apr_random.h 4.9 KB

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153
  1. /* Licensed to the Apache Software Foundation (ASF) under one or more
  2. * contributor license agreements. See the NOTICE file distributed with
  3. * this work for additional information regarding copyright ownership.
  4. * The ASF licenses this file to You under the Apache License, Version 2.0
  5. * (the "License"); you may not use this file except in compliance with
  6. * the License. You may obtain a copy of the License at
  7. *
  8. * http://www.apache.org/licenses/LICENSE-2.0
  9. *
  10. * Unless required by applicable law or agreed to in writing, software
  11. * distributed under the License is distributed on an "AS IS" BASIS,
  12. * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
  13. * See the License for the specific language governing permissions and
  14. * limitations under the License.
  15. */
  16. #ifndef APR_RANDOM_H
  17. #define APR_RANDOM_H
  18. /**
  19. * @file apr_random.h
  20. * @brief APR PRNG routines
  21. */
  22. #include "apr_pools.h"
  23. #include "apr_thread_proc.h"
  24. #ifdef __cplusplus
  25. extern "C" {
  26. #endif /* __cplusplus */
  27. /**
  28. * @defgroup apr_random PRNG Routines
  29. * @ingroup APR
  30. * @{
  31. */
  32. typedef struct apr_crypto_hash_t apr_crypto_hash_t;
  33. typedef void apr_crypto_hash_init_t(apr_crypto_hash_t *hash);
  34. typedef void apr_crypto_hash_add_t(apr_crypto_hash_t *hash, const void *data,
  35. apr_size_t bytes);
  36. typedef void apr_crypto_hash_finish_t(apr_crypto_hash_t *hash,
  37. unsigned char *result);
  38. /* FIXME: make this opaque */
  39. struct apr_crypto_hash_t {
  40. apr_crypto_hash_init_t *init;
  41. apr_crypto_hash_add_t *add;
  42. apr_crypto_hash_finish_t *finish;
  43. apr_size_t size;
  44. void *data;
  45. };
  46. /**
  47. * Allocate and initialize the SHA-256 context
  48. * @param p The pool to allocate from
  49. */
  50. APR_DECLARE(apr_crypto_hash_t *) apr_crypto_sha256_new(apr_pool_t *p);
  51. /** Opaque PRNG structure. */
  52. typedef struct apr_random_t apr_random_t;
  53. /**
  54. * Initialize a PRNG state
  55. * @param g The PRNG state
  56. * @param p The pool to allocate from
  57. * @param pool_hash Pool hash functions
  58. * @param key_hash Key hash functions
  59. * @param prng_hash PRNG hash functions
  60. */
  61. APR_DECLARE(void) apr_random_init(apr_random_t *g, apr_pool_t *p,
  62. apr_crypto_hash_t *pool_hash,
  63. apr_crypto_hash_t *key_hash,
  64. apr_crypto_hash_t *prng_hash);
  65. /**
  66. * Allocate and initialize (apr_crypto_sha256_new) a new PRNG state.
  67. * @param p The pool to allocate from
  68. */
  69. APR_DECLARE(apr_random_t *) apr_random_standard_new(apr_pool_t *p);
  70. /**
  71. * Mix the randomness pools.
  72. * @param g The PRNG state
  73. * @param entropy_ Entropy buffer
  74. * @param bytes Length of entropy_ in bytes
  75. */
  76. APR_DECLARE(void) apr_random_add_entropy(apr_random_t *g,
  77. const void *entropy_,
  78. apr_size_t bytes);
  79. /**
  80. * Generate cryptographically insecure random bytes.
  81. * @param g The RNG state
  82. * @param random Buffer to fill with random bytes
  83. * @param bytes Length of buffer in bytes
  84. */
  85. APR_DECLARE(apr_status_t) apr_random_insecure_bytes(apr_random_t *g,
  86. void *random,
  87. apr_size_t bytes);
  88. /**
  89. * Generate cryptographically secure random bytes.
  90. * @param g The RNG state
  91. * @param random Buffer to fill with random bytes
  92. * @param bytes Length of buffer in bytes
  93. */
  94. APR_DECLARE(apr_status_t) apr_random_secure_bytes(apr_random_t *g,
  95. void *random,
  96. apr_size_t bytes);
  97. /**
  98. * Ensures that E bits of conditional entropy are mixed into the PRNG
  99. * before any further randomness is extracted.
  100. * @param g The RNG state
  101. */
  102. APR_DECLARE(void) apr_random_barrier(apr_random_t *g);
  103. /**
  104. * Return APR_SUCCESS if the cryptographic PRNG has been seeded with
  105. * enough data, APR_ENOTENOUGHENTROPY otherwise.
  106. * @param r The RNG state
  107. */
  108. APR_DECLARE(apr_status_t) apr_random_secure_ready(apr_random_t *r);
  109. /**
  110. * Return APR_SUCCESS if the PRNG has been seeded with enough data,
  111. * APR_ENOTENOUGHENTROPY otherwise.
  112. * @param r The PRNG state
  113. */
  114. APR_DECLARE(apr_status_t) apr_random_insecure_ready(apr_random_t *r);
  115. /**
  116. * Mix the randomness pools after forking.
  117. * @param proc The resulting process handle from apr_proc_fork()
  118. * @remark Call this in the child after forking to mix the randomness
  119. * pools. Note that its generally a bad idea to fork a process with a
  120. * real PRNG in it - better to have the PRNG externally and get the
  121. * randomness from there. However, if you really must do it, then you
  122. * should supply all your entropy to all the PRNGs - don't worry, they
  123. * won't produce the same output.
  124. * @remark Note that apr_proc_fork() calls this for you, so only weird
  125. * applications need ever call it themselves.
  126. * @internal
  127. */
  128. APR_DECLARE(void) apr_random_after_fork(apr_proc_t *proc);
  129. /** @} */
  130. #ifdef __cplusplus
  131. }
  132. #endif
  133. #endif /* !APR_RANDOM_H */