Elijah P
CyaSSL changed for NucleoF401RE board: implemented random and time functions for build. (Has trouble with wildcard domains like *.google.com, *.yahoo.com)
ctaocrypt/src/random.c@4:e505054279ed, 2015-01-14 (annotated)
- Committer:
- Vanger
- Date:
- Wed Jan 14 22:07:14 2015 +0000
- Revision:
- 4:e505054279ed
- Parent:
- 0:1239e9b70ca2
Implemented some platform specific functions in the Cyassl library code: time functions, seed random functions, and also changed the settings.h file to define settings specific to the platform being used
Who changed what in which revision?
| User | Revision | Line number | New contents of line |
|---|---|---|---|
| Vanger | 4:e505054279ed | 1 | /* random.c |
| Vanger | 4:e505054279ed | 2 | * |
| Vanger | 4:e505054279ed | 3 | * Copyright (C) 2006-2014 wolfSSL Inc. |
| Vanger | 4:e505054279ed | 4 | * |
| Vanger | 4:e505054279ed | 5 | * This file is part of CyaSSL. |
| Vanger | 4:e505054279ed | 6 | * |
| Vanger | 4:e505054279ed | 7 | * CyaSSL is free software; you can redistribute it and/or modify |
| Vanger | 4:e505054279ed | 8 | * it under the terms of the GNU General Public License as published by |
| Vanger | 4:e505054279ed | 9 | * the Free Software Foundation; either version 2 of the License, or |
| Vanger | 4:e505054279ed | 10 | * (at your option) any later version. |
| Vanger | 4:e505054279ed | 11 | * |
| Vanger | 4:e505054279ed | 12 | * CyaSSL is distributed in the hope that it will be useful, |
| Vanger | 4:e505054279ed | 13 | * but WITHOUT ANY WARRANTY; without even the implied warranty of |
| Vanger | 4:e505054279ed | 14 | * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the |
| Vanger | 4:e505054279ed | 15 | * GNU General Public License for more details. |
| Vanger | 4:e505054279ed | 16 | * |
| Vanger | 4:e505054279ed | 17 | * You should have received a copy of the GNU General Public License |
| Vanger | 4:e505054279ed | 18 | * along with this program; if not, write to the Free Software |
| Vanger | 4:e505054279ed | 19 | * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA |
| Vanger | 4:e505054279ed | 20 | */ |
| Vanger | 4:e505054279ed | 21 | |
| Vanger | 4:e505054279ed | 22 | #ifdef HAVE_CONFIG_H |
| Vanger | 4:e505054279ed | 23 | #include <config.h> |
| Vanger | 4:e505054279ed | 24 | #endif |
| Vanger | 4:e505054279ed | 25 | |
| Vanger | 4:e505054279ed | 26 | #include <cyassl/ctaocrypt/settings.h> |
| Vanger | 4:e505054279ed | 27 | |
| Vanger | 4:e505054279ed | 28 | /* on HPUX 11 you may need to install /dev/random see |
| Vanger | 4:e505054279ed | 29 | http://h20293.www2.hp.com/portal/swdepot/displayProductInfo.do?productNumber=KRNG11I |
| Vanger | 4:e505054279ed | 30 | |
| Vanger | 4:e505054279ed | 31 | */ |
| Vanger | 4:e505054279ed | 32 | |
| Vanger | 4:e505054279ed | 33 | #include <cyassl/ctaocrypt/random.h> |
| Vanger | 4:e505054279ed | 34 | #include <cyassl/ctaocrypt/error-crypt.h> |
| Vanger | 4:e505054279ed | 35 | |
| Vanger | 4:e505054279ed | 36 | #ifdef NO_RC4 |
| Vanger | 4:e505054279ed | 37 | #include <cyassl/ctaocrypt/sha256.h> |
| Vanger | 4:e505054279ed | 38 | |
| Vanger | 4:e505054279ed | 39 | #ifdef NO_INLINE |
| Vanger | 4:e505054279ed | 40 | #include <cyassl/ctaocrypt/misc.h> |
| Vanger | 4:e505054279ed | 41 | #else |
| Vanger | 4:e505054279ed | 42 | #define MISC_DUMM_FUNC misc_dummy_random |
| Vanger | 4:e505054279ed | 43 | #include <ctaocrypt/src/misc.c> |
| Vanger | 4:e505054279ed | 44 | #endif |
| Vanger | 4:e505054279ed | 45 | #endif |
| Vanger | 4:e505054279ed | 46 | |
| Vanger | 4:e505054279ed | 47 | #if defined(USE_WINDOWS_API) |
| Vanger | 4:e505054279ed | 48 | #ifndef _WIN32_WINNT |
| Vanger | 4:e505054279ed | 49 | #define _WIN32_WINNT 0x0400 |
| Vanger | 4:e505054279ed | 50 | #endif |
| Vanger | 4:e505054279ed | 51 | #include <windows.h> |
| Vanger | 4:e505054279ed | 52 | #include <wincrypt.h> |
| Vanger | 4:e505054279ed | 53 | #else |
| Vanger | 4:e505054279ed | 54 | #if !defined(NO_DEV_RANDOM) && !defined(CYASSL_MDK_ARM) \ |
| Vanger | 4:e505054279ed | 55 | && !defined(CYASSL_IAR_ARM) |
| Vanger | 4:e505054279ed | 56 | #include <fcntl.h> |
| Vanger | 4:e505054279ed | 57 | #ifndef EBSNET |
