rand_win.c@ 94955

Last change on this file since 94955 was 94320, checked in by vboxsync, 3 years ago
libs/openssl-3.0.1: Export to OSE and fix copyright headers in Makefiles, bugref:10128
File size: 5.5 KB

Line
1	/*
2	* Copyright 1995-2021 The OpenSSL Project Authors. All Rights Reserved.
3	*
4	* Licensed under the Apache License 2.0 (the "License"). You may not use
5	* this file except in compliance with the License. You can obtain a copy
6	* in the file LICENSE in the source distribution or at
7	* https://www.openssl.org/source/license.html
8	*/
9
10	#include "internal/cryptlib.h"
11	#include <openssl/rand.h>
12	#include "crypto/rand_pool.h"
13	#include "crypto/rand.h"
14	#include "prov/seeding.h"
15
16	#ifdef VBOX
17	# include <openssl/e_os2.h> /* For OPENSSL_SYS_WINDOWS */
18	#endif
19
20	#if defined(OPENSSL_SYS_WINDOWS) \|\| defined(OPENSSL_SYS_WIN32)
21
22	# ifndef OPENSSL_RAND_SEED_OS
23	# error "Unsupported seeding method configured; must be os"
24	# endif
25
26	# ifdef VBOX
27	# include <iprt/win/windows.h>
28	# else
29	# include <windows.h>
30	# endif
31	/* On Windows Vista or higher use BCrypt instead of the legacy CryptoAPI */
32	# if defined(_MSC_VER) && _MSC_VER > 1500 /* 1500 = Visual Studio 2008 */ \
33	&& defined(_WIN32_WINNT) && _WIN32_WINNT >= 0x0600 && !defined(VBOX) /* for now */
34	# define USE_BCRYPTGENRANDOM
35	# endif
36
37	# ifdef USE_BCRYPTGENRANDOM
38	# include <bcrypt.h>
39	# pragma comment(lib, "bcrypt.lib")
40	# ifndef STATUS_SUCCESS
41	# define STATUS_SUCCESS ((NTSTATUS)0x00000000L)
42	# endif
43	# else
44	# include <wincrypt.h>
45	/*
46	* Intel hardware RNG CSP -- available from
47	* http://developer.intel.com/design/security/rng/redist_license.htm
48	*/
49	# define PROV_INTEL_SEC 22
50	# define INTEL_DEF_PROV L"Intel Hardware Cryptographic Service Provider"
51	# endif
52
53	size_t ossl_pool_acquire_entropy(RAND_POOL *pool)
54	{
55	# ifndef USE_BCRYPTGENRANDOM
56	HCRYPTPROV hProvider;
57	# endif
58	unsigned char *buffer;
59	size_t bytes_needed;
60	size_t entropy_available = 0;
61
62
63	# ifdef OPENSSL_RAND_SEED_RDTSC
64	entropy_available = ossl_prov_acquire_entropy_from_tsc(pool);
65	if (entropy_available > 0)
66	return entropy_available;
67	# endif
68
69	# ifdef OPENSSL_RAND_SEED_RDCPU
70	entropy_available = ossl_prov_acquire_entropy_from_cpu(pool);
71	if (entropy_available > 0)
72	return entropy_available;
73	# endif
74
75	# ifdef USE_BCRYPTGENRANDOM
76	bytes_needed = ossl_rand_pool_bytes_needed(pool, 1 /entropy_factor/);
77	buffer = ossl_rand_pool_add_begin(pool, bytes_needed);
78	if (buffer != NULL) {
79	size_t bytes = 0;
80	if (BCryptGenRandom(NULL, buffer, bytes_needed,
81	BCRYPT_USE_SYSTEM_PREFERRED_RNG) == STATUS_SUCCESS)
82	bytes = bytes_needed;
83
84	ossl_rand_pool_add_end(pool, bytes, 8 * bytes);
85	entropy_available = ossl_rand_pool_entropy_available(pool);
86	}
87	if (entropy_available > 0)
88	return entropy_available;
89	# else
90	bytes_needed = ossl_rand_pool_bytes_needed(pool, 1 /entropy_factor/);
