Apache Portable Runtime
|
00001 /* Licensed to the Apache Software Foundation (ASF) under one or more 00002 * contributor license agreements. See the NOTICE file distributed with 00003 * this work for additional information regarding copyright ownership. 00004 * The ASF licenses this file to You under the Apache License, Version 2.0 00005 * (the "License"); you may not use this file except in compliance with 00006 * the License. You may obtain a copy of the License at 00007 * 00008 * http://www.apache.org/licenses/LICENSE-2.0 00009 * 00010 * Unless required by applicable law or agreed to in writing, software 00011 * distributed under the License is distributed on an "AS IS" BASIS, 00012 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 00013 * See the License for the specific language governing permissions and 00014 * limitations under the License. 00015 */ 00016 00017 #ifndef APR_RANDOM_H 00018 #define APR_RANDOM_H 00019 00020 /** 00021 * @file apr_random.h 00022 * @brief APR PRNG routines 00023 */ 00024 00025 #include "apr_pools.h" 00026 #include "apr_thread_proc.h" 00027 00028 #ifdef __cplusplus 00029 extern "C" { 00030 #endif /* __cplusplus */ 00031 00032 /** 00033 * @defgroup apr_random PRNG Routines 00034 * @ingroup APR 00035 * @{ 00036 */ 00037 00038 typedef struct apr_crypto_hash_t apr_crypto_hash_t; 00039 00040 typedef void apr_crypto_hash_init_t(apr_crypto_hash_t *hash); 00041 typedef void apr_crypto_hash_add_t(apr_crypto_hash_t *hash, const void *data, 00042 apr_size_t bytes); 00043 typedef void apr_crypto_hash_finish_t(apr_crypto_hash_t *hash, 00044 unsigned char *result); 00045 00046 00047 /* FIXME: make this opaque */ 00048 struct apr_crypto_hash_t { 00049 apr_crypto_hash_init_t *init; 00050 apr_crypto_hash_add_t *add; 00051 apr_crypto_hash_finish_t *finish; 00052 apr_size_t size; 00053 void *data; 00054 }; 00055 00056 /** 00057 * Allocate and initialize the SHA-256 context 00058 * @param p The pool to allocate from 00059 */ 00060 APR_DECLARE(apr_crypto_hash_t *) apr_crypto_sha256_new(apr_pool_t *p); 00061 00062 /** Opaque PRNG structure. */ 00063 typedef struct apr_random_t apr_random_t; 00064 00065 /** 00066 * Initialize a PRNG state 00067 * @param g The PRNG state 00068 * @param p The pool to allocate from 00069 * @param pool_hash Pool hash functions 00070 * @param key_hash Key hash functions 00071 * @param prng_hash PRNG hash functions 00072 */ 00073 APR_DECLARE(void) apr_random_init(apr_random_t *g, apr_pool_t *p, 00074 apr_crypto_hash_t *pool_hash, 00075 apr_crypto_hash_t *key_hash, 00076 apr_crypto_hash_t *prng_hash); 00077 /** 00078 * Allocate and initialize (apr_crypto_sha256_new) a new PRNG state. 00079 * @param p The pool to allocate from 00080 */ 00081 APR_DECLARE(apr_random_t *) apr_random_standard_new(apr_pool_t *p); 00082 00083 /** 00084 * Mix the randomness pools. 00085 * @param g The PRNG state 00086 * @param entropy_ Entropy buffer 00087 * @param bytes Length of entropy_ in bytes 00088 */ 00089 APR_DECLARE(void) apr_random_add_entropy(apr_random_t *g, 00090 const void *entropy_, 00091 apr_size_t bytes); 00092 /** 00093 * Generate cryptographically insecure random bytes. 00094 * @param g The RNG state 00095 * @param random Buffer to fill with random bytes 00096 * @param bytes Length of buffer in bytes 00097 */ 00098 APR_DECLARE(apr_status_t) apr_random_insecure_bytes(apr_random_t *g, 00099 void *random, 00100 apr_size_t bytes); 00101 00102 /** 00103 * Generate cryptographically secure random bytes. 00104 * @param g The RNG state 00105 * @param random Buffer to fill with random bytes 00106 * @param bytes Length of buffer in bytes 00107 */ 00108 APR_DECLARE(apr_status_t) apr_random_secure_bytes(apr_random_t *g, 00109 void *random, 00110 apr_size_t bytes); 00111 /** 00112 * Ensures that E bits of conditional entropy are mixed into the PRNG 00113 * before any further randomness is extracted. 00114 * @param g The RNG state 00115 */ 00116 APR_DECLARE(void) apr_random_barrier(apr_random_t *g); 00117 00118 /** 00119 * Return APR_SUCCESS if the cryptographic PRNG has been seeded with 00120 * enough data, APR_ENOTENOUGHENTROPY otherwise. 00121 * @param r The RNG state 00122 */ 00123 APR_DECLARE(apr_status_t) apr_random_secure_ready(apr_random_t *r); 00124 00125 /** 00126 * Return APR_SUCCESS if the PRNG has been seeded with enough data, 00127 * APR_ENOTENOUGHENTROPY otherwise. 00128 * @param r The PRNG state 00129 */ 00130 APR_DECLARE(apr_status_t) apr_random_insecure_ready(apr_random_t *r); 00131 00132 /** 00133 * Mix the randomness pools after forking. 00134 * @param proc The resulting process handle from apr_proc_fork() 00135 * @remark Call this in the child after forking to mix the randomness 00136 * pools. Note that its generally a bad idea to fork a process with a 00137 * real PRNG in it - better to have the PRNG externally and get the 00138 * randomness from there. However, if you really must do it, then you 00139 * should supply all your entropy to all the PRNGs - don't worry, they 00140 * won't produce the same output. 00141 * @remark Note that apr_proc_fork() calls this for you, so only weird 00142 * applications need ever call it themselves. 00143 * @internal 00144 */ 00145 APR_DECLARE(void) apr_random_after_fork(apr_proc_t *proc); 00146 00147 /** @} */ 00148 00149 #ifdef __cplusplus 00150 } 00151 #endif 00152 00153 #endif /* !APR_RANDOM_H */