diff options
Diffstat (limited to 'src/cryptech_random.c')
-rw-r--r-- | src/cryptech_random.c | 123 |
1 files changed, 123 insertions, 0 deletions
diff --git a/src/cryptech_random.c b/src/cryptech_random.c new file mode 100644 index 0000000..d8f711b --- /dev/null +++ b/src/cryptech_random.c @@ -0,0 +1,123 @@ +/* + * cryptech_random.c + * ----------------- + * + * This is a shim to connect the Cryptech TRNG to Cryptlib's CSPRNG. + * + * Prototype HAL code for the Cryptech environment already provides + * the RNG code required by the HAL, but it doesn't look like Cryptlib + * itself ever calls that, it only seems to use the system device's + * random function. So this shim just uses the code we already wrote + * to meet the HAL API requirement to feed Cryptlib's CSPRNG. + * + * Whether it makes sense to use what we hope is already a good TRNG + * just to provide entropy for a CSPRNG is a question for another day. + * + * Author: Rob Austein + * Copyright (c) 2014, SUNET + * + * Redistribution and use in source and binary forms, with or + * without modification, are permitted provided that the following + * conditions are met: + * + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in + * the documentation and/or other materials provided with the + * distribution. + * + * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS + * "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT + * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS + * FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE + * COPYRIGHT OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, + * INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, + * BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; + * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER + * CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, + * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) + * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF + * ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. + */ + +#if defined( INC_ALL ) + #include "crypt.h" + #include "context.h" + #include "hardware.h" + #include "random.h" +#else + #include "crypt.h" + #include "context/context.h" + #include "device/hardware.h" + #include "random/random.h" +#endif + +#define FAST_BUFSIZE bitsToBytes(64) +#define SLOW_BUFSIZE (5 * FAST_BUFSIZE) + +void fastPoll(void) +{ + MESSAGE_DATA msgData; + unsigned char buffer[FAST_BUFSIZE]; + + if (hwGetRandom(buffer, sizeof(buffer)) == CRYPT_OK) { + setMessageData(&msgData, buffer, sizeof(buffer)); + krnlSendMessage(SYSTEM_OBJECT_HANDLE, IMESSAGE_SETATTRIBUTE_S, &msgData, CRYPT_IATTRIBUTE_ENTROPY); + zeroise(buffer, sizeof(buffer)); + } +} + +void slowPoll(void) +{ + MESSAGE_DATA msgData; + unsigned char buffer[SLOW_BUFSIZE]; + int quality = 100; + + if (hwGetRandom(buffer, sizeof(buffer)) == CRYPT_OK) { + setMessageData(&msgData, buffer, sizeof(buffer)); + krnlSendMessage(SYSTEM_OBJECT_HANDLE, IMESSAGE_SETATTRIBUTE_S, &msgData, CRYPT_IATTRIBUTE_ENTROPY); + zeroise(buffer, sizeof(buffer)); + krnlSendMessage(SYSTEM_OBJECT_HANDLE, IMESSAGE_SETATTRIBUTE, &quality, CRYPT_IATTRIBUTE_ENTROPY_QUALITY); + } +} + +/* + * Might patch these out in random/random.h eventually, but no-op + * stubs will do for testing. + */ + +void initRandomPolling(void) +{ + return; +} + +void endRandomPolling(void) +{ + return; +} + +CHECK_RETVAL \ +int waitforRandomCompletion(const BOOLEAN force) +{ + return CRYPT_OK; +} + +CHECK_RETVAL_BOOL \ +BOOLEAN checkForked(void) +{ + return FALSE; +} + +/* + * "Any programmer who fails to comply with the standard naming, formatting, + * or commenting conventions should be shot. If it so happens that it is + * inconvenient to shoot him, then he is to be politely requested to recode + * his program in adherence to the above standard." + * -- Michael Spier, Digital Equipment Corporation + * + * Local variables: + * indent-tabs-mode: nil + * End: + */ |