Merge pull request #3423 from niacat/sysctl-arnd

entropy: Add support for BSD sysctl(KERN_ARND)
This commit is contained in:
Manuel Pégourié-Gonnard 2020-06-25 09:34:20 +02:00 committed by GitHub
commit 1cb2beb905
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
2 changed files with 47 additions and 0 deletions

View File

@ -0,0 +1,2 @@
Features
* Added support to entropy_poll for the kern.arandom syscall supported on some BSD systems. Contributed by Nia Alarie in #3423.

View File

@ -115,6 +115,41 @@ static int getrandom_wrapper( void *buf, size_t buflen, unsigned int flags )
#endif /* SYS_getrandom */ #endif /* SYS_getrandom */
#endif /* __linux__ || __midipix__ */ #endif /* __linux__ || __midipix__ */
/*
* Some BSD systems provide KERN_ARND.
* This is equivalent to reading from /dev/urandom, only it doesn't require an
* open file descriptor, and provides up to 256 bytes per call (basically the
* same as getentropy(), but with a longer history).
*
* Documentation: https://netbsd.gw.com/cgi-bin/man-cgi?sysctl+7
*/
#if (defined(__FreeBSD__) || defined(__NetBSD__)) && !defined(HAVE_GETRANDOM)
#include <sys/param.h>
#include <sys/sysctl.h>
#if defined(KERN_ARND)
#define HAVE_SYSCTL_ARND
static int sysctl_arnd_wrapper( unsigned char *buf, size_t buflen )
{
int name[2];
size_t len;
name[0] = CTL_KERN;
name[1] = KERN_ARND;
while( buflen > 0 )
{
len = buflen > 256 ? 256 : buflen;
if( sysctl(name, 2, buf, &len, NULL, 0) == -1 )
return( -1 );
buflen -= len;
buf += len;
}
return( 0 );
}
#endif /* KERN_ARND */
#endif /* __FreeBSD__ || __NetBSD__ */
#include <stdio.h> #include <stdio.h>
int mbedtls_platform_entropy_poll( void *data, int mbedtls_platform_entropy_poll( void *data,
@ -139,6 +174,15 @@ int mbedtls_platform_entropy_poll( void *data,
((void) ret); ((void) ret);
#endif /* HAVE_GETRANDOM */ #endif /* HAVE_GETRANDOM */
#if defined(HAVE_SYSCTL_ARND)
((void) file);
((void) read_len);
if( sysctl_arnd_wrapper( output, len ) == -1 )
return( MBEDTLS_ERR_ENTROPY_SOURCE_FAILED );
*olen = len;
return( 0 );
#else
*olen = 0; *olen = 0;
file = fopen( "/dev/urandom", "rb" ); file = fopen( "/dev/urandom", "rb" );
@ -156,6 +200,7 @@ int mbedtls_platform_entropy_poll( void *data,
*olen = len; *olen = len;
return( 0 ); return( 0 );
#endif /* HAVE_SYSCTL_ARND */
} }
#endif /* _WIN32 && !EFIX64 && !EFI32 */ #endif /* _WIN32 && !EFIX64 && !EFI32 */
#endif /* !MBEDTLS_NO_PLATFORM_ENTROPY */ #endif /* !MBEDTLS_NO_PLATFORM_ENTROPY */