| Paul Crowley | 9da969e | 2022-09-16 23:42:24 +0000 | [diff] [blame] | 1 | // Copyright (C) 2022 The Android Open Source Project |
| 2 | // |
| 3 | // Licensed under the Apache License, Version 2.0 (the "License"); |
| 4 | // you may not use this file except in compliance with the License. |
| 5 | // You may obtain a copy of the License at |
| 6 | // |
| 7 | // http://www.apache.org/licenses/LICENSE-2.0 |
| 8 | // |
| 9 | // Unless required by applicable law or agreed to in writing, software |
| 10 | // distributed under the License is distributed on an "AS IS" BASIS, |
| 11 | // WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. |
| 12 | // See the License for the specific language governing permissions and |
| 13 | // limitations under the License. |
| 14 | |
| 15 | use anyhow::{ensure, Result}; |
| 16 | use bssl_ffi as bssl_sys; |
| 17 | |
| 18 | pub const ENTROPY_LEN: usize = bssl_sys::CTR_DRBG_ENTROPY_LEN as usize; |
| 19 | |
| 20 | pub type Entropy = [u8; ENTROPY_LEN]; |
| 21 | |
| 22 | pub struct Drbg(*mut bssl_sys::CTR_DRBG_STATE); |
| 23 | |
| 24 | impl Drbg { |
| 25 | pub fn new(entropy: &Entropy) -> Result<Drbg> { |
| Andrew Walbran | c768733 | 2023-07-21 17:26:09 +0100 | [diff] [blame] | 26 | // SAFETY: entropy must be a valid pointer because it comes from a reference, and a null |
| 27 | // pointer is allowed for personalization. CTR_DRBG_new doesn't retain the entropy pointer |
| 28 | // for use after it returns. |
| Paul Crowley | 9da969e | 2022-09-16 23:42:24 +0000 | [diff] [blame] | 29 | let p = unsafe { bssl_sys::CTR_DRBG_new(entropy.as_ptr(), std::ptr::null(), 0) }; |
| 30 | ensure!(!p.is_null(), "CTR_DRBG_new failed"); |
| 31 | Ok(Drbg(p)) |
| 32 | } |
| 33 | |
| 34 | pub fn reseed(&mut self, entropy: &Entropy) -> Result<()> { |
| 35 | ensure!( |
| Andrew Walbran | c768733 | 2023-07-21 17:26:09 +0100 | [diff] [blame] | 36 | // SAFETY: We know that self.0 is valid because it was initialised from CTR_DRBG_new in |
| 37 | // Drbg::new above. The entropy pointer must be valid because it comes from a reference, |
| 38 | // and CTR_DRBG_reseed doesn't retain it after it returns. |
| Paul Crowley | 9da969e | 2022-09-16 23:42:24 +0000 | [diff] [blame] | 39 | unsafe { bssl_sys::CTR_DRBG_reseed(self.0, entropy.as_ptr(), std::ptr::null(), 0) } |
| 40 | == 1, |
| 41 | "CTR_DRBG_reseed failed" |
| 42 | ); |
| 43 | Ok(()) |
| 44 | } |
| 45 | |
| 46 | pub fn generate(&mut self, buf: &mut [u8]) -> Result<()> { |
| 47 | ensure!( |
| Andrew Walbran | c768733 | 2023-07-21 17:26:09 +0100 | [diff] [blame] | 48 | // SAFETY: We know that self.0 is valid because it was initialised from CTR_DRBG_new in |
| 49 | // Drbg::new above. The out pointer and length must be valid and unaliased because they |
| 50 | // come from a mutable slice reference, and CTR_DRBG_generate doesn't retain them after |
| 51 | // it returns. |
| Paul Crowley | 9da969e | 2022-09-16 23:42:24 +0000 | [diff] [blame] | 52 | unsafe { |
| 53 | bssl_sys::CTR_DRBG_generate( |
| 54 | self.0, |
| 55 | buf.as_mut_ptr(), |
| 56 | buf.len(), |
| 57 | std::ptr::null(), |
| 58 | 0, |
| 59 | ) |
| 60 | } == 1, |
| 61 | "CTR_DRBG_generate failed" |
| 62 | ); |
| 63 | Ok(()) |
| 64 | } |
| 65 | } |
| 66 | |
| 67 | impl Drop for Drbg { |
| 68 | fn drop(&mut self) { |
| Andrew Walbran | c768733 | 2023-07-21 17:26:09 +0100 | [diff] [blame] | 69 | // SAFETY: We know that self.0 is valid because it was initialised from CTR_DRBG_new in |
| 70 | // Drbg::new above, and this is the only place that frees it. |
| Paul Crowley | 9da969e | 2022-09-16 23:42:24 +0000 | [diff] [blame] | 71 | unsafe { |
| 72 | bssl_sys::CTR_DRBG_free(self.0); |
| 73 | } |
| 74 | } |
| 75 | } |
| 76 | |
| Andrew Walbran | c768733 | 2023-07-21 17:26:09 +0100 | [diff] [blame] | 77 | // SAFETY: CTR_DRBG functions can be called from any thread. |
| Paul Crowley | 9da969e | 2022-09-16 23:42:24 +0000 | [diff] [blame] | 78 | unsafe impl Send for Drbg {} |