Google Git
Sign in
coral / a71ch-crypto-support / 8dc1f1434da50a4b7361d651239c1f3f4f8cc25b / . / sss / plugin / openssl / engine / src / ax_sssEngine_rand.c
blob: 49b291209531f8b0ade99dac092bbb8ce9e492f2 [file] [log] [blame]
/**
* @file ax_sssA71chEngine.c
* @author NXP Semiconductors
* @version 1.0
* @par License
*
* Copyright 2018,2019 NXP
* SPDX-License-Identifier: Apache-2.0
*
* @par Description
* OpenSSL Engine for NXP Embedded Secure Element over SSS API's
*
* The following operations are supported by this engine:
* - Random number generation
* - ECC sign
* - ECC verify
* - ECDH compute_key
*
* When dealing with an EC key argument whose a public key is used:
* - In case the key is a 'reference key' -> use the referenced public key
* - In case the above does not apply; at compile time one can choose between two
* strategies:
* (1) return a fail
* (2) delegate the operation to the OpenSSL SW implementation
*
* When dealing with an EC key argument whose private key is used:
* - In case the key is a 'reference key' -> use the referenced private key
* - In case the above does not apply; at compile time one can choose between two
* strategies:
* (1) return a fail
* (2) delegate the operation to the OpenSSL SW implementation
*
* @note
* Compatible with:
* - OpenSSL 1.0.2
* - OpenSSL 1.1.0
*
*/
/*
* This file contains source code form OpenSSL distribution that is covered
* by the LICENSE-OpenSSL file to be found in the root of this source code
* distribution tree.
*/
#include <ex_sss.h>
#include <stdlib.h>
//#include <malloc.h>
#include <openssl/bn.h>
#include <openssl/crypto.h>
#include <openssl/ec.h>
#include <openssl/ecdsa.h>
#include <openssl/err.h>
#include <openssl/evp.h>
#include <openssl/rand.h>
#include "ax_api.h"
#include "ax_cryptoIpc.h"
#include "ax_embSeEngine.h"
#include "ax_embSeEngine_Internal.h"
#include "sm_printf.h"
#ifdef AX_ENGINE_SUPPORTS_RAND
#if SSS_HAVE_A71CH || SSS_HAVE_A71CH_SIM
#define MAX_RND_CHUNK A71CH_SCP03_MAX_PAYLOAD_SIZE
#elif SSS_HAVE_APPLET_SE05X_IOT
#define MAX_RND_CHUNK SE05X_MAX_BUF_SIZE_RSP
#elif (SSS_HAVE_MBEDTLS || SSS_HAVE_OPENSSL)
#define MAX_RND_CHUNK 256
#else
#error "Invalid Platform for openssl engine random generator"
#endif
/* Random Num Status, used when Get Rand Status is invoked */
unsigned short gRandStatus = 1;
/**
* Implementation of Engine API for Random Number Generation. Invokes Host API RND_GetRandom
* @param[in,out] buf buffer to store the generated Random Number
* @param[in] num number of random bytes requested
* @retval 0 upon failure
* @retval 1 upon success
*/
static int EmbSe_Rand(unsigned char *buf, int num)
{
int ret = 0;
int requested = 0;
int offset = 0;
int chunk = 0;
sss_status_t status = kStatus_SSS_Fail;
sss_rng_context_t rng;
EmbSe_Print(LOG_FLOW_ON, "EmbSe_Rand invoked requesting %d random bytes\n", num);
memset(buf, 0, num);
axCi_MutexLock();
status = sss_rng_context_init(&rng, &gpCtx->session /* Session */);
if (status != kStatus_SSS_Success) {
goto exit;
}
requested = num;
while (requested > 0) {
if (requested > MAX_RND_CHUNK) {
chunk = MAX_RND_CHUNK;
}
else {
chunk = requested;
}
status = sss_rng_get_random(&rng, buf + offset, chunk);
if (status != kStatus_SSS_Success) {
goto exit;
}
offset += chunk;
requested -= chunk;
}
ret = 1;
exit:
gRandStatus = ret;
axCi_MutexUnlock();
if (ret == 0) {
EmbSe_Print(LOG_ERR_ON, "Call to sss_rng_get_random failed \n");
}
return ret;
}
/**
* @function EmbSe_Rand_Status
* @description Engine API to return the status from invocation of RND_GetRandom()
* @param void
* @return value U16 of previous RND_GetRandom() API.
*/
static int EmbSe_Rand_Status(void)
{
EmbSe_Print(LOG_FLOW_ON, "EmbSe_Rand_Status invoked\n");
return (int)gRandStatus;
}
/* Fill in implemented Engine methods in respective data structures */
RAND_METHOD EmbSe_RAND = {
NULL, /* RAND_seed() */
EmbSe_Rand, /* RAND_bytes() */
NULL, /* RAND_cleanup() */
NULL, /* RAND_add() */
EmbSe_Rand, /* RAND_pseudo_rand() */
EmbSe_Rand_Status /* RAND_status() */
};
#endif //AX_ENGINE_SUPPORTS_RAND