91	buffer = ossl_rand_pool_add_begin(pool, bytes_needed);
92	if (buffer != NULL) {
93	size_t bytes = 0;
94	/* poll the CryptoAPI PRNG */
95	if (CryptAcquireContextW(&hProvider, NULL, NULL, PROV_RSA_FULL,
96	CRYPT_VERIFYCONTEXT \| CRYPT_SILENT) != 0) {
97	if (CryptGenRandom(hProvider, bytes_needed, buffer) != 0)
98	bytes = bytes_needed;
99
100	CryptReleaseContext(hProvider, 0);
101	}
102
103	ossl_rand_pool_add_end(pool, bytes, 8 * bytes);
104	entropy_available = ossl_rand_pool_entropy_available(pool);
105	}
106	if (entropy_available > 0)
107	return entropy_available;
108
109	bytes_needed = ossl_rand_pool_bytes_needed(pool, 1 /entropy_factor/);
110	buffer = ossl_rand_pool_add_begin(pool, bytes_needed);
111	if (buffer != NULL) {
112	size_t bytes = 0;
113	/* poll the Pentium PRG with CryptoAPI */
114	if (CryptAcquireContextW(&hProvider, NULL,
115	INTEL_DEF_PROV, PROV_INTEL_SEC,
116	CRYPT_VERIFYCONTEXT \| CRYPT_SILENT) != 0) {
117	if (CryptGenRandom(hProvider, bytes_needed, buffer) != 0)
118	bytes = bytes_needed;
119
120	CryptReleaseContext(hProvider, 0);
121	}
122	ossl_rand_pool_add_end(pool, bytes, 8 * bytes);
123	entropy_available = ossl_rand_pool_entropy_available(pool);
124	}
125	if (entropy_available > 0)
126	return entropy_available;
127	# endif
128
129	return ossl_rand_pool_entropy_available(pool);
130	}
131
132
133	int ossl_pool_add_nonce_data(RAND_POOL *pool)
134	{
135	struct {
136	DWORD pid;
137	DWORD tid;
138	FILETIME time;
139	} data;
140
141	/* Erase the entire structure including any padding */
142	memset(&data, 0, sizeof(data));
143
144	/*
145	* Add process id, thread id, and a high resolution timestamp to
146	* ensure that the nonce is unique with high probability for
147	* different process instances.
148	*/
149	data.pid = GetCurrentProcessId();
150	data.tid = GetCurrentThreadId();
151	GetSystemTimeAsFileTime(&data.time);
152
153	return ossl_rand_pool_add(pool, (unsigned char *)&data, sizeof(data), 0);
154	}
155
156	int ossl_rand_pool_add_additional_data(RAND_POOL *pool)
157	{
158	struct {
159	DWORD tid;
160	LARGE_INTEGER time;
161	} data;
162
163	/* Erase the entire structure including any padding */
164	memset(&data, 0, sizeof(data));
165
166	/*
167	* Add some noise from the thread id and a high resolution timer.
168	* The thread id adds a little randomness if the drbg is accessed
169	* concurrently (which is the case for the <master> drbg).
170	*/
171	data.tid = GetCurrentThreadId();
172	QueryPerformanceCounter(&data.time);
173	return ossl_rand_pool_add(pool, (unsigned char *)&data, sizeof(data), 0);
174	}
175
176	int ossl_rand_pool_init(void)
177	{
178	return 1;
179	}
180
181	void ossl_rand_pool_cleanup(void)
182	{
183	}
184
185	void ossl_rand_pool_keep_random_devices_open(int keep)
186	{
187	}
188
189	#endif

Note: See TracBrowser for help on using the repository browser.

source: vbox/trunk/src/libs/openssl-3.0.2/providers/implementations/rands/seeding/rand_win.c@ 94955

Download in other formats: