kris
/
boringssl
1
0
포크 0
코드 이슈 0 풀 리퀘스트 0 릴리즈 0 위키 활동
25개 이상의 토픽을 선택하실 수 없습니다. Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
4548 커밋
12 브랜치
38 MiB
트리: 3969fdf860
브랜치 태그
${ item.name }
${ searchTerm } 브랜치 생성
from '3969fdf860'
${ noResults }
boringssl/crypto/fipsmodule/rand/internal.h

internal.h 3.6 KiB
Raw Normal View 히스토리

rand: new-style locking and support rdrand. Pure /dev/urandom, no buffering (previous behaviour): Did 2320000 RNG (16 bytes) operations in 3000082us (773312.2 ops/sec): 12.4 MB/s Did 209000 RNG (256 bytes) operations in 3011984us (69389.5 ops/sec): 17.8 MB/s Did 6851 RNG (8192 bytes) operations in 3052027us (2244.7 ops/sec): 18.4 MB/s Pure rdrand speed: Did 34930500 RNG (16 bytes) operations in 3000021us (11643418.5 ops/sec): 186.3 MB/s Did 2444000 RNG (256 bytes) operations in 3000164us (814622.1 ops/sec): 208.5 MB/s Did 80000 RNG (8192 bytes) operations in 3020968us (26481.6 ops/sec): 216.9 MB/s rdrand + ChaCha (as in this change): Did 19498000 RNG (16 bytes) operations in 3000086us (6499147.0 ops/sec): 104.0 MB/s Did 1964000 RNG (256 bytes) operations in 3000566us (654543.2 ops/sec): 167.6 MB/s Did 62000 RNG (8192 bytes) operations in 3034090us (20434.5 ops/sec): 167.4 MB/s Change-Id: Ie17045650cfe75858e4498ac28dbc4dcf8338376 Reviewed-on: https://boringssl-review.googlesource.com/4328 Reviewed-by: Adam Langley <agl@google.com>
9 년 전
Add CTR-DRBG. This isn't actually used yet, but implements CTR-DRBG from SP 800-90Ar1. Specifically, it always uses AES-256 and no derivation function. Change-Id: Ie82b829590226addd7c165eac410a5d584858bfd Reviewed-on: https://boringssl-review.googlesource.com/14891 Reviewed-by: Adam Langley <agl@google.com>
7 년 전
Move much of rand/ into the FIPS module. Support for platforms that we don't support FIPS on doesn't need to be in the module. Also, functions for dealing with whether fork-unsafe buffering is enabled are left out because they aren't implementing any cryptography and they use global r/w state, making their inclusion painful. Change-Id: I71a0123db6f5449e9dfc7ec7dea0944428e661aa Reviewed-on: https://boringssl-review.googlesource.com/15084 Reviewed-by: Adam Langley <agl@google.com>
7 년 전
Add CTR-DRBG. This isn't actually used yet, but implements CTR-DRBG from SP 800-90Ar1. Specifically, it always uses AES-256 and no derivation function. Change-Id: Ie82b829590226addd7c165eac410a5d584858bfd Reviewed-on: https://boringssl-review.googlesource.com/14891 Reviewed-by: Adam Langley <agl@google.com>
7 년 전
rand: new-style locking and support rdrand. Pure /dev/urandom, no buffering (previous behaviour): Did 2320000 RNG (16 bytes) operations in 3000082us (773312.2 ops/sec): 12.4 MB/s Did 209000 RNG (256 bytes) operations in 3011984us (69389.5 ops/sec): 17.8 MB/s Did 6851 RNG (8192 bytes) operations in 3052027us (2244.7 ops/sec): 18.4 MB/s Pure rdrand speed: Did 34930500 RNG (16 bytes) operations in 3000021us (11643418.5 ops/sec): 186.3 MB/s Did 2444000 RNG (256 bytes) operations in 3000164us (814622.1 ops/sec): 208.5 MB/s Did 80000 RNG (8192 bytes) operations in 3020968us (26481.6 ops/sec): 216.9 MB/s rdrand + ChaCha (as in this change): Did 19498000 RNG (16 bytes) operations in 3000086us (6499147.0 ops/sec): 104.0 MB/s Did 1964000 RNG (256 bytes) operations in 3000566us (654543.2 ops/sec): 167.6 MB/s Did 62000 RNG (8192 bytes) operations in 3034090us (20434.5 ops/sec): 167.4 MB/s Change-Id: Ie17045650cfe75858e4498ac28dbc4dcf8338376 Reviewed-on: https://boringssl-review.googlesource.com/4328 Reviewed-by: Adam Langley <agl@google.com>
9 년 전
