From cf1e6fb847d905733055feaa6d97cdcb9e15b3a9 Mon Sep 17 00:00:00 2001 From: Milan Broz Date: Mon, 21 May 2012 14:32:39 +0200 Subject: [PATCH] Implement crypt RNG wrapper (for FIPS mode), use it for SALT and KEY RNG levels. --- ChangeLog | 1 + lib/crypto_backend/crypto_backend.h | 3 +++ lib/crypto_backend/crypto_gcrypt.c | 16 ++++++++++++++++ lib/crypto_backend/crypto_kernel.c | 6 ++++++ lib/crypto_backend/crypto_nettle.c | 6 ++++++ lib/crypto_backend/crypto_nss.c | 6 ++++++ lib/crypto_backend/crypto_openssl.c | 6 ++++++ lib/random.c | 9 ++++++++- 8 files changed, 52 insertions(+), 1 deletion(-) diff --git a/ChangeLog b/ChangeLog index 9db6078..080293a 100644 --- a/ChangeLog +++ b/ChangeLog @@ -1,6 +1,7 @@ 2012-05-21 Milan Broz * Add --enable-fips for linking with fipscheck library. * Initialize binary and library selfcheck if running in FIPS mode. + * Use FIPS RNG in FIPS mode for KEY and SALT (only gcrypt backend supported). 2012-05-09 Milan Broz * Fix keyslot removal (wipe keyslot) for device with 4k hw block (1.4.0). diff --git a/lib/crypto_backend/crypto_backend.h b/lib/crypto_backend/crypto_backend.h index e3fe52f..81d74e6 100644 --- a/lib/crypto_backend/crypto_backend.h +++ b/lib/crypto_backend/crypto_backend.h @@ -46,4 +46,7 @@ int crypt_hmac_write(struct crypt_hmac *ctx, const char *buffer, size_t length); int crypt_hmac_final(struct crypt_hmac *ctx, char *buffer, size_t length); int crypt_hmac_destroy(struct crypt_hmac *ctx); +/* RNG (must be usable in FIPS mode) */ +int crypt_backend_fips_rng(char *buffer, size_t length, int quality); + #endif /* _CRYPTO_BACKEND_H */ diff --git a/lib/crypto_backend/crypto_gcrypt.c b/lib/crypto_backend/crypto_gcrypt.c index 0c06377..033b7a8 100644 --- a/lib/crypto_backend/crypto_gcrypt.c +++ b/lib/crypto_backend/crypto_gcrypt.c @@ -226,3 +226,19 @@ int crypt_hmac_destroy(struct crypt_hmac *ctx) free(ctx); return 0; } + +/* RNG */ +int crypt_backend_fips_rng(char *buffer, size_t length, int quality) +{ + switch(quality) { + case CRYPT_RND_NORMAL: + gcry_randomize(buffer, length, GCRY_STRONG_RANDOM); + break; + case CRYPT_RND_SALT: + case CRYPT_RND_KEY: + default: + gcry_randomize(buffer, length, GCRY_VERY_STRONG_RANDOM); + break; + } + return 0; +} diff --git a/lib/crypto_backend/crypto_kernel.c b/lib/crypto_backend/crypto_kernel.c index 38647ac..da9f1ea 100644 --- a/lib/crypto_backend/crypto_kernel.c +++ b/lib/crypto_backend/crypto_kernel.c @@ -291,3 +291,9 @@ int crypt_hmac_destroy(struct crypt_hmac *ctx) free(ctx); return 0; } + +/* RNG - N/A */ +int crypt_backend_fips_rng(char *buffer, size_t length, int quality) +{ + return -EINVAL; +} diff --git a/lib/crypto_backend/crypto_nettle.c b/lib/crypto_backend/crypto_nettle.c index 585d47f..9a438a8 100644 --- a/lib/crypto_backend/crypto_nettle.c +++ b/lib/crypto_backend/crypto_nettle.c @@ -262,3 +262,9 @@ int crypt_hmac_destroy(struct crypt_hmac *ctx) free(ctx); return 0; } + +/* RNG - N/A */ +int crypt_backend_fips_rng(char *buffer, size_t length, int quality) +{ + return -EINVAL; +} diff --git a/lib/crypto_backend/crypto_nss.c b/lib/crypto_backend/crypto_nss.c index 84fbcbc..86d429e 100644 --- a/lib/crypto_backend/crypto_nss.c +++ b/lib/crypto_backend/crypto_nss.c @@ -274,3 +274,9 @@ int crypt_hmac_destroy(struct crypt_hmac *ctx) free(ctx); return 0; } + +/* RNG - N/A */ +int crypt_backend_fips_rng(char *buffer, size_t length, int quality) +{ + return -EINVAL; +} diff --git a/lib/crypto_backend/crypto_openssl.c b/lib/crypto_backend/crypto_openssl.c index 0e22394..e7f0c59 100644 --- a/lib/crypto_backend/crypto_openssl.c +++ b/lib/crypto_backend/crypto_openssl.c @@ -213,3 +213,9 @@ int crypt_hmac_destroy(struct crypt_hmac *ctx) free(ctx); return 0; } + +/* RNG - N/A */ +int crypt_backend_fips_rng(char *buffer, size_t length, int quality) +{ + return -EINVAL; +} diff --git a/lib/random.c b/lib/random.c index c7f25e4..5aa95e0 100644 --- a/lib/random.c +++ b/lib/random.c @@ -177,9 +177,16 @@ int crypt_random_get(struct crypt_device *ctx, char *buf, size_t len, int qualit status = _get_urandom(ctx, buf, len); break; case CRYPT_RND_SALT: - status = _get_urandom(ctx, buf, len); + if (crypt_fips_mode()) + status = crypt_backend_fips_rng(buf, len, quality); + else + status = _get_urandom(ctx, buf, len); break; case CRYPT_RND_KEY: + if (crypt_fips_mode()) { + status = crypt_backend_fips_rng(buf, len, quality); + break; + } rng_type = ctx ? crypt_get_rng_type(ctx) : crypt_random_default_key_rng(); switch (rng_type) { -- 2.7.4