2002-10-04 17:31:41 +00:00
|
|
|
#ifndef CRYPTOPP_OSRNG_H
|
|
|
|
|
#define CRYPTOPP_OSRNG_H
|
|
|
|
|
|
2010-08-08 23:02:36 +00:00
|
|
|
//! \file
|
|
|
|
|
|
2002-10-04 17:31:41 +00:00
|
|
|
#include "config.h"
|
|
|
|
|
|
|
|
|
|
#ifdef OS_RNG_AVAILABLE
|
|
|
|
|
|
|
|
|
|
#include "randpool.h"
|
|
|
|
|
#include "rng.h"
|
2007-05-04 15:04:58 +00:00
|
|
|
#include "aes.h"
|
2007-05-04 16:13:42 +00:00
|
|
|
#include "sha.h"
|
2004-04-08 01:32:07 +00:00
|
|
|
#include "fips140.h"
|
2002-10-04 17:31:41 +00:00
|
|
|
|
|
|
|
|
NAMESPACE_BEGIN(CryptoPP)
|
|
|
|
|
|
|
|
|
|
//! Exception class for Operating-System Random Number Generator.
|
2003-07-04 00:17:37 +00:00
|
|
|
class CRYPTOPP_DLL OS_RNG_Err : public Exception
|
2002-10-04 17:31:41 +00:00
|
|
|
{
|
|
|
|
|
public:
|
|
|
|
|
OS_RNG_Err(const std::string &operation);
|
|
|
|
|
};
|
|
|
|
|
|
|
|
|
|
#ifdef NONBLOCKING_RNG_AVAILABLE
|
|
|
|
|
|
|
|
|
|
#ifdef CRYPTOPP_WIN32_AVAILABLE
|
2003-07-04 00:17:37 +00:00
|
|
|
class CRYPTOPP_DLL MicrosoftCryptoProvider
|
2002-10-04 17:31:41 +00:00
|
|
|
{
|
|
|
|
|
public:
|
|
|
|
|
MicrosoftCryptoProvider();
|
|
|
|
|
~MicrosoftCryptoProvider();
|
2015-06-30 22:25:15 -04:00
|
|
|
|
|
|
|
|
// type HCRYPTPROV, avoid #include <windows.h>
|
|
|
|
|
#if defined(__CYGWIN__) && defined(__x86_64__)
|
|
|
|
|
typedef unsigned long long ProviderHandle;
|
|
|
|
|
#elif defined(_WIN64)
|
|
|
|
|
typedef unsigned __int64 ProviderHandle;
|
2002-10-04 17:31:41 +00:00
|
|
|
#else
|
|
|
|
|
typedef unsigned long ProviderHandle;
|
|
|
|
|
#endif
|
2015-06-30 22:25:15 -04:00
|
|
|
|
2002-10-04 17:31:41 +00:00
|
|
|
ProviderHandle GetProviderHandle() const {return m_hProvider;}
|
|
|
|
|
private:
|
|
|
|
|
ProviderHandle m_hProvider;
|
|
|
|
|
};
|
2004-04-08 01:32:07 +00:00
|
|
|
|
2015-07-23 08:52:08 -04:00
|
|
|
#if defined(_MSC_VER)
|
2015-07-19 15:09:04 -04:00
|
|
|
# pragma comment(lib, "advapi32.lib")
|
2015-07-23 08:52:08 -04:00
|
|
|
#endif
|
2015-07-19 15:09:04 -04:00
|
|
|
|
|
|
|
|
#endif //CRYPTOPP_WIN32_AVAILABLE
|
2002-10-04 17:31:41 +00:00
|
|
|
|
|
|
|
|
//! encapsulate CryptoAPI's CryptGenRandom or /dev/urandom
|
2003-07-04 00:17:37 +00:00
|
|
|
class CRYPTOPP_DLL NonblockingRng : public RandomNumberGenerator
|
2002-10-04 17:31:41 +00:00
|
|
|
{
|
|
|
|
|
public:
|
|
|
|
|
NonblockingRng();
|
|
|
|
|
~NonblockingRng();
|
2005-07-12 04:23:32 +00:00
|
|
|
void GenerateBlock(byte *output, size_t size);
|
2002-10-04 17:31:41 +00:00
|
|
|
|
|
|
|
|
protected:
|
|
|
|
|
#ifdef CRYPTOPP_WIN32_AVAILABLE
|
|
|
|
|
# ifndef WORKAROUND_MS_BUG_Q258000
|
|
|
|
|
