/* This Source Code Form is subject to the terms of the Mozilla Public
* License, v. 2.0. If a copy of the MPL was not distributed with this
* file, You can obtain one at http://mozilla.org/MPL/2.0/. */
#include "blapi.h"
#include "blapit.h"
#include "Hacl_Chacha20.h"
#include "nssilock.h"
#include "seccomon.h"
#include "secerr.h"
#include "prinit.h"
#define GLOBAL_BYTES_SIZE 100
static PRUint8 globalBytes[GLOBAL_BYTES_SIZE];
static unsigned long globalNumCalls = 0;
static PZLock *rng_lock = NULL;
static PRCallOnceType coRNGInit;
static const PRCallOnceType pristineCallOnce;
static PRStatus
rng_init(
void)
{
rng_lock = PZ_NewLock(nssILockOther);
if (!rng_lock) {
PORT_SetError(SEC_ERROR_LIBRARY_FAILURE);
return PR_FAILURE;
}
/* --- LOCKED --- */
PZ_Lock(rng_lock);
memset(globalBytes, 0, GLOBAL_BYTES_SIZE);
PZ_Unlock(rng_lock);
/* --- UNLOCKED --- */
return PR_SUCCESS;
}
SECStatus
RNG_RNGInit(
void)
{
/* Allow only one call to initialize the context */
if (PR_CallOnce(&coRNGInit, rng_init) != PR_SUCCESS) {
return SECFailure;
}
return SECSuccess;
}
/* Take min(size, GLOBAL_BYTES_SIZE) bytes from data and use as seed and reset
* the rng state. */
SECStatus
RNG_RandomUpdate(
const void *data, size_t bytes)
{
/* Check for a valid RNG lock. */
PORT_Assert(rng_lock != NULL);
if (rng_lock == NULL) {
PORT_SetError(SEC_ERROR_INVALID_ARGS);
return SECFailure;
}
/* --- LOCKED --- */
PZ_Lock(rng_lock);
memset(globalBytes, 0, GLOBAL_BYTES_SIZE);
globalNumCalls = 0;
if (data) {
memcpy(globalBytes, (PRUint8 *)data, PR_MIN(bytes, GLOBAL_BYTES_SIZE));
}
PZ_Unlock(rng_lock);
/* --- UNLOCKED --- */
return SECSuccess;
}
SECStatus
RNG_GenerateGlobalRandomBytes(
void *dest, size_t len)
{
static const uint8_t key[32] = { 0 };
uint8_t nonce[12] = { 0 };
/* Check for a valid RNG lock. */
PORT_Assert(rng_lock != NULL);
if (rng_lock == NULL) {
PORT_SetError(SEC_ERROR_INVALID_ARGS);
return SECFailure;
}
/* --- LOCKED --- */
PZ_Lock(rng_lock);
memcpy(nonce, &globalNumCalls,
sizeof(globalNumCalls));
globalNumCalls++;
ChaCha20Poly1305Context *cx =
ChaCha20Poly1305_CreateContext(key,
sizeof(key), 16);
if (!cx) {
PORT_SetError(SEC_ERROR_NO_MEMORY);
PZ_Unlock(rng_lock);
return SECFailure;
}
memset(dest, 0, len);
memcpy(dest, globalBytes, PR_MIN(len, GLOBAL_BYTES_SIZE));
Hacl_Chacha20_chacha20_encrypt(len, (uint8_t *)dest, (uint8_t *)dest,
(uint8_t *)key, nonce, 0);
ChaCha20Poly1305_DestroyContext(cx, PR_TRUE);
PZ_Unlock(rng_lock);
/* --- UNLOCKED --- */
return SECSuccess;
}
void
RNG_RNGShutdown(
void)
{
if (rng_lock) {
PZ_DestroyLock(rng_lock);
rng_lock = NULL;
}
coRNGInit = pristineCallOnce;
}
/* Test functions are not implemented! */
SECStatus
PRNGTEST_Instantiate(
const PRUint8 *entropy,
unsigned int entropy_len,
const PRUint8 *nonce,
unsigned int nonce_len,
const PRUint8 *personal_string,
unsigned int ps_len)
{
return SECFailure;
}
SECStatus
PRNGTEST_Reseed(
const PRUint8 *entropy,
unsigned int entropy_len,
const PRUint8 *additional,
unsigned int additional_len)
{
return SECFailure;
}
SECStatus
PRNGTEST_Generate(PRUint8 *bytes,
unsigned int bytes_len,
const PRUint8 *additional,
unsigned int additional_len)
{
return SECFailure;
}
SECStatus
PRNGTEST_Uninstantiate()
{
return SECFailure;
}
SECStatus
PRNGTEST_RunHealthTests()
{
return SECFailure;
}
SECStatus
PRNGTEST_Instantiate_Kat(
const PRUint8 *entropy,
unsigned int entropy_len,
const PRUint8 *nonce,
unsigned int nonce_len,
const PRUint8 *personal_string,
unsigned int ps_len)
{
return SECFailure;
}