| Vanger | 4:e505054279ed | 58 | #include <unistd.h> |
| Vanger | 4:e505054279ed | 59 | #endif |
| Vanger | 4:e505054279ed | 60 | #else |
| Vanger | 4:e505054279ed | 61 | /* include headers that may be needed to get good seed */ |
| Vanger | 4:e505054279ed | 62 | #endif |
| Vanger | 4:e505054279ed | 63 | #endif /* USE_WINDOWS_API */ |
| Vanger | 4:e505054279ed | 64 | |
| Vanger | 4:e505054279ed | 65 | |
| Vanger | 4:e505054279ed | 66 | #ifdef NO_RC4 |
| Vanger | 4:e505054279ed | 67 | |
| Vanger | 4:e505054279ed | 68 | /* Start NIST DRBG code */ |
| Vanger | 4:e505054279ed | 69 | |
| Vanger | 4:e505054279ed | 70 | #define OUTPUT_BLOCK_LEN (256/8) |
| Vanger | 4:e505054279ed | 71 | #define MAX_REQUEST_LEN (0x1000) |
| Vanger | 4:e505054279ed | 72 | #define MAX_STRING_LEN (0x100000000) |
| Vanger | 4:e505054279ed | 73 | #define RESEED_MAX (0x100000000000LL) |
| Vanger | 4:e505054279ed | 74 | #define ENTROPY_SZ 256 |
| Vanger | 4:e505054279ed | 75 | |
| Vanger | 4:e505054279ed | 76 | #define DBRG_SUCCESS 0 |
| Vanger | 4:e505054279ed | 77 | #define DBRG_ERROR 1 |
| Vanger | 4:e505054279ed | 78 | #define DBRG_NEED_RESEED 2 |
| Vanger | 4:e505054279ed | 79 | |
| Vanger | 4:e505054279ed | 80 | |
| Vanger | 4:e505054279ed | 81 | enum { |
| Vanger | 4:e505054279ed | 82 | dbrgInitC = 0, |
| Vanger | 4:e505054279ed | 83 | dbrgReseed = 1, |
| Vanger | 4:e505054279ed | 84 | dbrgGenerateW = 2, |
| Vanger | 4:e505054279ed | 85 | dbrgGenerateH = 3, |
| Vanger | 4:e505054279ed | 86 | dbrgInitV |
| Vanger | 4:e505054279ed | 87 | }; |
| Vanger | 4:e505054279ed | 88 | |
| Vanger | 4:e505054279ed | 89 | |
| Vanger | 4:e505054279ed | 90 | static int Hash_df(RNG* rng, byte* out, word32 outSz, byte type, byte* inA, word32 inASz, |
| Vanger | 4:e505054279ed | 91 | byte* inB, word32 inBSz, byte* inC, word32 inCSz) |
| Vanger | 4:e505054279ed | 92 | { |
| Vanger | 4:e505054279ed | 93 | byte ctr; |
| Vanger | 4:e505054279ed | 94 | int i; |
| Vanger | 4:e505054279ed | 95 | int len; |
| Vanger | 4:e505054279ed | 96 | word32 bits = (outSz * 8); /* reverse byte order */ |
| Vanger | 4:e505054279ed | 97 | |
| Vanger | 4:e505054279ed | 98 | #ifdef LITTLE_ENDIAN_ORDER |
| Vanger | 4:e505054279ed | 99 | bits = ByteReverseWord32(bits); |
| Vanger | 4:e505054279ed | 100 | #endif |
| Vanger | 4:e505054279ed | 101 | len = (outSz / SHA256_DIGEST_SIZE) |
| Vanger | 4:e505054279ed | 102 | + ((outSz % SHA256_DIGEST_SIZE) ? 1 : 0); |
| Vanger | 4:e505054279ed | 103 | |
| Vanger | 4:e505054279ed | 104 | for (i = 0, ctr = 1; i < len; i++, ctr++) |
| Vanger | 4:e505054279ed | 105 | { |
| Vanger | 4:e505054279ed | 106 | if (InitSha256(&rng->sha) != 0) |
| Vanger | 4:e505054279ed | 107 | return DBRG_ERROR; |
| Vanger | 4:e505054279ed | 108 | |
| Vanger | 4:e505054279ed | 109 | if (Sha256Update(&rng->sha, &ctr, sizeof(ctr)) != 0) |
| Vanger | 4:e505054279ed | 110 | return DBRG_ERROR; |
| Vanger | 4:e505054279ed | 111 | |
| Vanger | 4:e505054279ed | 112 | if (Sha256Update(&rng->sha, (byte*)&bits, sizeof(bits)) != 0) |
| Vanger | 4:e505054279ed | 113 | return DBRG_ERROR; |
| Vanger | 4:e505054279ed | 114 | |
| Vanger | 4:e505054279ed | 115 | /* churning V is the only string that doesn't have |
| Vanger | 4:e505054279ed | 116 | * the type added */ |
| Vanger | 4:e505054279ed | 117 | if (type != dbrgInitV) |
| Vanger | 4:e505054279ed | 118 | if (Sha256Update(&rng->sha, &type, sizeof(type)) != 0) |
| Vanger | 4:e505054279ed | 119 | return DBRG_ERROR; |
| Vanger | 4:e505054279ed | 120 | |
| Vanger | 4:e505054279ed | 121 | if (Sha256Update(&rng->sha, inA, inASz) != 0) |
| Vanger | 4:e505054279ed | 122 | return DBRG_ERROR; |
| Vanger | 4:e505054279ed | 123 | |
| Vanger | 4:e505054279ed | 124 | if (inB != NULL && inBSz > 0) |
| Vanger | 4:e505054279ed | 125 | if (Sha256Update(&rng->sha, inB, inBSz) != 0) |
| Vanger | 4:e505054279ed | 126 | return DBRG_ERROR; |
| Vanger | 4:e505054279ed | 127 | |
| Vanger | 4:e505054279ed | 128 | if (inC != NULL && inCSz > 0) |
| Vanger | 4:e505054279ed | 129 | if (Sha256Update(&rng->sha, inC, inCSz) != 0) |
| Vanger | 4:e505054279ed | 130 | return DBRG_ERROR; |
| Vanger | 4:e505054279ed | 131 | |
