Browse Source

Use vxRandLib for VxWorks7

Reviewed-by: Paul Dale <paul.dale@oracle.com>
Reviewed-by: Bernd Edlinger <bernd.edlinger@hotmail.de>
(Merged from https://github.com/openssl/openssl/pull/8023)
master
Klotz, Tobias 4 years ago
committed by Bernd Edlinger
parent
commit
61783db5b5
6 changed files with 183 additions and 33 deletions
  1. +3
    -3
      apps/rsautl.c
  2. +1
    -1
      crypto/mem_sec.c
  3. +1
    -2
      crypto/rand/build.info
  4. +6
    -26
      crypto/rand/rand_unix.c
  5. +171
    -0
      crypto/rand/rand_vxworks.c
  6. +1
    -1
      e_os.h

+ 3
- 3
apps/rsautl.c View File

@ -31,7 +31,7 @@ NON_EMPTY_TRANSLATION_UNIT
typedef enum OPTION_choice {
OPT_ERR = -1, OPT_EOF = 0, OPT_HELP,
OPT_ENGINE, OPT_IN, OPT_OUT, OPT_ASN1PARSE, OPT_HEXDUMP,
OPT_RAW, OPT_OAEP, OPT_SSL, OPT_PKCS, OPT_X931,
OPT_RSA_RAW, OPT_OAEP, OPT_SSL, OPT_PKCS, OPT_X931,
OPT_SIGN, OPT_VERIFY, OPT_REV, OPT_ENCRYPT, OPT_DECRYPT,
OPT_PUBIN, OPT_CERTIN, OPT_INKEY, OPT_PASSIN, OPT_KEYFORM,
OPT_R_ENUM
@ -46,7 +46,7 @@ const OPTIONS rsautl_options[] = {
{"pubin", OPT_PUBIN, '-', "Input is an RSA public"},
{"certin", OPT_CERTIN, '-', "Input is a cert carrying an RSA public key"},
{"ssl", OPT_SSL, '-', "Use SSL v2 padding"},
{"raw", OPT_RAW, '-', "Use no padding"},
{"raw", OPT_RSA_RAW, '-', "Use no padding"},
{"pkcs", OPT_PKCS, '-', "Use PKCS#1 v1.5 padding (default)"},
{"oaep", OPT_OAEP, '-', "Use PKCS#1 OAEP"},
{"sign", OPT_SIGN, '-', "Sign with private key"},
@ -112,7 +112,7 @@ int rsautl_main(int argc, char **argv)
case OPT_HEXDUMP:
hexdump = 1;
break;
case OPT_RAW:
case OPT_RSA_RAW:
pad = RSA_NO_PADDING;
break;
case OPT_OAEP:


+ 1
- 1
crypto/mem_sec.c View File

@ -33,8 +33,8 @@
# include <linux/mman.h>
# include <errno.h>
# endif
# include <sys/param.h>
# endif
# include <sys/param.h>
# include <sys/stat.h>
# include <fcntl.h>
#endif


+ 1
- 2
crypto/rand/build.info View File

@ -1,6 +1,5 @@
LIBS=../../libcrypto
SOURCE[../../libcrypto]=\
randfile.c rand_lib.c rand_err.c rand_crng_test.c rand_egd.c \
rand_win.c rand_unix.c rand_vms.c drbg_lib.c drbg_ctr.c \
rand_win.c rand_unix.c rand_vms.c drbg_lib.c drbg_ctr.c rand_vxworks.c \
drbg_hash.c drbg_hmac.c

+ 6
- 26
crypto/rand/rand_unix.c View File

@ -30,7 +30,8 @@
# include <sys/param.h>
#endif
#if defined(OPENSSL_SYS_UNIX) || defined(__DJGPP__)
#if (defined(OPENSSL_SYS_UNIX) && !defined(OPENSSL_SYS_VXWORKS)) \
|| defined(__DJGPP__)
# include <sys/types.h>
# include <sys/stat.h>
# include <fcntl.h>
@ -88,30 +89,8 @@ static uint64_t get_timer_bits(void);
# undef OPENSSL_RAND_SEED_EGD
#endif
#if (defined(OPENSSL_SYS_VXWORKS) || defined(OPENSSL_SYS_UEFI)) && \
!defined(OPENSSL_RAND_SEED_NONE)
# error "UEFI and VXWorks only support seeding NONE"
#endif
#if defined(OPENSSL_SYS_VXWORKS)
/* empty implementation */
int rand_pool_init(void)
{
return 1;
}
void rand_pool_cleanup(void)
{
}
void rand_pool_keep_random_devices_open(int keep)
{
}
size_t rand_pool_acquire_entropy(RAND_POOL *pool)
{
return rand_pool_entropy_available(pool);
}
#if defined(OPENSSL_SYS_UEFI) && !defined(OPENSSL_RAND_SEED_NONE)
# error "UEFI only supports seeding NONE"
#endif
#if !(defined(OPENSSL_SYS_WINDOWS) || defined(OPENSSL_SYS_WIN32) \
@ -608,7 +587,8 @@ size_t rand_pool_acquire_entropy(RAND_POOL *pool)
# endif
#endif
#if defined(OPENSSL_SYS_UNIX) || defined(__DJGPP__)
#if (defined(OPENSSL_SYS_UNIX) && !defined(OPENSSL_SYS_VXWORKS)) \
|| defined(__DJGPP__)
int rand_pool_add_nonce_data(RAND_POOL *pool)
{
struct {


