/* Copyright (c) 2024, Google Inc. * * Permission to use, copy, modify, and/or distribute this software for any * purpose with or without fee is hereby granted, provided that the above * copyright notice and this permission notice appear in all copies. * * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY * SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN ACTION * OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN * CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. */ #ifndef OPENSSL_HEADER_CRYPTO_BCM_INTERFACE_H #define OPENSSL_HEADER_CRYPTO_BCM_INTERFACE_H // This header will eventually become the interface between BCM and the // rest of libcrypto. More cleanly separating the two is still a work in // progress (see https://crbug.com/boringssl/722) so, at the moment, we // consider this no different from any other header in BCM. // // Over time, calls from libcrypto to BCM will all move to this header // and the separation will become more meaningful. #if defined(__cplusplus) extern "C" { #endif // Enumerated types for return values from bcm functions, both infallible // and fallible functions. Two success values are used to correspond to the // FIPS service indicator. For the moment, the official service indicator // remains the counter, not these values. Once we fully transition to // these return values from bcm we will change that. enum bcm_infallible_t { … }; enum bcm_status_t { … }; bcm_status; bcm_infallible; OPENSSL_INLINE int bcm_success(bcm_status status) { … } #if defined(BORINGSSL_FIPS) // We overread from /dev/urandom or RDRAND by a factor of 10 and XOR to whiten. // TODO(bbe): disentangle this value which is used to calculate the size of the // stack buffer in RAND_need entropy based on a calculation. #define BORINGSSL_FIPS_OVERREAD … #endif // BORINGSSL_FIPS // BCM_rand_load_entropy supplies |entropy_len| bytes of entropy to the BCM // module. The |want_additional_input| parameter is true iff the entropy was // obtained from a source other than the system, e.g. directly from the CPU. bcm_infallible BCM_rand_load_entropy(const uint8_t *entropy, size_t entropy_len, int want_additional_input); // BCM_rand_bytes is the same as the public |RAND_bytes| function, other // than returning a bcm_infallible status indicator. OPENSSL_EXPORT bcm_infallible BCM_rand_bytes(uint8_t *out, size_t out_len); // BCM_rand_bytes_hwrng attempts to fill |out| with |len| bytes of entropy from // the CPU hardware random number generator if one is present. // bcm_status_approved is returned on success, and a failure status is // returned otherwise. bcm_status BCM_rand_bytes_hwrng(uint8_t *out, size_t len); // BCM_rand_bytes_with_additional_data samples from the RNG after mixing 32 // bytes from |user_additional_data| in. bcm_infallible BCM_rand_bytes_with_additional_data( uint8_t *out, size_t out_len, const uint8_t user_additional_data[32]); #if defined(__cplusplus) } // extern C #endif #endif // OPENSSL_HEADER_CRYPTO_BCM_INTERFACE_H