| Vanger | 4:e505054279ed | 132 | if (Sha256Final(&rng->sha, rng->digest) != 0) |
| Vanger | 4:e505054279ed | 133 | return DBRG_ERROR; |
| Vanger | 4:e505054279ed | 134 | |
| Vanger | 4:e505054279ed | 135 | if (outSz > SHA256_DIGEST_SIZE) { |
| Vanger | 4:e505054279ed | 136 | XMEMCPY(out, rng->digest, SHA256_DIGEST_SIZE); |
| Vanger | 4:e505054279ed | 137 | outSz -= SHA256_DIGEST_SIZE; |
| Vanger | 4:e505054279ed | 138 | out += SHA256_DIGEST_SIZE; |
| Vanger | 4:e505054279ed | 139 | } |
| Vanger | 4:e505054279ed | 140 | else { |
| Vanger | 4:e505054279ed | 141 | XMEMCPY(out, rng->digest, outSz); |
| Vanger | 4:e505054279ed | 142 | } |
| Vanger | 4:e505054279ed | 143 | } |
| Vanger | 4:e505054279ed | 144 | |
| Vanger | 4:e505054279ed | 145 | return DBRG_SUCCESS; |
| Vanger | 4:e505054279ed | 146 | } |
| Vanger | 4:e505054279ed | 147 | |
| Vanger | 4:e505054279ed | 148 | |
| Vanger | 4:e505054279ed | 149 | static int Hash_DBRG_Reseed(RNG* rng, byte* entropy, word32 entropySz) |
| Vanger | 4:e505054279ed | 150 | { |
| Vanger | 4:e505054279ed | 151 | int ret; |
| Vanger | 4:e505054279ed | 152 | byte seed[DBRG_SEED_LEN]; |
| Vanger | 4:e505054279ed | 153 | |
| Vanger | 4:e505054279ed | 154 | ret = Hash_df(rng, seed, sizeof(seed), dbrgInitV, rng->V, sizeof(rng->V), |
| Vanger | 4:e505054279ed | 155 | entropy, entropySz, NULL, 0); |
| Vanger | 4:e505054279ed | 156 | if (ret != 0) |
| Vanger | 4:e505054279ed | 157 | return ret; |
| Vanger | 4:e505054279ed | 158 | |
| Vanger | 4:e505054279ed | 159 | XMEMCPY(rng->V, seed, sizeof(rng->V)); |
| Vanger | 4:e505054279ed | 160 | XMEMSET(seed, 0, sizeof(seed)); |
| Vanger | 4:e505054279ed | 161 | |
| Vanger | 4:e505054279ed | 162 | ret = Hash_df(rng, rng->C, sizeof(rng->C), dbrgInitC, rng->V, |
| Vanger | 4:e505054279ed | 163 | sizeof(rng->V), NULL, 0, NULL, 0); |
| Vanger | 4:e505054279ed | 164 | if (ret != 0) |
| Vanger | 4:e505054279ed | 165 | return ret; |
| Vanger | 4:e505054279ed | 166 | |
| Vanger | 4:e505054279ed | 167 | rng->reseed_ctr = 1; |
| Vanger | 4:e505054279ed | 168 | return 0; |
| Vanger | 4:e505054279ed | 169 | } |
| Vanger | 4:e505054279ed | 170 | |
| Vanger | 4:e505054279ed | 171 | static INLINE void array_add_one(byte* data, word32 dataSz) |
| Vanger | 4:e505054279ed | 172 | { |
| Vanger | 4:e505054279ed | 173 | int i; |
| Vanger | 4:e505054279ed | 174 | |
| Vanger | 4:e505054279ed | 175 | for (i = dataSz - 1; i >= 0; i--) |
| Vanger | 4:e505054279ed | 176 | { |
| Vanger | 4:e505054279ed | 177 | data[i]++; |
| Vanger | 4:e505054279ed | 178 | if (data[i] != 0) break; |
| Vanger | 4:e505054279ed | 179 | } |
| Vanger | 4:e505054279ed | 180 | } |
| Vanger | 4:e505054279ed | 181 | |
| Vanger | 4:e505054279ed | 182 | static int Hash_gen(RNG* rng, byte* out, word32 outSz, byte* V) |
| Vanger | 4:e505054279ed | 183 | { |
| Vanger | 4:e505054279ed | 184 | byte data[DBRG_SEED_LEN]; |
| Vanger | 4:e505054279ed | 185 | int i, ret; |
| Vanger | 4:e505054279ed | 186 | int len = (outSz / SHA256_DIGEST_SIZE) |
| Vanger | 4:e505054279ed | 187 | + ((outSz % SHA256_DIGEST_SIZE) ? 1 : 0); |
| Vanger | 4:e505054279ed | 188 | |
| Vanger | 4:e505054279ed | 189 | XMEMCPY(data, V, sizeof(data)); |
| Vanger | 4:e505054279ed | 190 | for (i = 0; i < len; i++) { |
| Vanger | 4:e505054279ed | 191 | ret = InitSha256(&rng->sha); |
| Vanger | 4:e505054279ed | 192 | if (ret != 0) |
| Vanger | 4:e505054279ed | 193 | return ret; |
| Vanger | 4:e505054279ed | 194 | |
| Vanger | 4:e505054279ed | 195 | ret = Sha256Update(&rng->sha, data, sizeof(data)); |
| Vanger | 4:e505054279ed | 196 | if (ret != 0) |
| Vanger | 4:e505054279ed | 197 | return ret; |
| Vanger | 4:e505054279ed | 198 | |
| Vanger | 4:e505054279ed | 199 | ret = Sha256Final(&rng->sha, rng->digest); |
| Vanger | 4:e505054279ed | 200 | if (ret != 0) |
| Vanger | 4:e505054279ed | 201 | return ret; |
| Vanger | 4:e505054279ed | 202 | |
| Vanger | 4:e505054279ed | 203 | if (outSz > SHA256_DIGEST_SIZE) { |
| Vanger | 4:e505054279ed | 204 | XMEMCPY(out, rng->digest, SHA256_DIGEST_SIZE); |
| Vanger | 4:e505054279ed | 205 | outSz -= SHA256_DIGEST_SIZE; |
| Vanger | 4:e505054279ed | 206 | out += SHA256_DIGEST_SIZE; |
| Vanger | 4:e505054279ed | 207 | array_add_one(data, DBRG_SEED_LEN); |
| Vanger | 4:e505054279ed | 208 | } |
| Vanger | 4:e505054279ed | 209 | else { |
| Vanger | 4:e505054279ed | 210 | XMEMCPY(out, rng->digest, outSz); |
| Vanger | 4:e505054279ed | 211 | } |
| Vanger | 4:e505054279ed | 212 | } |
| Vanger | 4:e505054279ed | 213 | XMEMSET(data, 0, sizeof(data)); |
| Vanger | 4:e505054279ed | 214 | |
| Vanger | 4:e505054279ed | 215 | return 0; |
| Vanger | 4:e505054279ed | 216 | } |
| Vanger | 4:e505054279ed | 217 | |
| Vanger | 4:e505054279ed | 218 | |
| Vanger | 4:e505054279ed | 219 | static INLINE void array_add(byte* d, word32 dLen, byte* s, word32 sLen) |
| Vanger | 4:e505054279ed | 220 | { |
| Vanger | 4:e505054279ed | 221 | word16 carry = 0; |
| Vanger | 4:e505054279ed | 222 | |
| Vanger | 4:e505054279ed | 223 | if (dLen > 0 && sLen > 0 && dLen >= sLen) { |
| Vanger | 4:e505054279ed | 224 | int sIdx, dIdx; |
| Vanger | 4:e505054279ed | 225 | |
| Vanger | 4:e505054279ed | 226 | for (sIdx = sLen - 1, dIdx = dLen - 1; sIdx >= 0; dIdx--, sIdx--) |
| Vanger | 4:e505054279ed | 227 | { |
| Vanger | 4:e505054279ed | 228 | carry += d[dIdx] + s[sIdx]; |
| Vanger | 4:e505054279ed | 229 | d[dIdx] = carry; |
| Vanger | 4:e505054279ed | 230 | carry >>= 8; |
| Vanger | 4:e505054279ed | 231 | } |
| Vanger | 4:e505054279ed | 232 | if (dIdx > 0) |
| Vanger | 4:e505054279ed | 233 | d[dIdx] += carry; |
| Vanger | 4:e505054279ed | 234 | } |
| Vanger | 4:e505054279ed | 235 | } |
| Vanger | 4:e505054279ed | 236 | |
| Vanger | 4:e505054279ed | 237 | |
| Vanger | 4:e505054279ed | 238 | static int Hash_DBRG_Generate(RNG* rng, byte* out, word32 outSz) |
| Vanger | 4:e505054279ed | 239 | { |
| Vanger | 4:e505054279ed | 240 | int ret; |
| Vanger | 4:e505054279ed | 241 | |
| Vanger | 4:e505054279ed | 242 | if (rng->reseed_ctr != RESEED_MAX) { |
| Vanger | 4:e505054279ed | 243 | byte type = dbrgGenerateH; |
| Vanger | 4:e505054279ed | 244 | |
| Vanger | 4:e505054279ed | 245 | if (Hash_gen(rng, out, outSz, rng->V) != 0) |
| Vanger | 4:e505054279ed | 246 | return DBRG_ERROR; |
| Vanger | 4:e505054279ed | 247 | if (InitSha256(&rng->sha) != 0) |
| Vanger | 4:e505054279ed | 248 | return DBRG_ERROR; |
| Vanger | 4:e505054279ed | 249 | if (Sha256Update(&rng->sha, &type, sizeof(type)) != 0) |
| Vanger | 4:e505054279ed | 250 | return DBRG_ERROR; |
| Vanger | 4:e505054279ed | 251 | if (Sha256Update(&rng->sha, rng->V, sizeof(rng->V)) != 0) |
| Vanger | 4:e505054279ed | 252 | return DBRG_ERROR; |
| Vanger | 4:e505054279ed | 253 | if (Sha256Final(&rng->sha, rng->digest) != 0) |
| Vanger | 4:e505054279ed | 254 | return DBRG_ERROR; |
| Vanger | 4:e505054279ed | 255 | |
| Vanger | 4:e505054279ed | 256 | array_add(rng->V, sizeof(rng->V), rng->digest, sizeof(rng->digest)); |
| Vanger | 4:e505054279ed | 257 | array_add(rng->V, sizeof(rng->V), rng->C, sizeof(rng->C)); |
| Vanger | 4:e505054279ed | 258 | array_add(rng->V, sizeof(rng->V), |
| Vanger | 4:e505054279ed | 259 | (byte*)&rng->reseed_ctr, sizeof(rng->reseed_ctr)); |
| Vanger | 4:e505054279ed | 260 | rng->reseed_ctr++; |
| Vanger | 4:e505054279ed | 261 | ret = DBRG_SUCCESS; |
| Vanger | 4:e505054279ed | 262 | } |
| Vanger | 4:e505054279ed | 263 | else { |
| Vanger | 4:e505054279ed | 264 | ret = DBRG_NEED_RESEED; |
| Vanger | 4:e505054279ed | 265 | } |
| Vanger | 4:e505054279ed | 266 | return ret; |
| Vanger | 4:e505054279ed | 267 | } |
| Vanger | 4:e505054279ed | 268 | |
| Vanger | 4:e505054279ed | 269 | |
| Vanger | 4:e505054279ed | 270 | static int Hash_DBRG_Instantiate(RNG* rng, byte* seed, word32 seedSz) |
| Vanger | 4:e505054279ed | 271 | { |
| Vanger | 4:e505054279ed | 272 | int ret; |
| Vanger | 4:e505054279ed | 273 | |
| Vanger | 4:e505054279ed | 274 | XMEMSET(rng, 0, sizeof(*rng)); |
| Vanger | 4:e505054279ed | 275 | ret = Hash_df(rng, rng->V, sizeof(rng->V), dbrgInitV, seed, seedSz, NULL, 0, |
| Vanger | 4:e505054279ed | 276 | NULL, 0); |
| Vanger | 4:e505054279ed | 277 | if (ret != 0) |
| Vanger | 4:e505054279ed | 278 | return ret; |
| Vanger | 4:e505054279ed | 279 | |
| Vanger | 4:e505054279ed | 280 | ret = Hash_df(rng, rng->C, sizeof(rng->C), dbrgInitC, rng->V, |
| Vanger | 4:e505054279ed | 281 | sizeof(rng->V), NULL, 0, NULL, 0); |
| Vanger | 4:e505054279ed | 282 | if (ret != 0) |
| Vanger | 4:e505054279ed | 283 | return ret; |
| Vanger | 4:e505054279ed | 284 | |
| Vanger | 4:e505054279ed | 285 | rng->reseed_ctr = 1; |
| Vanger | 4:e505054279ed | 286 | |
| Vanger | 4:e505054279ed | 287 | return 0; |
| Vanger | 4:e505054279ed | 288 | } |
| Vanger | 4:e505054279ed | 289 | |
| Vanger | 4:e505054279ed | 290 | |
| Vanger | 4:e505054279ed | 291 | static int Hash_DBRG_Uninstantiate(RNG* rng) |
| Vanger | 4:e505054279ed | 292 | { |
| Vanger | 4:e505054279ed | 293 | int result = DBRG_ERROR; |
| Vanger | 4:e505054279ed | 294 | |
| Vanger | 4:e505054279ed | 295 | if (rng != NULL) { |
| Vanger | 4:e505054279ed | 296 | XMEMSET(rng, 0, sizeof(*rng)); |
| Vanger | 4:e505054279ed | 297 | result = DBRG_SUCCESS; |
| Vanger | 4:e505054279ed | 298 | } |
| Vanger | 4:e505054279ed | 299 | |
| Vanger | 4:e505054279ed | 300 | return result; |
| Vanger | 4:e505054279ed | 301 | } |
| Vanger | 4:e505054279ed | 302 | |
| Vanger | 4:e505054279ed | 303 | /* End NIST DRBG Code */ |
| Vanger | 4:e505054279ed | 304 | |
| Vanger | 4:e505054279ed | 305 | |
| Vanger | 4:e505054279ed | 306 | |
| Vanger | 4:e505054279ed | 307 | /* Get seed and key cipher */ |
| Vanger | 4:e505054279ed | 308 | int InitRng(RNG* rng) |
| Vanger | 4:e505054279ed | 309 | { |
| Vanger | 4:e505054279ed | 310 | #ifdef CYASSL_SMALL_STACK |
| Vanger | 4:e505054279ed | 311 | byte* entropy; |
| Vanger | 4:e505054279ed | 312 | #else |
| Vanger | 4:e505054279ed | 313 | byte entropy[ENTROPY_SZ]; |
| Vanger | 4:e505054279ed | 314 | #endif |
| Vanger | 4:e505054279ed | 315 | int ret = DBRG_ERROR; |
| Vanger | 4:e505054279ed | 316 | |
| Vanger | 4:e505054279ed | 317 | #ifdef CYASSL_SMALL_STACK |
| Vanger | 4:e505054279ed | 318 | entropy = (byte*)XMALLOC(ENTROPY_SZ, NULL, DYNAMIC_TYPE_TMP_BUFFER); |
| Vanger | 4:e505054279ed | 319 | if (entropy == NULL) |
| Vanger | 4:e505054279ed | 320 | return MEMORY_E; |
| Vanger | 4:e505054279ed | 321 | #endif |
| Vanger | 4:e505054279ed | 322 | |
| Vanger | 4:e505054279ed | 323 | if (GenerateSeed(&rng->seed, entropy, ENTROPY_SZ) == 0) |
| Vanger | 4:e505054279ed | 324 | ret = Hash_DBRG_Instantiate(rng, entropy, ENTROPY_SZ); |
| Vanger | 4:e505054279ed | 325 | |
| Vanger | 4:e505054279ed | 326 | XMEMSET(entropy, 0, ENTROPY_SZ); |
| Vanger | 4:e505054279ed | 327 | |
| Vanger | 4:e505054279ed | 328 | #ifdef CYASSL_SMALL_STACK |
| Vanger | 4:e505054279ed | 329 | XFREE(entropy, NULL, DYNAMIC_TYPE_TMP_BUFFER); |
| Vanger | 4:e505054279ed | 330 | #endif |
| Vanger | 4:e505054279ed | 331 | |
| Vanger | 4:e505054279ed | 332 | return ret; |
| Vanger | 4:e505054279ed | 333 | } |
| Vanger | 4:e505054279ed | 334 | |
| Vanger | 4:e505054279ed | 335 | |
| Vanger | 4:e505054279ed | 336 | /* place a generated block in output */ |
| Vanger | 4:e505054279ed | 337 | int RNG_GenerateBlock(RNG* rng, byte* output, word32 sz) |
| Vanger | 4:e505054279ed | 338 | { |
| Vanger | 4:e505054279ed | 339 | int ret; |
| Vanger | 4:e505054279ed | 340 | |
| Vanger | 4:e505054279ed | 341 | XMEMSET(output, 0, sz); |
| Vanger | 4:e505054279ed | 342 | ret = Hash_DBRG_Generate(rng, output, sz); |
| Vanger | 4:e505054279ed | 343 | |
| Vanger | 4:e505054279ed | 344 | if (ret == DBRG_NEED_RESEED) { |
| Vanger | 4:e505054279ed | 345 | #ifdef CYASSL_SMALL_STACK |
| Vanger | 4:e505054279ed | 346 | byte* entropy; |
| Vanger | 4:e505054279ed | 347 | #else |
| Vanger | 4:e505054279ed | 348 | byte entropy[ENTROPY_SZ]; |
| Vanger | 4:e505054279ed | 349 | #endif |
| Vanger | 4:e505054279ed | 350 | |
| Vanger | 4:e505054279ed | 351 | #ifdef CYASSL_SMALL_STACK |
| Vanger | 4:e505054279ed | 352 | entropy = (byte*)XMALLOC(ENTROPY_SZ, NULL, DYNAMIC_TYPE_TMP_BUFFER); |
| Vanger | 4:e505054279ed | 353 | if (entropy == NULL) |
| Vanger | 4:e505054279ed | 354 | return MEMORY_E; |
| Vanger | 4:e505054279ed | 355 | #endif |
| Vanger | 4:e505054279ed | 356 | |
| Vanger | 4:e505054279ed | 357 | ret = GenerateSeed(&rng->seed, entropy, ENTROPY_SZ); |
| Vanger | 4:e505054279ed | 358 | if (ret == 0) { |
| Vanger | 4:e505054279ed | 359 | ret = Hash_DBRG_Reseed(rng, entropy, ENTROPY_SZ); |
| Vanger | 4:e505054279ed | 360 | |
| Vanger | 4:e505054279ed | 361 | if (ret == 0) |
| Vanger | 4:e505054279ed | 362 | ret = Hash_DBRG_Generate(rng, output, sz); |
| Vanger | 4:e505054279ed | 363 | } |
| Vanger | 4:e505054279ed | 364 | else |
| Vanger | 4:e505054279ed | 365 | ret = DBRG_ERROR; |
| Vanger | 4:e505054279ed | 366 | |
| Vanger | 4:e505054279ed | 367 | XMEMSET(entropy, 0, ENTROPY_SZ); |
| Vanger | 4:e505054279ed | 368 | |
| Vanger | 4:e505054279ed | 369 | #ifdef CYASSL_SMALL_STACK |
| Vanger | 4:e505054279ed | 370 | XFREE(entropy, NULL, DYNAMIC_TYPE_TMP_BUFFER); |
| Vanger | 4:e505054279ed | 371 | #endif |
| Vanger | 4:e505054279ed | 372 | } |
| Vanger | 4:e505054279ed | 373 | |
| Vanger | 4:e505054279ed | 374 | return ret; |
| Vanger | 4:e505054279ed | 375 | } |
| Vanger | 4:e505054279ed | 376 | |
| Vanger | 4:e505054279ed | 377 | |
| Vanger | 4:e505054279ed | 378 | int RNG_GenerateByte(RNG* rng, byte* b) |
| Vanger | 4:e505054279ed | 379 | { |
| Vanger | 4:e505054279ed | 380 | return RNG_GenerateBlock(rng, b, 1); |
| Vanger | 4:e505054279ed | 381 | } |
| Vanger | 4:e505054279ed | 382 | |
| Vanger | 4:e505054279ed | 383 | |
| Vanger | 4:e505054279ed | 384 | void FreeRng(RNG* rng) |
| Vanger | 4:e505054279ed | 385 | { |
| Vanger | 4:e505054279ed | 386 | Hash_DBRG_Uninstantiate(rng); |
| Vanger | 4:e505054279ed | 387 | } |
| Vanger | 4:e505054279ed | 388 | |
| Vanger | 4:e505054279ed | 389 | #else /* NO_RC4 */ |
| Vanger | 4:e505054279ed | 390 | |
| Vanger | 4:e505054279ed | 391 | /* Get seed and key cipher */ |
| Vanger | 4:e505054279ed | 392 | int InitRng(RNG* rng) |
| Vanger | 4:e505054279ed | 393 | { |
| Vanger | 4:e505054279ed | 394 | int ret; |
| Vanger | 4:e505054279ed | 395 | #ifdef CYASSL_SMALL_STACK |
| Vanger | 4:e505054279ed | 396 | byte* key; |
| Vanger | 4:e505054279ed | 397 | byte* junk; |
| Vanger | 4:e505054279ed | 398 | #else |
| Vanger | 4:e505054279ed | 399 | byte key[32]; |
| Vanger | 4:e505054279ed | 400 | byte junk[256]; |
| Vanger | 4:e505054279ed | 401 | #endif |
| Vanger | 4:e505054279ed | 402 | |
| Vanger | 4:e505054279ed | 403 | #ifdef HAVE_CAVIUM |
| Vanger | 4:e505054279ed | 404 | if (rng->magic == CYASSL_RNG_CAVIUM_MAGIC) |
| Vanger | 4:e505054279ed | 405 | return 0; |
| Vanger | 4:e505054279ed | 406 | #endif |
| Vanger | 4:e505054279ed | 407 | |
| Vanger | 4:e505054279ed | 408 | #ifdef CYASSL_SMALL_STACK |
| Vanger | 4:e505054279ed | 409 | key = (byte*)XMALLOC(32, NULL, DYNAMIC_TYPE_TMP_BUFFER); |
| Vanger | 4:e505054279ed | 410 | if (key == NULL) |
| Vanger | 4:e505054279ed | 411 | return MEMORY_E; |
| Vanger | 4:e505054279ed | 412 | |
| Vanger | 4:e505054279ed | 413 | junk = (byte*)XMALLOC(256, NULL, DYNAMIC_TYPE_TMP_BUFFER); |
| Vanger | 4:e505054279ed | 414 | if (junk == NULL) { |
| Vanger | 4:e505054279ed | 415 | XFREE(key, NULL, DYNAMIC_TYPE_TMP_BUFFER); |
| Vanger | 4:e505054279ed | 416 | return MEMORY_E; |
| Vanger | 4:e505054279ed | 417 | } |
| Vanger | 4:e505054279ed | 418 | #endif |
| Vanger | 4:e505054279ed | 419 | |
| Vanger | 4:e505054279ed | 420 | ret = GenerateSeed(&rng->seed, key, 32); |
| Vanger | 4:e505054279ed | 421 | |
| Vanger | 4:e505054279ed | 422 | if (ret == 0) { |
| Vanger | 4:e505054279ed | 423 | Arc4SetKey(&rng->cipher, key, sizeof(key)); |
| Vanger | 4:e505054279ed | 424 | |
| Vanger | 4:e505054279ed | 425 | ret = RNG_GenerateBlock(rng, junk, 256); /*rid initial state*/ |
| Vanger | 4:e505054279ed | 426 | } |
| wolfSSL | 0:1239e9b70ca2 | 427 | |
| Vanger | 4:e505054279ed | 428 | #ifdef CYASSL_SMALL_STACK |
| Vanger | 4:e505054279ed | 429 | XFREE(key, NULL, DYNAMIC_TYPE_TMP_BUFFER); |
| Vanger | 4:e505054279ed | 430 | XFREE(junk, NULL, DYNAMIC_TYPE_TMP_BUFFER); |
| Vanger | 4:e505054279ed | 431 | #endif |
| Vanger | 4:e505054279ed | 432 | |
| Vanger | 4:e505054279ed | 433 | return ret; |
| Vanger | 4:e505054279ed | 434 | } |
| Vanger | 4:e505054279ed | 435 | |
| Vanger | 4:e505054279ed | 436 | #ifdef HAVE_CAVIUM |
| Vanger | 4:e505054279ed | 437 | static void CaviumRNG_GenerateBlock(RNG* rng, byte* output, word32 sz); |
| Vanger | 4:e505054279ed | 438 | #endif |
| Vanger | 4:e505054279ed | 439 | |