+ 171
- 0
crypto/rand/rand_vxworks.c View File

@ -0,0 +1,171 @@
/*
* Copyright 2019 The OpenSSL Project Authors. All Rights Reserved.
*
* Licensed under the OpenSSL license (the "License"). You may not use
* this file except in compliance with the License. You can obtain a copy
* in the file LICENSE in the source distribution or at
* https://www.openssl.org/source/license.html
*/
#include <openssl/opensslconf.h>
#ifndef OPENSSL_SYS_VXWORKS
NON_EMPTY_TRANSLATION_UNIT
#else
# include <openssl/rand.h>
# include "rand_lcl.h"
# include "internal/rand_int.h"
# include "internal/cryptlib.h"
# include <version.h>
# include <taskLib.h>
# if defined(OPENSSL_RAND_SEED_NONE)
/* none means none */
# undef OPENSSL_RAND_SEED_OS
# endif
# if defined(OPENSSL_RAND_SEED_OS)
# if _WRS_VXWORKS_MAJOR >= 7
# define RAND_SEED_VXRANDLIB
# else
# error "VxWorks <7 only support RAND_SEED_NONE"
# endif
# endif
# if defined(RAND_SEED_VXRANDLIB)
# include <randomNumGen.h>
# endif
/* Macro to convert two thirty two bit values into a sixty four bit one */
# define TWO32TO64(a, b) ((((uint64_t)(a)) << 32) + (b))
static uint64_t get_time_stamp(void)
{
struct timespec ts;
if (clock_gettime(CLOCK_REALTIME, &ts) == 0)
return TWO32TO64(ts.tv_sec, ts.tv_nsec);
return time(NULL);
}
static uint64_t get_timer_bits(void)
{
uint64_t res = OPENSSL_rdtsc();
struct timespec ts;
if (res != 0)
return res;
if (clock_gettime(CLOCK_MONOTONIC, &ts) == 0)
return TWO32TO64(ts.tv_sec, ts.tv_nsec);
return time(NULL);
}
/*
* empty implementation
* vxworks does not need to init/cleanup or keep open the random lib
*/
int rand_pool_init(void)
{
return 1;
}
void rand_pool_cleanup(void)
{
}
void rand_pool_keep_random_devices_open(int keep)
{
}
int rand_pool_add_additional_data(RAND_POOL *pool)
{
struct {
CRYPTO_THREAD_ID tid;
uint64_t time;
} data;
memset(&data, 0, sizeof(data));
/*
* Add some noise from the thread id and a high resolution timer.
* The thread id adds a little randomness if the drbg is accessed
* concurrently (which is the case for the <master> drbg).
*/
data.tid = CRYPTO_THREAD_get_current_id();
data.time = get_timer_bits();
return rand_pool_add(pool, (unsigned char *)&data, sizeof(data), 0);
}
int rand_pool_add_nonce_data(RAND_POOL *pool)
{
struct {
pid_t pid;
CRYPTO_THREAD_ID tid;
uint64_t time;
} data;
memset(&data, 0, sizeof(data));
/*
* Add process id, thread id, and a high resolution timestamp to
* ensure that the nonce is unique with high probability for
* different process instances.
*/
data.pid = getpid();
data.tid = CRYPTO_THREAD_get_current_id();
data.time = get_time_stamp();
return rand_pool_add(pool, (unsigned char *)&data, sizeof(data), 0);
}
size_t rand_pool_acquire_entropy(RAND_POOL *pool)
{
# if defined(RAND_SEED_VXRANDLIB)
/* vxRandLib based entropy method */
size_t bytes_needed;
bytes_needed = rand_pool_bytes_needed(pool, 1 /*entropy_factor*/);
if (bytes_needed > 0)
{
int retryCount = 0;
STATUS result = ERROR;
unsigned char *buffer;
buffer = rand_pool_add_begin(pool, bytes_needed);
while ((result != OK) && (retryCount < 10)) {
RANDOM_NUM_GEN_STATUS status = randStatus();
if ((status == RANDOM_NUM_GEN_ENOUGH_ENTROPY)
|| (status == RANDOM_NUM_GEN_MAX_ENTROPY) ) {
result = randBytes(buffer, bytes_needed);
if (result == OK)
rand_pool_add_end(pool, bytes_needed, 8 * bytes_needed);
/*
* no else here: randStatus said ok, if randBytes failed
* it will result in another loop or no entropy
*/
} else {
/*
* give a minimum delay here to allow OS to collect more
* entropy. taskDelay duration will depend on the system tick,
* this is by design as the sw-random lib uses interrupts
* which will at least happen during ticks
*/
taskDelay(5);
}
retryCount++;
}
}
return rand_pool_entropy_available(pool);
# else
/*
* SEED_NONE means none, without randlib we dont have entropy and
* rely on it being added externally
*/
return rand_pool_entropy_available(pool);
# endif /* defined(RAND_SEED_VXRANDLIB) */
}
#endif /* OPENSSL_SYS_VXWORKS */

+ 1
- 1
e_os.h View File

@ -210,7 +210,7 @@ extern FILE *_imp___iob;
# else /* The non-microsoft world */
# if defined(OPENSSL_SYS_VXWORKS)
# include <sys/times.h>
# include <time.h>
# else
# include <sys/time.h>
# endif


Loading…
Cancel
Save