Run the comment converter on libcrypto. crypto/{asn1,x509,x509v3,pem} were skipped as they are still OpenSSL style. Change-Id: I3cd9a60e1cb483a981aca325041f3fbce294247c Reviewed-on: https://boringssl-review.googlesource.com/19504 Reviewed-by: Adam Langley <agl@google.com> Commit-Queue: David Benjamin <davidben@google.com> CQ-Verified: CQ bot account: commit-bot@chromium.org <commit-bot@chromium.org>
7 년 전
Switch to CTR-DRBG Change-Id: If7c1033e0af35ad0dda17ea3b3a710b2d2aaa599 Reviewed-on: https://boringssl-review.googlesource.com/14892 Reviewed-by: Adam Langley <agl@google.com>
7 년 전
Run the comment converter on libcrypto. crypto/{asn1,x509,x509v3,pem} were skipped as they are still OpenSSL style. Change-Id: I3cd9a60e1cb483a981aca325041f3fbce294247c Reviewed-on: https://boringssl-review.googlesource.com/19504 Reviewed-by: Adam Langley <agl@google.com> Commit-Queue: David Benjamin <davidben@google.com> CQ-Verified: CQ bot account: commit-bot@chromium.org <commit-bot@chromium.org>
7 년 전
rand: new-style locking and support rdrand. Pure /dev/urandom, no buffering (previous behaviour): Did 2320000 RNG (16 bytes) operations in 3000082us (773312.2 ops/sec): 12.4 MB/s Did 209000 RNG (256 bytes) operations in 3011984us (69389.5 ops/sec): 17.8 MB/s Did 6851 RNG (8192 bytes) operations in 3052027us (2244.7 ops/sec): 18.4 MB/s Pure rdrand speed: Did 34930500 RNG (16 bytes) operations in 3000021us (11643418.5 ops/sec): 186.3 MB/s Did 2444000 RNG (256 bytes) operations in 3000164us (814622.1 ops/sec): 208.5 MB/s Did 80000 RNG (8192 bytes) operations in 3020968us (26481.6 ops/sec): 216.9 MB/s rdrand + ChaCha (as in this change): Did 19498000 RNG (16 bytes) operations in 3000086us (6499147.0 ops/sec): 104.0 MB/s Did 1964000 RNG (256 bytes) operations in 3000566us (654543.2 ops/sec): 167.6 MB/s Did 62000 RNG (8192 bytes) operations in 3034090us (20434.5 ops/sec): 167.4 MB/s Change-Id: Ie17045650cfe75858e4498ac28dbc4dcf8338376 Reviewed-on: https://boringssl-review.googlesource.com/4328 Reviewed-by: Adam Langley <agl@google.com>
9 년 전
Run the comment converter on libcrypto. crypto/{asn1,x509,x509v3,pem} were skipped as they are still OpenSSL style. Change-Id: I3cd9a60e1cb483a981aca325041f3fbce294247c Reviewed-on: https://boringssl-review.googlesource.com/19504 Reviewed-by: Adam Langley <agl@google.com> Commit-Queue: David Benjamin <davidben@google.com> CQ-Verified: CQ bot account: commit-bot@chromium.org <commit-bot@chromium.org>
7 년 전
Make fork-unsafe buffering act via CTR-DRBG. Fork-unsafe buffering was a mode that could be enabled by applications that were sure that they didn't need to worry about state duplication. It saved reads to urandom. Since everything is now going through the CTR-DRBG, we can get the same effect by simply not reading additional data from urandom in this case. This change drops the buffering from urandom.c and, instead, implements fork-unsafe buffering as a mode that skips reading additional data from urandom, which only happened when RDRAND wasn't available anyway. Since we expect the power-on self-tests to call into the PRNG, this change also makes the flag capable of changing at any point by using a mutex rather than a once. This is split into a separate file so that it doesn't have to go into the FIPS module—since it uses r/w data that would be a pain. Change-Id: I5fd0ead0422e770e35758f080bb1cffa70d0c8da Reviewed-on: https://boringssl-review.googlesource.com/14924 Reviewed-by: Adam Langley <agl@google.com>
7 년 전
Run the comment converter on libcrypto. crypto/{asn1,x509,x509v3,pem} were skipped as they are still OpenSSL style. Change-Id: I3cd9a60e1cb483a981aca325041f3fbce294247c Reviewed-on: https://boringssl-review.googlesource.com/19504 Reviewed-by: Adam Langley <agl@google.com> Commit-Queue: David Benjamin <davidben@google.com> CQ-Verified: CQ bot account: commit-bot@chromium.org <commit-bot@chromium.org>
