Botan  2.15.0
Crypto and TLS for C++11
Public Member Functions | Static Public Member Functions | List of all members
Botan::Intel_Rdseed Class Referencefinal

#include <rdseed.h>

Inheritance diagram for Botan::Intel_Rdseed:
Botan::Entropy_Source

Public Member Functions

std::string name () const override
 
size_t poll (RandomNumberGenerator &rng) override
 

Static Public Member Functions

static std::unique_ptr< Entropy_Sourcecreate (const std::string &type)
 

Detailed Description

Entropy source using the rdseed instruction first introduced on Intel's Broadwell architecture.

Definition at line 19 of file rdseed.h.

Member Function Documentation

◆ create()

std::unique_ptr< Entropy_Source > Botan::Entropy_Source::create ( const std::string &  type)
staticinherited

Return a new entropy source of a particular type, or null Each entropy source may require substantial resources (eg, a file handle or socket instance), so try to share them among multiple RNGs, or just use the preconfigured global list accessed by Entropy_Sources::global_sources()

Definition at line 107 of file entropy_srcs.cpp.

References Botan::Processor_RNG::available(), BOTAN_UNUSED, Botan::Entropy_Source::name(), and Botan::OS::running_in_privileged_state().

Referenced by Botan::Entropy_Sources::Entropy_Sources().

108  {
109 #if defined(BOTAN_HAS_SYSTEM_RNG)
110  if(name == "system_rng" || name == "win32_cryptoapi")
111  {
112  return std::unique_ptr<Entropy_Source>(new System_RNG_EntropySource);
113  }
114 #endif
115 
116 #if defined(BOTAN_HAS_PROCESSOR_RNG)
117  if(name == "hwrng" || name == "rdrand" || name == "p9_darn")
118  {
120  {
121  return std::unique_ptr<Entropy_Source>(new Processor_RNG_EntropySource);
122  }
123  }
124 #endif
125 
126 #if defined(BOTAN_HAS_ENTROPY_SRC_RDSEED)
127  if(name == "rdseed")
128  {
129  return std::unique_ptr<Entropy_Source>(new Intel_Rdseed);
130  }
131 #endif
132 
133 #if defined(BOTAN_HAS_ENTROPY_SRC_GETENTROPY)
134  if(name == "getentropy")
135  {
136  return std::unique_ptr<Entropy_Source>(new Getentropy);
137  }
138 #endif
139 
140 #if defined(BOTAN_HAS_ENTROPY_SRC_DEV_RANDOM)
141  if(name == "dev_random")
142  {
143  return std::unique_ptr<Entropy_Source>(new Device_EntropySource(BOTAN_SYSTEM_RNG_POLL_DEVICES));
144  }
145 #endif
146 
147 #if defined(BOTAN_HAS_ENTROPY_SRC_PROC_WALKER)
148  if(name == "proc_walk" && OS::running_in_privileged_state() == false)
149  {
150  const std::string root_dir = BOTAN_ENTROPY_PROC_FS_PATH;
151  if(!root_dir.empty())
152  return std::unique_ptr<Entropy_Source>(new ProcWalking_EntropySource(root_dir));
153  }
154 #endif
155 
156 #if defined(BOTAN_HAS_ENTROPY_SRC_WIN32)
157  if(name == "system_stats")
158  {
159  return std::unique_ptr<Entropy_Source>(new Win32_EntropySource);
160  }
161 #endif
162 
164  return std::unique_ptr<Entropy_Source>();
165  }
virtual std::string name() const =0
bool running_in_privileged_state()
Definition: os_utils.cpp:143
#define BOTAN_UNUSED(...)
Definition: assert.h:142
static bool available()

◆ name()

std::string Botan::Intel_Rdseed::name ( ) const
inlineoverridevirtual
Returns
name identifying this entropy source

Implements Botan::Entropy_Source.

Definition at line 22 of file rdseed.h.

22 { return "rdseed"; }

◆ poll()

size_t Botan::Intel_Rdseed::poll ( RandomNumberGenerator rng)
overridevirtual

Perform an entropy gathering poll

Parameters
rngwill be provided with entropy via calls to add_entropy
Returns
conservative estimate of actual entropy added to rng during poll

Implements Botan::Entropy_Source.

Definition at line 62 of file rdseed.cpp.

References Botan::RandomNumberGenerator::add_entropy().

63  {
64  const size_t RDSEED_BYTES = 1024;
65  static_assert(RDSEED_BYTES % 4 == 0, "Bad RDSEED configuration");
66 
67  if(CPUID::has_rdseed())
68  {
69  secure_vector<uint32_t> seed;
70  seed.reserve(RDSEED_BYTES / 4);
71 
72  for(size_t p = 0; p != RDSEED_BYTES / 4; ++p)
73  {
74  /*
75  If at any point we exceed our retry count, we stop the entire seed
76  gathering process. This situation will only occur in situations of
77  extremely high RDSEED utilization. If RDSEED is currently so highly
78  contended, then the rest of the poll is likely to also face contention and
79  it is better to quit now rather than (presumably) face very high retry
80  times for the rest of the poll.
81  */
82  if(!read_rdseed(seed))
83  break;
84  }
85 
86  if(seed.size() > 0)
87  {
88  rng.add_entropy(reinterpret_cast<const uint8_t*>(seed.data()),
89  seed.size() * sizeof(uint32_t));
90  }
91  }
92 
93  // RDSEED is used but not trusted
94  return 0;
95  }

The documentation for this class was generated from the following files: