Refactor

crypto/CMakeLists.txt

@@ -475,6 +475,7 @@ add_library(
   rand_extra/deterministic.c
   rand_extra/entropy_passive.c
   rand_extra/forkunsafe.c
+  rand_extra/getentropy.c
   rand_extra/rand_extra.c
   rand_extra/pq_custom_randombytes.c
   rand_extra/windows.c

crypto/fipsmodule/rand/getrandom_fillin.h

@@ -18,7 +18,7 @@
 #include <openssl/base.h>
 
 
-#if defined(OPENSSL_LINUX)
+#if defined(OPENSSL_RAND_URANDOM)
 
 #include <sys/syscall.h>
 

crypto/fipsmodule/rand/internal.h

@@ -25,11 +25,12 @@
 extern "C" {
 #endif
 
-
 #if defined(BORINGSSL_UNSAFE_DETERMINISTIC_MODE)
 #define OPENSSL_RAND_DETERMINISTIC
 #elif defined(OPENSSL_WINDOWS)
 #define OPENSSL_RAND_WINDOWS
+#elif defined(OPENSSL_MACOS) || defined(OPENSSL_OPENBSD) || defined(OPENSSL_FREEBSD)
+#define OPENSSL_RAND_GETENTROPY
 #else
 #define OPENSSL_RAND_URANDOM
 #endif

crypto/fipsmodule/rand/urandom.c

@@ -69,20 +69,6 @@
 #include <CommonCrypto/CommonRandom.h>
 #endif
 
-#if defined(OPENSSL_FREEBSD)
-#define URANDOM_BLOCKS_FOR_ENTROPY
-#include <sys/param.h>
-#if __FreeBSD_version >= 1200000
-// getrandom is supported in FreeBSD 12 and up.
-#define FREEBSD_GETRANDOM
-#include <sys/random.h>
-#endif
-#endif
-
-#if defined(OPENSSL_OPENBSD)
-#include <stdlib.h>
-#endif
-
 #include <openssl/thread.h>
 #include <openssl/mem.h>
 
@@ -250,22 +236,9 @@ static void init_once(void) {
   }
 #endif  // USE_NR_getrandom
 
-#if defined(OPENSSL_APPLE)
-  // To get system randomness on MacOS and iOS we use |CCRandomGenerateBytes|
-  // function provided by Apple rather than /dev/urandom or |getentropy|
-  // function which is available on MacOS but not on iOS.
-  return;
-#endif
-
-#if defined(OPENSSL_OPENBSD)
-  // To get system randomness on OpenBSD we use |arc4random_buf| function
-  // which is recommended to use for C APIs rather then /dev/urandom.
-  // See https://man.openbsd.org/arc4random.3
-  return;
-#endif
-
-#if defined(FREEBSD_GETRANDOM)
-  *urandom_fd_bss_get() = kHaveGetrandom;
+#if defined(OPENSSL_IOS)
+  // To get system randomness on iOS we use |CCRandomGenerateBytes| because
+  // |getentroopy| is not available.
   return;
 #endif
 
@@ -350,7 +323,7 @@ static void wait_for_entropy(void) {
   }
 
 #if defined(BORINGSSL_FIPS) && !defined(URANDOM_BLOCKS_FOR_ENTROPY) && \
-    !(defined(OPENSSL_APPLE) || defined(OPENSSL_OPENBSD)) // On MacOS, iOS, and OpenBSD we don't use /dev/urandom.
+    !defined(OPENSSL_IOS) // On iOS we don't use /dev/urandom.
 
