defined(__unix__) && !defined(__unix) && \
33	!defined(__APPLE__) && !defined(_WIN32) && !defined(__QNXNTO__) && \
34	!defined(__HAIKU__) && !defined(__midipix__) && !defined(__MVS__)
35	#error \
36	"Platform entropy sources only work on Unix and Windows, see MBEDTLS_NO_PLATFORM_ENTROPY in mbedtls_config.h"
37	#endif
38
39	#if defined(_WIN32) && !defined(EFIX64) && !defined(EFI32)
40
41	// fallback to 3.3.0 implmentation, as 3.6.5 need a high version of Windows SDK
42	#if !defined(_WIN32_WINNT)
43	#define _WIN32_WINNT 0x0400
44	#endif
45	#include <windows.h>
46	#include <wincrypt.h>
47
48	int mbedtls_platform_entropy_poll( void data, unsigned* char *output, size_t len,
49	size_t *olen )
50	{
51	HCRYPTPROV provider;
52	((void) data);
53	*olen = 0;
54
55	if( CryptAcquireContext( &provider, NULL, NULL,
56	PROV_RSA_FULL, CRYPT_VERIFYCONTEXT ) == FALSE )
57	{
58	return( MBEDTLS_ERR_ENTROPY_SOURCE_FAILED );
59	}
60
61	if( CryptGenRandom( provider, (DWORD) len, output ) == FALSE )
62	{
63	CryptReleaseContext( provider, 0 );
64	return( MBEDTLS_ERR_ENTROPY_SOURCE_FAILED );
65	}
66
67	CryptReleaseContext( provider, 0 );
68	*olen = len;
69
70	return( 0 );
71	}
72	#else / _WIN32 && !EFIX64 && !EFI32 /
73
74	/*
75	* Test for Linux getrandom() support.
76	* Since there is no wrapper in the libc yet, use the generic syscall wrapper
77	* available in GNU libc and compatible libc's (eg uClibc).
78	*/
79	#if ((defined(__linux__) && defined(__GLIBC__)) \|\| defined(__midipix__))
80	#include <unistd.h>
81	#include <sys/syscall.h>
82	#if defined(SYS_getrandom)
83	#define HAVE_GETRANDOM
84	#include <errno.h>
85
86	static int getrandom_wrapper(void buf, size_t buflen, unsigned* int flags)
87	{
88	/ MemSan cannot understand that the syscall writes to the buffer /
89	#if defined(__has_feature)
90	#if __has_feature(memory_sanitizer)
91	memset(buf, 0, buflen);
92	#endif
93	#endif
94	return (int) syscall(SYS_getrandom, buf, buflen, flags);
95	}
96	#endif / SYS_getrandom /
97	#endif / __linux__ \|\| __midipix__ /
98
99	#if defined(__FreeBSD__) \|\| defined(__DragonFly__)
100	#include <sys/param.h>
101	#if (defined(__FreeBSD__) && __FreeBSD_version >= 1200000) \|\| \
102	(defined(__DragonFly__) && __DragonFly_version >= 500700)
103	#include <errno.h>
104	#include <sys/random.h>
105	#define HAVE_GETRANDOM
106	static int getrandom_wrapper(void buf, size_t buflen, unsigned* int flags)
107	{
108	return (int) getrandom(buf, buflen, flags);
109	}
110	#endif / (__FreeBSD__ && __FreeBSD_version >= 1200000) \|\|*
111	(__DragonFly__ && __DragonFly_version >= 500700) /*
112	#endif / __FreeBSD__ \|\| __DragonFly__ /
113
114	/*
115	* Some BSD systems provide KERN_ARND.
116	* This is equivalent to reading from /dev/urandom, only it doesn't require an
117	* open file descriptor, and provides up to 256 bytes per call (basically the
118	* same as getentropy(), but with a longer history).
119	*
120	* Documentation: https://netbsd.gw.com/cgi-bin/man-cgi?sysctl+7
121	*/
122	#if defined(__APPLE__)
123	#include <stdlib.h>
124	#define HAVE_ARC4RANDOM
125	#endif
126
127	#if (defined(__FreeBSD__) \|\| defined(__NetBSD__)) && !defined(HAVE_GETRANDOM)
128	#include <sys/param.h>
129	#include <sys/sysctl.h>
130	#if defined(KERN_ARND)
131	#define HAVE_SYSCTL_ARND
132
133	static int sysctl_arnd_wrapper(unsigned char *buf, size_t buflen)
134	{
135	int name[2];
136	size_t len;
137
138	name[0] = CTL_KERN;
139	name[1] = KERN_ARND;
140
141	while (buflen > 0) {
142	len = buflen > 256 ? 256 : buflen;
143	if (sysctl(name, 2, buf, &len, NULL, 0) == -1) {
144	return -1;
145	}
146	buflen -= len;
147	buf += len;
148	}
149	return 0;
150	}
151	#endif / KERN_ARND /
152	#endif / __FreeBSD__ \|\| __NetBSD__ /
153
154	#include <stdio.h>
155
156	const char *mbedtls_platform_dev_random = MBEDTLS_PLATFORM_DEV_RANDOM;
157
158	int mbedtls_platform_entropy_poll(void *data,
159	unsigned char output, size_t len, size_t olen)
160	{
161	FILE *file;
162	size_t read_len;
163	int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
164	((void) data);
165
166	#if defined(HAVE_GETRANDOM)
167	ret = getrandom_wrapper(output, len, 0);
168	if (ret >= 0) {
169	*olen = (size_t) ret;
170	return 0;
171	} else if (errno != ENOSYS) {
172	return MBEDTLS_ERR_ENTROPY_SOURCE_FAILED;
173	}
174	/ Fall through if the system call isn't known. /
175	#else
176	((void) ret);
177	#endif / HAVE_GETRANDOM /
178
179	#if defined(HAVE_ARC4RANDOM)
180	((void) file);
181	((void) read_len);
182	arc4random_buf(output, len);
183	*olen = len;
184	return 0;
185	#elif defined(HAVE_SYSCTL_ARND)
186	((void) file);
187	((void) read_len);
188	if (sysctl_arnd_wrapper(output, len) == -1) {
189	return MBEDTLS_ERR_ENTROPY_SOURCE_FAILED;
190	}
191	*olen = len;
192	return 0;
193	#else
194
195	*olen = 0;
196
197	file = fopen(mbedtls_platform_dev_random, "rb");
198	if (file == NULL) {
199	return MBEDTLS_ERR_ENTROPY_SOURCE_FAILED;
200	}
201
202	/ Ensure no stdio buffering of secrets, as such buffers cannot be wiped. /
203	mbedtls_setbuf(file, NULL);
204
205	read_len = fread(output, 1, len, file);
206	if (read_len != len) {
207	fclose(file);
208	return MBEDTLS_ERR_ENTROPY_SOURCE_FAILED;
209	}
210
211	fclose(file);
212	*olen = len;
213
214	return 0;
215	#endif / HAVE_SYSCTL_ARND /
216	}
217	#endif / _WIN32 && !EFIX64 && !EFI32 /
218	#endif / !MBEDTLS_NO_PLATFORM_ENTROPY /
219
220	#if defined(MBEDTLS_ENTROPY_NV_SEED)
221	int mbedtls_nv_seed_poll(void *data,
222	unsigned char output, size_t len, size_t olen)
223	{
224	unsigned char buf[MBEDTLS_ENTROPY_BLOCK_SIZE];
225	size_t use_len = MBEDTLS_ENTROPY_BLOCK_SIZE;
226	((void) data);
227
228	memset(buf, 0, MBEDTLS_ENTROPY_BLOCK_SIZE);
229
230	if (mbedtls_nv_seed_read(buf, MBEDTLS_ENTROPY_BLOCK_SIZE) < 0) {
231	return MBEDTLS_ERR_ENTROPY_SOURCE_FAILED;
232	}
233
234	if (len < use_len) {
235	use_len = len;
236	}
237
238	memcpy(output, buf, use_len);
239	*olen = use_len;
240
241	return 0;
242	}
243	#endif / MBEDTLS_ENTROPY_NV_SEED /
244
245	#endif / MBEDTLS_ENTROPY_C /
246