static int fips_cprng_reset(struct crypto_rng *tfm, u8 *seed, unsigned int slen) { u8 rdata[DEFAULT_BLK_SZ]; u8 *key = seed + DEFAULT_BLK_SZ; int rc; struct prng_context *prng = crypto_rng_ctx(tfm); if (slen < DEFAULT_PRNG_KSZ + DEFAULT_BLK_SZ) return -EINVAL; /* fips strictly requires seed != key */ if (!memcmp(seed, key, DEFAULT_PRNG_KSZ)) return -EINVAL; rc = cprng_reset(tfm, seed, slen); if (!rc) goto out; /* this primes our continuity test */ rc = get_prng_bytes(rdata, DEFAULT_BLK_SZ, prng, 0); prng->rand_data_valid = DEFAULT_BLK_SZ; out: return rc; }
static int fips_cprng_get_random(struct crypto_rng *tfm, u8 *rdata, unsigned int dlen) { struct prng_context *prng = crypto_rng_ctx(tfm); return get_prng_bytes(rdata, dlen, prng, 1); }
int ss_trng_get_random(struct crypto_rng *tfm, u8 *rdata, unsigned int dlen) { ss_aes_ctx_t *ctx = crypto_rng_ctx(tfm); ctx->comm.flags |= SS_FLAG_TRNG; return ss_rng_get_random(tfm, rdata, dlen); }
int ss_rng_get_random(struct crypto_rng *tfm, u8 *rdata, unsigned int dlen) { int ret = 0; ss_aes_ctx_t *ctx = crypto_rng_ctx(tfm); SS_DBG("flow = %d, rdata = %p, len = %d \n", ctx->comm.flow, rdata, dlen); if (ss_dev->suspend) { SS_ERR("SS has already suspend. \n"); return -EAGAIN; } ss_dev_lock(); /* Must set the seed addr in PRNG/TRNG. */ ss_key_set(ctx->key, ctx->key_size); dma_map_single(&ss_dev->pdev->dev, ctx->key, ctx->key_size, DMA_MEM_TO_DEV); ret = ss_rng_start(ctx, rdata, dlen); ss_dev_unlock(); SS_DBG("Get %d byte random. \n", ret); dma_unmap_single(&ss_dev->pdev->dev, virt_to_phys(ctx->key), ctx->key_size, DMA_MEM_TO_DEV); return ret; }
static int exynos_rng_generate(struct crypto_rng *tfm, const u8 *src, unsigned int slen, u8 *dst, unsigned int dlen) { struct exynos_rng_ctx *ctx = crypto_rng_ctx(tfm); struct exynos_rng_dev *rng = ctx->rng; unsigned int read = 0; int ret; ret = clk_prepare_enable(rng->clk); if (ret) return ret; mutex_lock(&rng->lock); do { ret = exynos_rng_get_random(rng, dst, dlen, &read); if (ret) break; dlen -= read; dst += read; exynos_rng_reseed(rng); } while (dlen > 0); mutex_unlock(&rng->lock); clk_disable_unprepare(rng->clk); return ret; }
static int fips_cprng_get_random(struct crypto_rng *tfm, u8 *rdata, unsigned int dlen) { struct prng_context *prng = crypto_rng_ctx(tfm); // fail fast if we're in a FIPS error state if (unlikely(fips_error())) return -EINVAL; return get_prng_bytes(rdata, dlen, prng, 1); }
int ss_rng_reset(struct crypto_rng *tfm, u8 *seed, unsigned int slen) { ss_aes_ctx_t *ctx = crypto_rng_ctx(tfm); SS_DBG("Seed len: %d, ctx->flags = %#x \n", slen, ctx->comm.flags); ctx->key_size = slen; memcpy(ctx->key, seed, slen); ctx->comm.flags |= SS_FLAG_NEW_KEY; return 0; }
static int fips_cprng_get_random(struct crypto_rng *tfm, u8 *rdata, unsigned int dlen) { struct prng_context *prng = crypto_rng_ctx(tfm); // [email protected] - disable kernel panic in FIPS mode - starts if(in_fips_err()) { return -EINVAL; } // [email protected] - disable kernel panic in FIPS mode - ends return get_prng_bytes(rdata, dlen, prng, 1); }
