2018-04-06 23:23:29 +02:00
|
|
|
/* Copyright (c) 2001, Matej Pfajfar.
|
|
|
|
* Copyright (c) 2001-2004, Roger Dingledine.
|
|
|
|
* Copyright (c) 2004-2006, Roger Dingledine, Nick Mathewson.
|
2019-01-16 18:33:22 +01:00
|
|
|
* Copyright (c) 2007-2019, The Tor Project, Inc. */
|
2018-04-06 23:23:29 +02:00
|
|
|
/* See LICENSE for licensing information */
|
|
|
|
|
|
|
|
/**
|
|
|
|
* \file crypto_rand.h
|
|
|
|
*
|
2018-05-30 16:57:22 +02:00
|
|
|
* \brief Common functions for using (pseudo-)random number generators.
|
2018-04-06 23:23:29 +02:00
|
|
|
**/
|
|
|
|
|
|
|
|
#ifndef TOR_CRYPTO_RAND_H
|
|
|
|
#define TOR_CRYPTO_RAND_H
|
|
|
|
|
2018-06-28 19:57:23 +02:00
|
|
|
#include "lib/cc/compat_compiler.h"
|
2018-06-21 18:20:52 +02:00
|
|
|
#include "lib/cc/torint.h"
|
2018-06-28 19:57:23 +02:00
|
|
|
#include "lib/testsupport/testsupport.h"
|
2019-02-05 18:49:04 +01:00
|
|
|
#include "lib/malloc/malloc.h"
|
2018-04-06 23:23:29 +02:00
|
|
|
|
|
|
|
/* random numbers */
|
|
|
|
int crypto_seed_rng(void) ATTR_WUR;
|
|
|
|
MOCK_DECL(void,crypto_rand,(char *to, size_t n));
|
|
|
|
void crypto_rand_unmocked(char *to, size_t n);
|
2018-09-18 18:40:18 +02:00
|
|
|
void crypto_strongest_rand(uint8_t *out, size_t out_len);
|
|
|
|
MOCK_DECL(void,crypto_strongest_rand_,(uint8_t *out, size_t out_len));
|
2018-04-06 23:23:29 +02:00
|
|
|
int crypto_rand_int(unsigned int max);
|
2019-02-05 18:49:04 +01:00
|
|
|
unsigned crypto_rand_uint(unsigned limit);
|
2018-04-06 23:23:29 +02:00
|
|
|
int crypto_rand_int_range(unsigned int min, unsigned int max);
|
|
|
|
uint64_t crypto_rand_uint64_range(uint64_t min, uint64_t max);
|
|
|
|
time_t crypto_rand_time_range(time_t min, time_t max);
|
2019-01-10 11:54:55 +01:00
|
|
|
uint32_t crypto_rand_u32(void);
|
2018-04-06 23:23:29 +02:00
|
|
|
uint64_t crypto_rand_uint64(uint64_t max);
|
|
|
|
double crypto_rand_double(void);
|
|
|
|
struct tor_weak_rng_t;
|
|
|
|
void crypto_seed_weak_rng(struct tor_weak_rng_t *rng);
|
|
|
|
|
|
|
|
char *crypto_random_hostname(int min_rand_len, int max_rand_len,
|
|
|
|
const char *prefix, const char *suffix);
|
|
|
|
|
|
|
|
struct smartlist_t;
|
|
|
|
void *smartlist_choose(const struct smartlist_t *sl);
|
|
|
|
void smartlist_shuffle(struct smartlist_t *sl);
|
|
|
|
int crypto_force_rand_ssleay(void);
|
|
|
|
|
2019-02-05 18:49:04 +01:00
|
|
|
/**
|
|
|
|
* A fast PRNG, for use when the PRNG provided by our crypto library isn't
|
|
|
|
* fast enough. This one _should_ be cryptographically strong, but
|
|
|
|
* has seen less auditing than the PRNGs in OpenSSL and NSS. Use with
|
|
|
|
* caution.
|
|
|
|
*
|
|
|
|
* Note that this object is NOT thread-safe. If you need a thread-safe
|
|
|
|
* prng, use crypto_rand(), or wrap this in a mutex.
|
|
|
|
**/
|
|
|
|
typedef struct crypto_fast_rng_t crypto_fast_rng_t;
|
|
|
|
/**
|
|
|
|
* Number of bytes used to seed a crypto_rand_fast_t.