MicrosoftCryptoProvider m_Provider;
|
|
|
|
|
# endif
|
|
|
|
|
#else
|
|
|
|
|
int m_fd;
|
|
|
|
|
#endif
|
|
|
|
|
};
|
|
|
|
|
|
|
|
|
|
#endif
|
|
|
|
|
|
|
|
|
|
#ifdef BLOCKING_RNG_AVAILABLE
|
|
|
|
|
|
2007-04-16 00:41:11 +00:00
|
|
|
//! encapsulate /dev/random, or /dev/srandom on OpenBSD
|
2003-07-04 00:17:37 +00:00
|
|
|
class CRYPTOPP_DLL BlockingRng : public RandomNumberGenerator
|
2002-10-04 17:31:41 +00:00
|
|
|
{
|
|
|
|
|
public:
|
|
|
|
|
BlockingRng();
|
|
|
|
|
~BlockingRng();
|
2005-07-12 04:23:32 +00:00
|
|
|
void GenerateBlock(byte *output, size_t size);
|
2002-10-04 17:31:41 +00:00
|
|
|
|
|
|
|
|
protected:
|
|
|
|
|
int m_fd;
|
|
|
|
|
};
|
|
|
|
|
|
|
|
|
|
#endif
|
|
|
|
|
|
2005-07-12 04:23:32 +00:00
|
|
|
CRYPTOPP_DLL void CRYPTOPP_API OS_GenerateRandomBlock(bool blocking, byte *output, size_t size);
|
2002-10-04 17:31:41 +00:00
|
|
|
|
2015-07-19 15:09:04 -04:00
|
|
|
//! Automatically Seeded Randomness Pool
|
2002-10-04 17:31:41 +00:00
|
|
|
/*! This class seeds itself using an operating system provided RNG. */
|
2003-07-04 00:17:37 +00:00
|
|
|
class CRYPTOPP_DLL AutoSeededRandomPool : public RandomPool
|
2002-10-04 17:31:41 +00:00
|
|
|
{
|
|
|
|
|
public:
|
2007-04-16 00:41:11 +00:00
|
|
|
//! use blocking to choose seeding with BlockingRng or NonblockingRng. the parameter is ignored if only one of these is available
|
2002-10-04 17:31:41 +00:00
|
|
|
explicit AutoSeededRandomPool(bool blocking = false, unsigned int seedSize = 32)
|
|
|
|
|
{Reseed(blocking, seedSize);}
|
|
|
|
|
void Reseed(bool blocking = false, unsigned int seedSize = 32);
|
|
|
|
|
};
|
|
|
|
|
|
|
|
|
|
//! RNG from ANSI X9.17 Appendix C, seeded using an OS provided RNG
|
|
|
|
|
template <class BLOCK_CIPHER>
|
2003-07-04 00:17:37 +00:00
|
|
|
class AutoSeededX917RNG : public RandomNumberGenerator, public NotCopyable
|
2002-10-04 17:31:41 +00:00
|
|
|
{
|
|
|
|
|
public:
|
2007-04-16 00:41:11 +00:00
|
|
|
//! use blocking to choose seeding with BlockingRng or NonblockingRng. the parameter is ignored if only one of these is available
|
2010-07-29 10:50:42 +00:00
|
|
|
explicit AutoSeededX917RNG(bool blocking = false, bool autoSeed = true)
|
|
|
|
|
{if (autoSeed) Reseed(blocking);}
|
2007-05-04 15:04:58 +00:00
|
|
|
void Reseed(bool blocking = false, const byte *additionalEntropy = NULL, size_t length = 0);
|
2002-10-17 16:32:28 +00:00
|
|
|
// exposed for testing
|
2005-07-12 04:23:32 +00:00
|
|
|
void Reseed(const byte *key, size_t keylength, const byte *seed, const byte *timeVector);
|
2002-10-04 17:31:41 +00:00
|
|
|
|
2007-05-04 15:04:58 +00:00
|
|
|
