softRandUtil.c revision 7c478bd95313f5f23a4c958a745db2134aa03244
/*
* CDDL HEADER START
*
* The contents of this file are subject to the terms of the
* Common Development and Distribution License, Version 1.0 only
* (the "License"). You may not use this file except in compliance
* with the License.
*
* You can obtain a copy of the license at usr/src/OPENSOLARIS.LICENSE
* or http://www.opensolaris.org/os/licensing.
* See the License for the specific language governing permissions
* and limitations under the License.
*
* When distributing Covered Code, include this CDDL HEADER in each
* file and include the License file at usr/src/OPENSOLARIS.LICENSE.
* If applicable, add the following below this CDDL HEADER, with the
* fields enclosed by brackets "[]" replaced with your own identifying
* information: Portions Copyright [yyyy] [name of copyright owner]
*
* CDDL HEADER END
*/
/*
* Copyright 2005 Sun Microsystems, Inc. All rights reserved.
* Use is subject to license terms.
*/
#pragma ident "%Z%%M% %I% %E% SMI"
#include <fcntl.h>
#include <pthread.h>
#include <stdlib.h>
#include <string.h>
#include <strings.h>
#include <unistd.h>
#include <errno.h>
#include <sys/stat.h>
#include <sys/types.h>
#include <security/cryptoki.h>
#include <bignum.h>
#include "softGlobal.h"
#include "softRandom.h"
#include "softCrypt.h"
CK_RV
soft_random_generator(CK_BYTE *ran_out, CK_ULONG ran_len, boolean_t token)
{
long nread;
/*
* When random-number generator is called by asymmetric token
* (persistent) key generation, use /dev/random. Otherwise,
* use /dev/urandom.
*/
if (token) {
if (soft_random_fd < 0) {
(void) pthread_mutex_lock(&soft_giant_mutex);
/* Check again holding the mutex */
if (soft_random_fd < 0) {
while ((soft_random_fd = open(DEV_RANDOM,
O_RDONLY)) < 0) {
if (errno != EINTR)
break;
}
if (soft_random_fd < 0) {
(void) pthread_mutex_unlock(
&soft_giant_mutex);
return (CKR_DEVICE_ERROR);
}
(void) fcntl(soft_random_fd, F_SETFD,
FD_CLOEXEC);
}
(void) pthread_mutex_unlock(&soft_giant_mutex);
}
} else {
if (soft_urandom_fd < 0) {
(void) pthread_mutex_lock(&soft_giant_mutex);
/* Check again holding the mutex */
if (soft_urandom_fd < 0) {
while ((soft_urandom_fd = open(DEV_URANDOM,
O_RDONLY)) < 0) {
if (errno != EINTR)
break;
}
if (soft_urandom_fd < 0) {
(void) pthread_mutex_unlock(
&soft_giant_mutex);
return (CKR_DEVICE_ERROR);
}
(void) fcntl(soft_random_fd, F_SETFD,
FD_CLOEXEC);
}
(void) pthread_mutex_unlock(&soft_giant_mutex);
}
}
if (token)
nread = looping_read(soft_random_fd, ran_out, ran_len);
else
nread = looping_read(soft_urandom_fd, ran_out, ran_len);
if (nread <= 0) {
return (CKR_DEVICE_ERROR);
}
return (CKR_OK);
}
/*
* This function guarantees to return non-zero random numbers.
*/
CK_RV
soft_nzero_random_generator(CK_BYTE *ran_out, CK_ULONG ran_len)
{
CK_RV rv = CKR_OK;
size_t ebc = 0; /* count of extra bytes in extrarand */
size_t i = 0;
char extrarand[32];
size_t extrarand_len;
/*
* soft_random_generator() may return zeros.
*/
if ((rv = soft_random_generator(ran_out, ran_len, B_FALSE)) != CKR_OK) {
return (rv);
}
/*
* Walk through the returned random numbers pointed by ran_out,
* and look for any random number which is zero.
* If we find zero, call soft_random_generator() to generate
* another 32 random numbers pool. Replace any zeros in ran_out[]
* from the random number in pool.
*/
while (i < ran_len) {
if (((char *)ran_out)[i] != 0) {
i++;
continue;
}
if (ebc == 0) {
/* refresh extrarand */
extrarand_len = sizeof (extrarand);
if ((rv = soft_random_generator((CK_BYTE *)extrarand,
extrarand_len, B_FALSE)) != CKR_OK) {
return (rv);
}
ebc = extrarand_len;
}
-- ebc;
/*
* The new random byte zero/non-zero will be checked in
* the next pass through the loop.
*/
((char *)ran_out)[i] = extrarand[ebc];
}
return (CKR_OK);
}
/*
* Generate random number in BIGNUM format.
*/
BIG_ERR_CODE
random_bignum(BIGNUM *r, int length, boolean_t token_obj)
{
size_t len1;
CK_RV rv = CKR_OK;
/* Convert length of bits to length of word to hold valid data. */
r->len = (length-1) / 32 + 1;
/* len1 is the byte count. */
len1 = r->len * sizeof (uint32_t);
/* Generate len1 bytes of data and store in memory pointed by value. */
rv = soft_random_generator((CK_BYTE *)(r->value), len1, token_obj);
if (rv != CKR_OK) {
return (convert_brv(rv));
}
/* Turn on the sign bit of big number which is the MSB in last word. */
r->value[r->len - 1] |= 0x80000000;
/*
* If the bit length is not on word boundary, shift the existing
* bits in last word to right adjusted.
*/
if ((length % 32) != 0)
r->value[r->len - 1] =
r->value[r->len - 1] >> (32 - (length % 32));
r->sign = 1;
return (BIG_OK);
}