7 년 전
Add CTR-DRBG. This isn't actually used yet, but implements CTR-DRBG from SP 800-90Ar1. Specifically, it always uses AES-256 and no derivation function. Change-Id: Ie82b829590226addd7c165eac410a5d584858bfd Reviewed-on: https://boringssl-review.googlesource.com/14891 Reviewed-by: Adam Langley <agl@google.com>
7 년 전
Run the comment converter on libcrypto. crypto/{asn1,x509,x509v3,pem} were skipped as they are still OpenSSL style. Change-Id: I3cd9a60e1cb483a981aca325041f3fbce294247c Reviewed-on: https://boringssl-review.googlesource.com/19504 Reviewed-by: Adam Langley <agl@google.com> Commit-Queue: David Benjamin <davidben@google.com> CQ-Verified: CQ bot account: commit-bot@chromium.org <commit-bot@chromium.org>
7 년 전
Add CTR-DRBG. This isn't actually used yet, but implements CTR-DRBG from SP 800-90Ar1. Specifically, it always uses AES-256 and no derivation function. Change-Id: Ie82b829590226addd7c165eac410a5d584858bfd Reviewed-on: https://boringssl-review.googlesource.com/14891 Reviewed-by: Adam Langley <agl@google.com>
7 년 전
Run the comment converter on libcrypto. crypto/{asn1,x509,x509v3,pem} were skipped as they are still OpenSSL style. Change-Id: I3cd9a60e1cb483a981aca325041f3fbce294247c Reviewed-on: https://boringssl-review.googlesource.com/19504 Reviewed-by: Adam Langley <agl@google.com> Commit-Queue: David Benjamin <davidben@google.com> CQ-Verified: CQ bot account: commit-bot@chromium.org <commit-bot@chromium.org>
7 년 전
Add CTR-DRBG. This isn't actually used yet, but implements CTR-DRBG from SP 800-90Ar1. Specifically, it always uses AES-256 and no derivation function. Change-Id: Ie82b829590226addd7c165eac410a5d584858bfd Reviewed-on: https://boringssl-review.googlesource.com/14891 Reviewed-by: Adam Langley <agl@google.com>
7 년 전
Run the comment converter on libcrypto. crypto/{asn1,x509,x509v3,pem} were skipped as they are still OpenSSL style. Change-Id: I3cd9a60e1cb483a981aca325041f3fbce294247c Reviewed-on: https://boringssl-review.googlesource.com/19504 Reviewed-by: Adam Langley <agl@google.com> Commit-Queue: David Benjamin <davidben@google.com> CQ-Verified: CQ bot account: commit-bot@chromium.org <commit-bot@chromium.org>
7 년 전
Add CTR-DRBG. This isn't actually used yet, but implements CTR-DRBG from SP 800-90Ar1. Specifically, it always uses AES-256 and no derivation function. Change-Id: Ie82b829590226addd7c165eac410a5d584858bfd Reviewed-on: https://boringssl-review.googlesource.com/14891 Reviewed-by: Adam Langley <agl@google.com>
7 년 전
Run the comment converter on libcrypto. crypto/{asn1,x509,x509v3,pem} were skipped as they are still OpenSSL style. Change-Id: I3cd9a60e1cb483a981aca325041f3fbce294247c Reviewed-on: https://boringssl-review.googlesource.com/19504 Reviewed-by: Adam Langley <agl@google.com> Commit-Queue: David Benjamin <davidben@google.com> CQ-Verified: CQ bot account: commit-bot@chromium.org <commit-bot@chromium.org>
7 년 전
Add CTR-DRBG. This isn't actually used yet, but implements CTR-DRBG from SP 800-90Ar1. Specifically, it always uses AES-256 and no derivation function. Change-Id: Ie82b829590226addd7c165eac410a5d584858bfd Reviewed-on: https://boringssl-review.googlesource.com/14891 Reviewed-by: Adam Langley <agl@google.com>
7 년 전
Run the comment converter on libcrypto. crypto/{asn1,x509,x509v3,pem} were skipped as they are still OpenSSL style. Change-Id: I3cd9a60e1cb483a981aca325041f3fbce294247c Reviewed-on: https://boringssl-review.googlesource.com/19504 Reviewed-by: Adam Langley <agl@google.com> Commit-Queue: David Benjamin <davidben@google.com> CQ-Verified: CQ bot account: commit-bot@chromium.org <commit-bot@chromium.org>