bool CanIncorporateEntropy() const {return true;}
|
|
|
|
|
void IncorporateEntropy(const byte *input, size_t length) {Reseed(false, input, length);}
|
|
|
|
|
void GenerateIntoBufferedTransformation(BufferedTransformation &target, const std::string &channel, lword length) {m_rng->GenerateIntoBufferedTransformation(target, channel, length);}
|
2002-10-04 17:31:41 +00:00
|
|
|
|
|
|
|
|
private:
|
|
|
|
|
member_ptr<RandomNumberGenerator> m_rng;
|
|
|
|
|
};
|
|
|
|
|
|
2002-10-17 16:32:28 +00:00
|
|
|
template <class BLOCK_CIPHER>
|
2005-07-12 04:23:32 +00:00
|
|
|
void AutoSeededX917RNG<BLOCK_CIPHER>::Reseed(const byte *key, size_t keylength, const byte *seed, const byte *timeVector)
|
2002-10-17 16:32:28 +00:00
|
|
|
{
|
|
|
|
|
m_rng.reset(new X917RNG(new typename BLOCK_CIPHER::Encryption(key, keylength), seed, timeVector));
|
|
|
|
|
}
|
|
|
|
|
|
2002-10-04 17:31:41 +00:00
|
|
|
template <class BLOCK_CIPHER>
|
2007-05-04 15:04:58 +00:00
|
|
|
void AutoSeededX917RNG<BLOCK_CIPHER>::Reseed(bool blocking, const byte *input, size_t length)
|
2002-10-04 17:31:41 +00:00
|
|
|
{
|
|
|
|
|
SecByteBlock seed(BLOCK_CIPHER::BLOCKSIZE + BLOCK_CIPHER::DEFAULT_KEYLENGTH);
|
|
|
|
|
const byte *key;
|
|
|
|
|
do
|
|
|
|
|
{
|
|
|
|
|
OS_GenerateRandomBlock(blocking, seed, seed.size());
|
2007-05-04 15:04:58 +00:00
|
|
|
if (length > 0)
|
|
|
|
|
{
|
|
|
|
|
SHA256 hash;
|
|
|
|
|
hash.Update(seed, seed.size());
|
|
|
|
|
hash.Update(input, length);
|
|
|
|
|
hash.TruncatedFinal(seed, UnsignedMin(hash.DigestSize(), seed.size()));
|
|
|
|
|
}
|
2002-10-04 17:31:41 +00:00
|
|
|
key = seed + BLOCK_CIPHER::BLOCKSIZE;
|
|
|
|
|
} // check that seed and key don't have same value
|
|
|
|
|
while (memcmp(key, seed, STDMIN((unsigned int)BLOCK_CIPHER::BLOCKSIZE, (unsigned int)BLOCK_CIPHER::DEFAULT_KEYLENGTH)) == 0);
|
|
|
|
|
|
2005-01-20 04:19:35 +00:00
|
|
|
Reseed(key, BLOCK_CIPHER::DEFAULT_KEYLENGTH, seed, NULL);
|
2002-10-04 17:31:41 +00:00
|
|
|
}
|
|
|
|
|
|
2007-05-04 15:04:58 +00:00
|
|
|
CRYPTOPP_DLL_TEMPLATE_CLASS AutoSeededX917RNG<AES>;
|
2002-10-04 17:31:41 +00:00
|
|
|
|
2010-08-08 23:02:36 +00:00
|
|
|
//! this is AutoSeededX917RNG\<AES\> in FIPS mode, otherwise it's AutoSeededRandomPool
|
2007-05-04 15:04:58 +00:00
|
|
|
#if CRYPTOPP_ENABLE_COMPLIANCE_WITH_FIPS_140_2
|
|
|
|
|
typedef AutoSeededX917RNG<AES> DefaultAutoSeededRNG;
|
|
|
|
|
#else
|
|
|
|
|
typedef AutoSeededRandomPool DefaultAutoSeededRNG;
|
|
|
|
|
#endif
|
2005-09-05 21:43:43 +00:00
|
|
|
|
2002-10-04 17:31:41 +00:00
|
|
|
NAMESPACE_END
|
|
|
|
|
|
|
|
|
|
#endif
|
|
|
|
|
|
|
|
|
|
#endif
|
