| Paul Crowley | 9da969e | 2022-09-16 23:42:24 +0000 | [diff] [blame] | 1 | // Copyright (C) 2022 The Android Open Source Project |
| 2 | // |
| 3 | // Licensed under the Apache License, Version 2.0 (the "License"); |
| 4 | // you may not use this file except in compliance with the License. |
| 5 | // You may obtain a copy of the License at |
| 6 | // |
| 7 | // http://www.apache.org/licenses/LICENSE-2.0 |
| 8 | // |
| 9 | // Unless required by applicable law or agreed to in writing, software |
| 10 | // distributed under the License is distributed on an "AS IS" BASIS, |
| 11 | // WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. |
| 12 | // See the License for the specific language governing permissions and |
| 13 | // limitations under the License. |
| 14 | |
| Paul Crowley | 1788569 | 2023-03-09 17:51:58 +0000 | [diff] [blame] | 15 | use std::{fs::File, io::Read}; |
| Paul Crowley | 9da969e | 2022-09-16 23:42:24 +0000 | [diff] [blame] | 16 | |
| Paul Crowley | 021cf55 | 2022-09-28 18:37:43 +0000 | [diff] [blame] | 17 | use anyhow::{ensure, Context, Result}; |
| Paul Crowley | 9da969e | 2022-09-16 23:42:24 +0000 | [diff] [blame] | 18 | use log::debug; |
| 19 | use tokio::io::AsyncReadExt; |
| 20 | |
| 21 | use crate::drbg; |
| 22 | |
| 23 | const SEED_FOR_CLIENT_LEN: usize = 496; |
| 24 | const NUM_REQUESTS_PER_RESEED: u32 = 256; |
| 25 | |
| Paul Crowley | 021cf55 | 2022-09-28 18:37:43 +0000 | [diff] [blame] | 26 | pub struct ConditionerBuilder { |
| 27 | hwrng: File, |
| 28 | rg: drbg::Drbg, |
| 29 | } |
| 30 | |
| 31 | impl ConditionerBuilder { |
| 32 | pub fn new(mut hwrng: File) -> Result<ConditionerBuilder> { |
| 33 | let mut et: drbg::Entropy = [0; drbg::ENTROPY_LEN]; |
| 34 | hwrng.read_exact(&mut et).context("hwrng.read_exact in new")?; |
| 35 | let rg = drbg::Drbg::new(&et)?; |
| Paul Crowley | 021cf55 | 2022-09-28 18:37:43 +0000 | [diff] [blame] | 36 | Ok(ConditionerBuilder { hwrng, rg }) |
| 37 | } |
| 38 | |
| 39 | pub fn build(self) -> Conditioner { |
| 40 | Conditioner { |
| 41 | hwrng: tokio::fs::File::from_std(self.hwrng), |
| 42 | rg: self.rg, |
| 43 | requests_since_reseed: 0, |
| 44 | } |
| 45 | } |
| 46 | } |
| 47 | |
| Paul Crowley | 9da969e | 2022-09-16 23:42:24 +0000 | [diff] [blame] | 48 | pub struct Conditioner { |
| 49 | hwrng: tokio::fs::File, |
| 50 | rg: drbg::Drbg, |
| 51 | requests_since_reseed: u32, |
| 52 | } |
| 53 | |
| 54 | impl Conditioner { |
| Paul Crowley | 9da969e | 2022-09-16 23:42:24 +0000 | [diff] [blame] | 55 | pub async fn reseed_if_necessary(&mut self) -> Result<()> { |
| 56 | if self.requests_since_reseed >= NUM_REQUESTS_PER_RESEED { |
| 57 | debug!("Reseeding DRBG"); |
| 58 | let mut et: drbg::Entropy = [0; drbg::ENTROPY_LEN]; |
| Paul Crowley | 021cf55 | 2022-09-28 18:37:43 +0000 | [diff] [blame] | 59 | self.hwrng.read_exact(&mut et).await.context("hwrng.read_exact in reseed")?; |
| Paul Crowley | 9da969e | 2022-09-16 23:42:24 +0000 | [diff] [blame] | 60 | self.rg.reseed(&et)?; |
| 61 | self.requests_since_reseed = 0; |
| 62 | } |
| 63 | Ok(()) |
| 64 | } |
| 65 | |
| 66 | pub fn request(&mut self) -> Result<[u8; SEED_FOR_CLIENT_LEN]> { |
| 67 | ensure!(self.requests_since_reseed < NUM_REQUESTS_PER_RESEED, "Not enough reseeds"); |
| 68 | let mut seed_for_client = [0u8; SEED_FOR_CLIENT_LEN]; |
| 69 | self.rg.generate(&mut seed_for_client)?; |
| 70 | self.requests_since_reseed += 1; |
| 71 | Ok(seed_for_client) |
| 72 | } |
| 73 | } |