   // In FIPS mode on platforms where urandom doesn't block at startup, we ensure
   // that the kernel has sufficient entropy before continuing. This is
@@ -399,30 +372,7 @@ static int fill_with_entropy(uint8_t *out, size_t len, int block, int seed) {
   }
 #endif
 
-#if defined(OPENSSL_MACOS)
-  // POSIX 2024 says unistd, but man page for macos says the former
-  #include <sys/random.h>
-  // To get system randomness on MacOS and iOS we use |CCRandomGenerateBytes|
-  // rather than |getentropy| and /dev/urandom.
-  // TODO at most can do 256 bytes
-  if (getentropy(out, len) == 0) {
-    return 1;
-  } else {
-    fprintf(stderr, "getentropy failed.\n");
-    abort();
-  }
-#endif
-
-#if defined(OPENSSL_OPENBSD)
-  #include <unistd.h>
-    // POSIX 2024 says the latter, but man page for macos says the former
-  // Return value is void, no error to check
-  // TODO at most can do 256 bytes
-  getentropy(out, len);
-  return 1;
-#endif
-
-#if defined(USE_NR_getrandom) || defined(FREEBSD_GETRANDOM)
+#if defined(USE_NR_getrandom)
   int getrandom_flags = 0;
   if (!block) {
     getrandom_flags |= GRND_NONBLOCK;
@@ -449,8 +399,6 @@ static int fill_with_entropy(uint8_t *out, size_t len, int block, int seed) {
     if (*urandom_fd_bss_get() == kHaveGetrandom) {
 #if defined(USE_NR_getrandom)
       r = boringssl_getrandom(out, len, getrandom_flags);
-#elif defined(FREEBSD_GETRANDOM)
-      r = getrandom(out, len, getrandom_flags);
 #else  // USE_NR_getrandom
       fprintf(stderr, "urandom fd corrupt.\n");
       abort();

crypto/fipsmodule/rand/urandom_test.cc

@@ -22,7 +22,8 @@
 #include "internal.h"
 #include "../../ube/snapsafe_detect.h"
 
-#if defined(OPENSSL_X86_64) && !defined(BORINGSSL_SHARED_LIBRARY) && \
+#if defined(OPENSSL_RAND_URANDOM) && defined(OPENSSL_X86_64) && \
+    !defined(BORINGSSL_SHARED_LIBRARY) && \
     !defined(BORINGSSL_UNSAFE_DETERMINISTIC_MODE) && \
     defined(USE_NR_getrandom) && !defined(AWSLC_SNAPSAFE_TESTING)
 

crypto/rand_extra/getentropy.c

@@ -0,0 +1,48 @@
+// Copyright Amazon.com Inc. or its affiliates. All Rights Reserved.
+// SPDX-License-Identifier: Apache-2.0 OR ISC
+
+#if !defined(_DEFAULT_SOURCE)
+// Needed for getentropy on musl and glibc per man pages.
+#define _DEFAULT_SOURCE
+#endif
+
+#include <openssl/rand.h>
+
+#include "../fipsmodule/rand/internal.h"
+
+#if defined(OPENSSL_RAND_GETENTROPY)
+
+#include <limits.h>
+#include <stdio.h>
+#include <stdlib.h>
+#include <unistd.h>
+
+#if defined(OPENSSL_MACOS)
+// MacOS does not declare getentropy in uinstd.h like other OS's. 
+#include <sys/random.h>
+#endif
+
+#if !defined(GETENTROPY_MAX)
+// Per POSIX 2024
+// https://pubs.opengroup.org/onlinepubs/9799919799/functions/getentropy.html
+#define GETENTROPY_MAX 256
+#endif
+
+void CRYPTO_sysrand(uint8_t *out, size_t requested) {
+  // getentropy max request size is GETENTROPY_MAX.
+  while (requested > 0) {
+    size_t request_chunk = (requested > GETENTROPY_MAX) ? GETENTROPY_MAX : requested;
+    if (getentropy(out, request_chunk) != 0) {
+      fprintf(stderr, "getentropy failed.\n");
+      abort();
+    }
+    requested -= request_chunk;
+    out += request_chunk;
+  }
+}
+
+void CRYPTO_sysrand_for_seed(uint8_t *out, size_t requested) {
+  CRYPTO_sysrand(out, requested);
+}
+
+#endif

include/openssl/target.h

@@ -80,9 +80,6 @@
 
 #if defined(__APPLE__)
 #define OPENSSL_APPLE
-#endif
-
-#if defined(__APPLE__)
 // Note |TARGET_OS_MAC| is set for all Apple OS variants. |TARGET_OS_OSX|
 // targets macOS specifically.
 #if defined(TARGET_OS_OSX) && TARGET_OS_OSX