7 년 전
Add CTR-DRBG. This isn't actually used yet, but implements CTR-DRBG from SP 800-90Ar1. Specifically, it always uses AES-256 and no derivation function. Change-Id: Ie82b829590226addd7c165eac410a5d584858bfd Reviewed-on: https://boringssl-review.googlesource.com/14891 Reviewed-by: Adam Langley <agl@google.com>
7 년 전
rand: new-style locking and support rdrand. Pure /dev/urandom, no buffering (previous behaviour): Did 2320000 RNG (16 bytes) operations in 3000082us (773312.2 ops/sec): 12.4 MB/s Did 209000 RNG (256 bytes) operations in 3011984us (69389.5 ops/sec): 17.8 MB/s Did 6851 RNG (8192 bytes) operations in 3052027us (2244.7 ops/sec): 18.4 MB/s Pure rdrand speed: Did 34930500 RNG (16 bytes) operations in 3000021us (11643418.5 ops/sec): 186.3 MB/s Did 2444000 RNG (256 bytes) operations in 3000164us (814622.1 ops/sec): 208.5 MB/s Did 80000 RNG (8192 bytes) operations in 3020968us (26481.6 ops/sec): 216.9 MB/s rdrand + ChaCha (as in this change): Did 19498000 RNG (16 bytes) operations in 3000086us (6499147.0 ops/sec): 104.0 MB/s Did 1964000 RNG (256 bytes) operations in 3000566us (654543.2 ops/sec): 167.6 MB/s Did 62000 RNG (8192 bytes) operations in 3034090us (20434.5 ops/sec): 167.4 MB/s Change-Id: Ie17045650cfe75858e4498ac28dbc4dcf8338376 Reviewed-on: https://boringssl-review.googlesource.com/4328 Reviewed-by: Adam Langley <agl@google.com>
9 년 전
Run the comment converter on libcrypto. crypto/{asn1,x509,x509v3,pem} were skipped as they are still OpenSSL style. Change-Id: I3cd9a60e1cb483a981aca325041f3fbce294247c Reviewed-on: https://boringssl-review.googlesource.com/19504 Reviewed-by: Adam Langley <agl@google.com> Commit-Queue: David Benjamin <davidben@google.com> CQ-Verified: CQ bot account: commit-bot@chromium.org <commit-bot@chromium.org>
7 년 전
rand: new-style locking and support rdrand. Pure /dev/urandom, no buffering (previous behaviour): Did 2320000 RNG (16 bytes) operations in 3000082us (773312.2 ops/sec): 12.4 MB/s Did 209000 RNG (256 bytes) operations in 3011984us (69389.5 ops/sec): 17.8 MB/s Did 6851 RNG (8192 bytes) operations in 3052027us (2244.7 ops/sec): 18.4 MB/s Pure rdrand speed: Did 34930500 RNG (16 bytes) operations in 3000021us (11643418.5 ops/sec): 186.3 MB/s Did 2444000 RNG (256 bytes) operations in 3000164us (814622.1 ops/sec): 208.5 MB/s Did 80000 RNG (8192 bytes) operations in 3020968us (26481.6 ops/sec): 216.9 MB/s rdrand + ChaCha (as in this change): Did 19498000 RNG (16 bytes) operations in 3000086us (6499147.0 ops/sec): 104.0 MB/s Did 1964000 RNG (256 bytes) operations in 3000566us (654543.2 ops/sec): 167.6 MB/s Did 62000 RNG (8192 bytes) operations in 3034090us (20434.5 ops/sec): 167.4 MB/s Change-Id: Ie17045650cfe75858e4498ac28dbc4dcf8338376 Reviewed-on: https://boringssl-review.googlesource.com/4328 Reviewed-by: Adam Langley <agl@google.com>
9 년 전
Run the comment converter on libcrypto. crypto/{asn1,x509,x509v3,pem} were skipped as they are still OpenSSL style. Change-Id: I3cd9a60e1cb483a981aca325041f3fbce294247c Reviewed-on: https://boringssl-review.googlesource.com/19504 Reviewed-by: Adam Langley <agl@google.com> Commit-Queue: David Benjamin <davidben@google.com> CQ-Verified: CQ bot account: commit-bot@chromium.org <commit-bot@chromium.org>
7 년 전
 1234567891011121314151617181920212223242526272829303132333435363738394041424344454647484950515253545556575859606162636465666768697071727374757677787980818283848586878889909192 
  1. /* Copyright (c) 2015, Google Inc.