| Vanger | 4:e505054279ed | 440 | /* place a generated block in output */ |
| Vanger | 4:e505054279ed | 441 | int RNG_GenerateBlock(RNG* rng, byte* output, word32 sz) |
| Vanger | 4:e505054279ed | 442 | { |
| Vanger | 4:e505054279ed | 443 | #ifdef HAVE_CAVIUM |
| Vanger | 4:e505054279ed | 444 | if (rng->magic == CYASSL_RNG_CAVIUM_MAGIC) |
| Vanger | 4:e505054279ed | 445 | return CaviumRNG_GenerateBlock(rng, output, sz); |
| Vanger | 4:e505054279ed | 446 | #endif |
| Vanger | 4:e505054279ed | 447 | XMEMSET(output, 0, sz); |
| Vanger | 4:e505054279ed | 448 | Arc4Process(&rng->cipher, output, output, sz); |
| Vanger | 4:e505054279ed | 449 | |
| Vanger | 4:e505054279ed | 450 | return 0; |
| Vanger | 4:e505054279ed | 451 | } |
| Vanger | 4:e505054279ed | 452 | |
| Vanger | 4:e505054279ed | 453 | |
| Vanger | 4:e505054279ed | 454 | int RNG_GenerateByte(RNG* rng, byte* b) |
| Vanger | 4:e505054279ed | 455 | { |
| Vanger | 4:e505054279ed | 456 | return RNG_GenerateBlock(rng, b, 1); |
| Vanger | 4:e505054279ed | 457 | } |
| Vanger | 4:e505054279ed | 458 | |
| Vanger | 4:e505054279ed | 459 | |
| Vanger | 4:e505054279ed | 460 | #ifdef HAVE_CAVIUM |
| Vanger | 4:e505054279ed | 461 | |
| Vanger | 4:e505054279ed | 462 | #include <cyassl/ctaocrypt/logging.h> |
| Vanger | 4:e505054279ed | 463 | #include "cavium_common.h" |
| Vanger | 4:e505054279ed | 464 | |
| Vanger | 4:e505054279ed | 465 | /* Initiliaze RNG for use with Nitrox device */ |
| Vanger | 4:e505054279ed | 466 | int InitRngCavium(RNG* rng, int devId) |
| Vanger | 4:e505054279ed | 467 | { |
| Vanger | 4:e505054279ed | 468 | if (rng == NULL) |
| Vanger | 4:e505054279ed | 469 | return -1; |
| Vanger | 4:e505054279ed | 470 | |
| Vanger | 4:e505054279ed | 471 | rng->devId = devId; |
| Vanger | 4:e505054279ed | 472 | rng->magic = CYASSL_RNG_CAVIUM_MAGIC; |
| Vanger | 4:e505054279ed | 473 | |
| Vanger | 4:e505054279ed | 474 | return 0; |
| Vanger | 4:e505054279ed | 475 | } |
| Vanger | 4:e505054279ed | 476 | |
| Vanger | 4:e505054279ed | 477 | |
| Vanger | 4:e505054279ed | 478 | static void CaviumRNG_GenerateBlock(RNG* rng, byte* output, word32 sz) |
| Vanger | 4:e505054279ed | 479 | { |
| Vanger | 4:e505054279ed | 480 | word offset = 0; |
| Vanger | 4:e505054279ed | 481 | word32 requestId; |
| Vanger | 4:e505054279ed | 482 | |
| Vanger | 4:e505054279ed | 483 | while (sz > CYASSL_MAX_16BIT) { |
| Vanger | 4:e505054279ed | 484 | word16 slen = (word16)CYASSL_MAX_16BIT; |
| Vanger | 4:e505054279ed | 485 | if (CspRandom(CAVIUM_BLOCKING, slen, output + offset, &requestId, |
| Vanger | 4:e505054279ed | 486 | rng->devId) != 0) { |
| Vanger | 4:e505054279ed | 487 | CYASSL_MSG("Cavium RNG failed"); |
| Vanger | 4:e505054279ed | 488 | } |
| Vanger | 4:e505054279ed | 489 | sz -= CYASSL_MAX_16BIT; |
| Vanger | 4:e505054279ed | 490 | offset += CYASSL_MAX_16BIT; |
| Vanger | 4:e505054279ed | 491 | } |
| Vanger | 4:e505054279ed | 492 | if (sz) { |
| Vanger | 4:e505054279ed | 493 | word16 slen = (word16)sz; |
| Vanger | 4:e505054279ed | 494 | if (CspRandom(CAVIUM_BLOCKING, slen, output + offset, &requestId, |
| Vanger | 4:e505054279ed | 495 | rng->devId) != 0) { |
| Vanger | 4:e505054279ed | 496 | CYASSL_MSG("Cavium RNG failed"); |
| Vanger | 4:e505054279ed | 497 | } |
| Vanger | 4:e505054279ed | 498 | } |
| Vanger | 4:e505054279ed | 499 | } |
| Vanger | 4:e505054279ed | 500 | |
| Vanger | 4:e505054279ed | 501 | #endif /* HAVE_CAVIUM */ |
| Vanger | 4:e505054279ed | 502 | |
| Vanger | 4:e505054279ed | 503 | #endif /* NO_RC4 */ |
| Vanger | 4:e505054279ed | 504 | |
| Vanger | 4:e505054279ed | 505 | |
| Vanger | 4:e505054279ed | 506 | #if defined(USE_WINDOWS_API) |
| Vanger | 4:e505054279ed | 507 | |
| Vanger | 4:e505054279ed | 508 | |
| Vanger | 4:e505054279ed | 509 | int GenerateSeed(OS_Seed* os, byte* output, word32 sz) |
| Vanger | 4:e505054279ed | 510 | { |
| Vanger | 4:e505054279ed | 511 | if(!CryptAcquireContext(&os->handle, 0, 0, PROV_RSA_FULL, |
| Vanger | 4:e505054279ed | 512 | CRYPT_VERIFYCONTEXT)) |
| Vanger | 4:e505054279ed | 513 | return WINCRYPT_E; |
| Vanger | 4:e505054279ed | 514 | |
| Vanger | 4:e505054279ed | 515 | if (!CryptGenRandom(os->handle, sz, output)) |
