1*12929SMisaki.Miyashita@Oracle.COM /*
2*12929SMisaki.Miyashita@Oracle.COM * CDDL HEADER START
3*12929SMisaki.Miyashita@Oracle.COM *
4*12929SMisaki.Miyashita@Oracle.COM * The contents of this file are subject to the terms of the
5*12929SMisaki.Miyashita@Oracle.COM * Common Development and Distribution License (the "License").
6*12929SMisaki.Miyashita@Oracle.COM * You may not use this file except in compliance with the License.
7*12929SMisaki.Miyashita@Oracle.COM *
8*12929SMisaki.Miyashita@Oracle.COM * You can obtain a copy of the license at usr/src/OPENSOLARIS.LICENSE
9*12929SMisaki.Miyashita@Oracle.COM * or http://www.opensolaris.org/os/licensing.
10*12929SMisaki.Miyashita@Oracle.COM * See the License for the specific language governing permissions
11*12929SMisaki.Miyashita@Oracle.COM * and limitations under the License.
12*12929SMisaki.Miyashita@Oracle.COM *
13*12929SMisaki.Miyashita@Oracle.COM * When distributing Covered Code, include this CDDL HEADER in each
14*12929SMisaki.Miyashita@Oracle.COM * file and include the License file at usr/src/OPENSOLARIS.LICENSE.
15*12929SMisaki.Miyashita@Oracle.COM * If applicable, add the following below this CDDL HEADER, with the
16*12929SMisaki.Miyashita@Oracle.COM * fields enclosed by brackets "[]" replaced with your own identifying
17*12929SMisaki.Miyashita@Oracle.COM * information: Portions Copyright [yyyy] [name of copyright owner]
18*12929SMisaki.Miyashita@Oracle.COM *
19*12929SMisaki.Miyashita@Oracle.COM * CDDL HEADER END
20*12929SMisaki.Miyashita@Oracle.COM */
21*12929SMisaki.Miyashita@Oracle.COM
22*12929SMisaki.Miyashita@Oracle.COM /*
23*12929SMisaki.Miyashita@Oracle.COM * Copyright (c) 2010, Oracle and/or its affiliates. All rights reserved.
24*12929SMisaki.Miyashita@Oracle.COM */
25*12929SMisaki.Miyashita@Oracle.COM
26*12929SMisaki.Miyashita@Oracle.COM #include <sys/types.h>
27*12929SMisaki.Miyashita@Oracle.COM #include <sys/param.h>
28*12929SMisaki.Miyashita@Oracle.COM #include <sys/errno.h>
29*12929SMisaki.Miyashita@Oracle.COM #include <sys/kmem.h>
30*12929SMisaki.Miyashita@Oracle.COM #include <sys/systm.h>
31*12929SMisaki.Miyashita@Oracle.COM #include <sys/sha1.h>
32*12929SMisaki.Miyashita@Oracle.COM #include <sys/crypto/common.h>
33*12929SMisaki.Miyashita@Oracle.COM #include <sys/cmn_err.h>
34*12929SMisaki.Miyashita@Oracle.COM #include <rng/fips_random.h>
35*12929SMisaki.Miyashita@Oracle.COM
36*12929SMisaki.Miyashita@Oracle.COM
37*12929SMisaki.Miyashita@Oracle.COM int
n2rng_fips_rng_post(void)38*12929SMisaki.Miyashita@Oracle.COM n2rng_fips_rng_post(void)
39*12929SMisaki.Miyashita@Oracle.COM {
40*12929SMisaki.Miyashita@Oracle.COM static uint8_t XKeyValue[] = {
41*12929SMisaki.Miyashita@Oracle.COM 0x80, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
42*12929SMisaki.Miyashita@Oracle.COM 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
43*12929SMisaki.Miyashita@Oracle.COM 0x00, 0x00, 0x00, 0x00
44*12929SMisaki.Miyashita@Oracle.COM };
45*12929SMisaki.Miyashita@Oracle.COM
46*12929SMisaki.Miyashita@Oracle.COM static uint8_t XSeed[] = {
47*12929SMisaki.Miyashita@Oracle.COM 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
48*12929SMisaki.Miyashita@Oracle.COM 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
49*12929SMisaki.Miyashita@Oracle.COM 0x00, 0x00, 0x00, 0x00
50*12929SMisaki.Miyashita@Oracle.COM };
51*12929SMisaki.Miyashita@Oracle.COM
52*12929SMisaki.Miyashita@Oracle.COM static uint8_t rng_known_GENX[] = {
53*12929SMisaki.Miyashita@Oracle.COM 0xda, 0x39, 0xa3, 0xee, 0x5e, 0x6b, 0x4b, 0x0d,
54*12929SMisaki.Miyashita@Oracle.COM 0x32, 0x55, 0xbf, 0xef, 0x95, 0x60, 0x18, 0x90,
55*12929SMisaki.Miyashita@Oracle.COM 0xaf, 0xd8, 0x07, 0x09
56*12929SMisaki.Miyashita@Oracle.COM };
57*12929SMisaki.Miyashita@Oracle.COM
58*12929SMisaki.Miyashita@Oracle.COM uint8_t GENX[SHA1_HASH_SIZE];
59*12929SMisaki.Miyashita@Oracle.COM uint8_t XKey[SHA1_HASH_SIZE];
60*12929SMisaki.Miyashita@Oracle.COM
61*12929SMisaki.Miyashita@Oracle.COM (void) memcpy(XKey, XKeyValue, SHA1_HASH_SIZE);
62*12929SMisaki.Miyashita@Oracle.COM
63*12929SMisaki.Miyashita@Oracle.COM /* Generate X with a known seed. */
64*12929SMisaki.Miyashita@Oracle.COM fips_random_inner(
65*12929SMisaki.Miyashita@Oracle.COM (uint32_t *)(void *)XKey,
66*12929SMisaki.Miyashita@Oracle.COM (uint32_t *)(void *)GENX,
67*12929SMisaki.Miyashita@Oracle.COM (uint32_t *)(void *)XSeed);
68*12929SMisaki.Miyashita@Oracle.COM
69*12929SMisaki.Miyashita@Oracle.COM /* Verify GENX to perform the RNG integrity check */
70*12929SMisaki.Miyashita@Oracle.COM if ((memcmp(GENX, rng_known_GENX, (SHA1_HASH_SIZE)) != 0))
71*12929SMisaki.Miyashita@Oracle.COM return (CRYPTO_DEVICE_ERROR);
72*12929SMisaki.Miyashita@Oracle.COM else
73*12929SMisaki.Miyashita@Oracle.COM return (CRYPTO_SUCCESS);
74*12929SMisaki.Miyashita@Oracle.COM }
75