|
|
|
|
**/
|
|
|
|
crypto_fast_rng_t *crypto_fast_rng_new(void);
|
|
|
|
#define CRYPTO_FAST_RNG_SEED_LEN 48
|
|
|
|
crypto_fast_rng_t *crypto_fast_rng_new_from_seed(const uint8_t *seed);
|
|
|
|
void crypto_fast_rng_getbytes(crypto_fast_rng_t *rng, uint8_t *out, size_t n);
|
|
|
|
void crypto_fast_rng_free_(crypto_fast_rng_t *);
|
|
|
|
#define crypto_fast_rng_free(c) \
|
|
|
|
FREE_AND_NULL(crypto_fast_rng_t, crypto_fast_rng_free_, (c))
|
|
|
|
|
|
|
|
unsigned crypto_fast_rng_get_uint(crypto_fast_rng_t *rng, unsigned limit);
|
|
|
|
uint64_t crypto_fast_rng_get_uint64(crypto_fast_rng_t *rng, uint64_t limit);
|
2019-03-13 14:15:03 +01:00
|
|
|
uint32_t crypto_fast_rng_get_u32(crypto_fast_rng_t *rng);
|
|
|
|
uint64_t crypto_fast_rng_uint64_range(crypto_fast_rng_t *rng,
|
|
|
|
uint64_t min, uint64_t max);
|
2019-02-05 18:49:04 +01:00
|
|
|
double crypto_fast_rng_get_double(crypto_fast_rng_t *rng);
|
|
|
|
|
2019-03-01 14:20:54 +01:00
|
|
|
/**
|
|
|
|
* Using the fast_rng <b>rng</b>, yield true with probability
|
|
|
|
* 1/<b>n</b>. Otherwise yield false.
|
|
|
|
*
|
|
|
|
* <b>n</b> must not be zero.
|
|
|
|
**/
|
2019-02-20 18:21:05 +01:00
|
|
|
#define crypto_fast_rng_one_in_n(rng, n) \
|
|
|
|
(0 == (crypto_fast_rng_get_uint((rng), (n))))
|
|
|
|
|
2019-02-19 21:23:31 +01:00
|
|
|
crypto_fast_rng_t *get_thread_fast_rng(void);
|
|
|
|
|
|
|
|
#ifdef CRYPTO_PRIVATE
|
|
|
|
/* These are only used from crypto_init.c */
|
|
|
|
void destroy_thread_fast_rng(void);
|
|
|
|
void crypto_rand_fast_init(void);
|
|
|
|
void crypto_rand_fast_shutdown(void);
|
2019-06-05 15:33:35 +02:00
|
|
|
#endif /* defined(CRYPTO_PRIVATE) */
|
2019-02-19 21:23:31 +01:00
|
|
|
|
2019-02-05 18:49:04 +01:00
|
|
|
#if defined(TOR_UNIT_TESTS)
|
|
|
|
/* Used for white-box testing */
|
|
|
|
size_t crypto_fast_rng_get_bytes_used_per_stream(void);
|
2019-03-18 17:03:48 +01:00
|
|
|
/* For deterministic prng implementations */
|
|
|
|
void crypto_fast_rng_disable_reseed(crypto_fast_rng_t *rng);
|
|
|
|
/* To override the prng for testing. */
|
|
|
|
crypto_fast_rng_t *crypto_replace_thread_fast_rng(crypto_fast_rng_t *rng);
|
2019-06-05 15:33:35 +02:00
|
|
|
#endif /* defined(TOR_UNIT_TESTS) */
|
2019-02-05 18:49:04 +01:00
|
|
|
|
2018-04-06 23:23:29 +02:00
|
|
|
#ifdef CRYPTO_RAND_PRIVATE
|
|
|
|
|
|
|
|
STATIC int crypto_strongest_rand_raw(uint8_t *out, size_t out_len);
|
|
|
|
|
|
|
|
#ifdef TOR_UNIT_TESTS
|
|
|
|
extern int break_strongest_rng_syscall;
|
|
|
|
extern int break_strongest_rng_fallback;
|
|
|
|
#endif
|
|
|
|
#endif /* defined(CRYPTO_RAND_PRIVATE) */
|
|
|
|
|
|
|
|
#endif /* !defined(TOR_CRYPTO_RAND_H) */
|