static int fips_cprng_get_random(struct crypto_rng *tfm, u8 *rdata, unsigned int dlen) { struct prng_context *prng = crypto_rng_ctx(tfm); #ifdef CONFIG_CRYPTO_FIPS if (unlikely(in_fips_err())) return -EINVAL; #endif return get_prng_bytes(rdata, dlen, prng, 1); }
int ss_rng_reset(struct crypto_rng *tfm, u8 *seed, unsigned int slen) { int len = slen > SS_PRNG_SEED_LEN ? SS_PRNG_SEED_LEN : slen; ss_aes_ctx_t *ctx = crypto_rng_ctx(tfm); SS_DBG("Seed len: %d/%d, ctx->flags = %#x \n", len, slen, ctx->comm.flags); ctx->key_size = len; memset(ctx->key, 0, SS_PRNG_SEED_LEN); memcpy(ctx->key, seed, len); ctx->comm.flags |= SS_FLAG_NEW_KEY; return 0; }
static int jent_kcapi_random(struct crypto_rng *tfm, const u8 *src, unsigned int slen, u8 *rdata, unsigned int dlen) { struct jitterentropy *rng = crypto_rng_ctx(tfm); int ret = 0; spin_lock(&rng->jent_lock); ret = jent_read_entropy(rng->entropy_collector, rdata, dlen); spin_unlock(&rng->jent_lock); return ret; }
static int cprng_reset(struct crypto_rng *tfm, u8 *seed, unsigned int slen) { struct prng_context *prng = crypto_rng_ctx(tfm); u8 *key = seed + DEFAULT_PRNG_KSZ; if (slen < DEFAULT_PRNG_KSZ + DEFAULT_BLK_SZ) return -EINVAL; reset_prng_context(prng, key, DEFAULT_PRNG_KSZ, seed, NULL); if (prng->flags & PRNG_NEED_RESET) return -EINVAL; return 0; }
static int fips_cprng_reset(struct crypto_rng *tfm, u8 *seed, unsigned int slen) { u8 rdata[DEFAULT_BLK_SZ]; int rc; struct prng_context *prng = crypto_rng_ctx(tfm); rc = cprng_reset(tfm, seed, slen); if (!rc) goto out; /* this primes our continuity test */ rc = get_prng_bytes(rdata, DEFAULT_BLK_SZ, prng, 0); prng->rand_data_valid = DEFAULT_BLK_SZ; out: return rc; }
static int exynos_rng_seed(struct crypto_rng *tfm, const u8 *seed, unsigned int slen) { struct exynos_rng_ctx *ctx = crypto_rng_ctx(tfm); struct exynos_rng_dev *rng = ctx->rng; int ret; ret = clk_prepare_enable(rng->clk); if (ret) return ret; mutex_lock(&rng->lock); ret = exynos_rng_set_seed(ctx->rng, seed, slen); mutex_unlock(&rng->lock); clk_disable_unprepare(rng->clk); return ret; }
static int qcom_rng_generate(struct crypto_rng *tfm, const u8 *src, unsigned int slen, u8 *dstn, unsigned int dlen) { struct qcom_rng_ctx *ctx = crypto_rng_ctx(tfm); struct qcom_rng *rng = ctx->rng; int ret; ret = clk_prepare_enable(rng->clk); if (ret) return ret; mutex_lock(&rng->lock); ret = qcom_rng_read(rng, dstn, dlen); mutex_unlock(&rng->lock); clk_disable_unprepare(rng->clk); return 0; }
/* * This is the cprng_registered reset method the seed value is * interpreted as the tuple { V KEY DT} * V and KEY are required during reset, and DT is optional, detected * as being present by testing the length of the seed */ static int cprng_reset(struct crypto_rng *tfm, u8 *seed, unsigned int slen) { struct prng_context *prng = crypto_rng_ctx(tfm); u8 *key = seed + DEFAULT_BLK_SZ; u8 *dt = NULL; if (slen < DEFAULT_PRNG_KSZ + DEFAULT_BLK_SZ) return -EINVAL; #ifdef CONFIG_CRYPTO_FIPS if (!memcmp(key, seed, DEFAULT_PRNG_KSZ)) return -EINVAL; #endif if (slen >= (2 * DEFAULT_BLK_SZ + DEFAULT_PRNG_KSZ)) dt = key + DEFAULT_PRNG_KSZ; reset_prng_context(prng, key, DEFAULT_PRNG_KSZ, seed, dt); if (prng->flags & PRNG_NEED_RESET) return -EINVAL; return 0; }