  2.  *

  3.  * Permission to use, copy, modify, and/or distribute this software for any

  4.  * purpose with or without fee is hereby granted, provided that the above

  5.  * copyright notice and this permission notice appear in all copies.

  6.  *

  7.  * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES

  8.  * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF

  9.  * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY

  10.  * SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES

  11.  * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN ACTION

  12.  * OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN

  13.  * CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. */

  14. 

  15. #ifndef OPENSSL_HEADER_CRYPTO_RAND_INTERNAL_H

  16. #define OPENSSL_HEADER_CRYPTO_RAND_INTERNAL_H

  17. 

  18. #include <openssl/aes.h>

  19. 

  20. #include "../../internal.h"

  21. #include "../modes/internal.h"

  22. 

  23. #if defined(__cplusplus)

  24. extern "C" {

  25. #endif

  26. 

  27. 

  28. // RAND_bytes_with_additional_data samples from the RNG after mixing 32 bytes

  29. // from |user_additional_data| in.

  30. void RAND_bytes_with_additional_data(uint8_t *out, size_t out_len,

  31.                                      const uint8_t user_additional_data[32]);

  32. 

  33. // CRYPTO_sysrand fills |len| bytes at |buf| with entropy from the operating

  34. // system.

  35. void CRYPTO_sysrand(uint8_t *buf, size_t len);

  36. 

  37. // rand_fork_unsafe_buffering_enabled returns whether fork-unsafe buffering has

  38. // been enabled via |RAND_enable_fork_unsafe_buffering|.

  39. int rand_fork_unsafe_buffering_enabled(void);

  40. 

  41. // CTR_DRBG_STATE contains the state of a CTR_DRBG based on AES-256. See SP

  42. // 800-90Ar1.

  43. typedef struct {

  44.   alignas(16) AES_KEY ks;

  45.   block128_f block;

  46.   ctr128_f ctr;

  47.   union {

  48.     uint8_t bytes[16];

  49.     uint32_t words[4];

  50.   } counter;

  51.   uint64_t reseed_counter;

  52. } CTR_DRBG_STATE;

  53. 

  54. // See SP 800-90Ar1, table 3.

  55. #define CTR_DRBG_ENTROPY_LEN 48

  56. #define CTR_DRBG_MAX_GENERATE_LENGTH 65536

  57. 

  58. // CTR_DRBG_init initialises |*drbg| given |CTR_DRBG_ENTROPY_LEN| bytes of

  59. // entropy in |entropy| and, optionally, a personalization string up to

  60. // |CTR_DRBG_ENTROPY_LEN| bytes in length. It returns one on success and zero

  61. // on error.

  62. OPENSSL_EXPORT int CTR_DRBG_init(CTR_DRBG_STATE *drbg,

  63.                                  const uint8_t entropy[CTR_DRBG_ENTROPY_LEN],

  64.                                  const uint8_t *personalization,

  65.                                  size_t personalization_len);

  66. 

  67. // CTR_DRBG_reseed reseeds |drbg| given |CTR_DRBG_ENTROPY_LEN| bytes of entropy

  68. // in |entropy| and, optionally, up to |CTR_DRBG_ENTROPY_LEN| bytes of

  69. // additional data. It returns one on success or zero on error.

  70. OPENSSL_EXPORT int CTR_DRBG_reseed(CTR_DRBG_STATE *drbg,

  71.                                    const uint8_t entropy[CTR_DRBG_ENTROPY_LEN],

  72.                                    const uint8_t *additional_data,

  73.                                    size_t additional_data_len);

  74. 

  75. // CTR_DRBG_generate processes to up |CTR_DRBG_ENTROPY_LEN| bytes of additional

  76. // data (if any) and then writes |out_len| random bytes to |out|, where

  77. // |out_len| <= |CTR_DRBG_MAX_GENERATE_LENGTH|. It returns one on success or

  78. // zero on error.

  79. OPENSSL_EXPORT int CTR_DRBG_generate(CTR_DRBG_STATE *drbg, uint8_t *out,

  80.                                      size_t out_len,

  81.                                      const uint8_t *additional_data,

  82.                                      size_t additional_data_len);

  83. 

  84. // CTR_DRBG_clear zeroises the state of |drbg|.

  85. OPENSSL_EXPORT void CTR_DRBG_clear(CTR_DRBG_STATE *drbg);

  86. 

  87. 

  88. #if defined(__cplusplus)

  89. }  // extern C

  90. #endif

  91. 

  92. #endif  // OPENSSL_HEADER_CRYPTO_RAND_INTERNAL_H