| Vanger | 4:e505054279ed | 516 | return CRYPTGEN_E; |
| Vanger | 4:e505054279ed | 517 | |
| Vanger | 4:e505054279ed | 518 | CryptReleaseContext(os->handle, 0); |
| Vanger | 4:e505054279ed | 519 | |
| Vanger | 4:e505054279ed | 520 | return 0; |
| Vanger | 4:e505054279ed | 521 | } |
| Vanger | 4:e505054279ed | 522 | |
| Vanger | 4:e505054279ed | 523 | |
| Vanger | 4:e505054279ed | 524 | #elif defined(HAVE_RTP_SYS) || defined(EBSNET) |
| Vanger | 4:e505054279ed | 525 | |
| Vanger | 4:e505054279ed | 526 | #include "rtprand.h" /* rtp_rand () */ |
| Vanger | 4:e505054279ed | 527 | #include "rtptime.h" /* rtp_get_system_msec() */ |
| Vanger | 4:e505054279ed | 528 | |
| Vanger | 4:e505054279ed | 529 | |
| Vanger | 4:e505054279ed | 530 | int GenerateSeed(OS_Seed* os, byte* output, word32 sz) |
| Vanger | 4:e505054279ed | 531 | { |
| Vanger | 4:e505054279ed | 532 | int i; |
| Vanger | 4:e505054279ed | 533 | rtp_srand(rtp_get_system_msec()); |
| Vanger | 4:e505054279ed | 534 | |
| Vanger | 4:e505054279ed | 535 | for (i = 0; i < sz; i++ ) { |
| Vanger | 4:e505054279ed | 536 | output[i] = rtp_rand() % 256; |
| Vanger | 4:e505054279ed | 537 | if ( (i % 8) == 7) |
| Vanger | 4:e505054279ed | 538 | rtp_srand(rtp_get_system_msec()); |
| Vanger | 4:e505054279ed | 539 | } |
| Vanger | 4:e505054279ed | 540 | |
| Vanger | 4:e505054279ed | 541 | return 0; |
| Vanger | 4:e505054279ed | 542 | } |
| Vanger | 4:e505054279ed | 543 | |
| Vanger | 4:e505054279ed | 544 | |
| Vanger | 4:e505054279ed | 545 | #elif defined(MICRIUM) |
| Vanger | 4:e505054279ed | 546 | |
| Vanger | 4:e505054279ed | 547 | int GenerateSeed(OS_Seed* os, byte* output, word32 sz) |
| Vanger | 4:e505054279ed | 548 | { |
| Vanger | 4:e505054279ed | 549 | #if (NET_SECURE_MGR_CFG_EN == DEF_ENABLED) |
| Vanger | 4:e505054279ed | 550 | NetSecure_InitSeed(output, sz); |
| Vanger | 4:e505054279ed | 551 | #endif |
| Vanger | 4:e505054279ed | 552 | return 0; |
| Vanger | 4:e505054279ed | 553 | } |
| Vanger | 4:e505054279ed | 554 | |
| Vanger | 4:e505054279ed | 555 | #elif defined(MBED) |
| Vanger | 4:e505054279ed | 556 | |
| Vanger | 4:e505054279ed | 557 | /* write a real one !!!, just for testing board */ |
| Vanger | 4:e505054279ed | 558 | int GenerateSeed(OS_Seed* os, byte* output, word32 sz) |
| Vanger | 4:e505054279ed | 559 | { |
| Vanger | 4:e505054279ed | 560 | int i; |
| Vanger | 4:e505054279ed | 561 | for (i = 0; i < sz; i++ ) |
| Vanger | 4:e505054279ed | 562 | output[i] = i; |
| Vanger | 4:e505054279ed | 563 | |
| Vanger | 4:e505054279ed | 564 | return 0; |
| Vanger | 4:e505054279ed | 565 | } |
| Vanger | 4:e505054279ed | 566 | |
| Vanger | 4:e505054279ed | 567 | #elif defined(MICROCHIP_PIC32) |
| Vanger | 4:e505054279ed | 568 | |
| Vanger | 4:e505054279ed | 569 | #ifdef MICROCHIP_MPLAB_HARMONY |
| Vanger | 4:e505054279ed | 570 | #define PIC32_SEED_COUNT _CP0_GET_COUNT |
| Vanger | 4:e505054279ed | 571 | #else |
| Vanger | 4:e505054279ed | 572 | #if !defined(CYASSL_MICROCHIP_PIC32MZ) |
| Vanger | 4:e505054279ed | 573 | #include <peripheral/timer.h> |
| Vanger | 4:e505054279ed | 574 | #endif |
| Vanger | 4:e505054279ed | 575 | #define PIC32_SEED_COUNT ReadCoreTimer |
| Vanger | 4:e505054279ed | 576 | #endif |
| Vanger | 4:e505054279ed | 577 | #ifdef CYASSL_MIC32MZ_RNG |
| Vanger | 4:e505054279ed | 578 | #include "xc.h" |
| Vanger | 4:e505054279ed | 579 | int GenerateSeed(OS_Seed* os, byte* output, word32 sz) |
| Vanger | 4:e505054279ed | 580 | { |
| Vanger | 4:e505054279ed | 581 | int i ; |
| Vanger | 4:e505054279ed | 582 | byte rnd[8] ; |
| Vanger | 4:e505054279ed | 583 | word32 *rnd32 = (word32 *)rnd ; |
| Vanger | 4:e505054279ed | 584 | word32 size = sz ; |
| Vanger | 4:e505054279ed | 585 | byte* op = output ; |
| Vanger | 4:e505054279ed | 586 | |
| Vanger | 4:e505054279ed | 587 | /* This part has to be replaced with better random seed */ |
| Vanger | 4:e505054279ed | 588 | RNGNUMGEN1 = ReadCoreTimer(); |
| Vanger | 4:e505054279ed | 589 | RNGPOLY1 = ReadCoreTimer(); |
| Vanger | 4:e505054279ed | 590 | RNGPOLY2 = ReadCoreTimer(); |
| Vanger | 4:e505054279ed | 591 | RNGNUMGEN2 = ReadCoreTimer(); |
| Vanger | 4:e505054279ed | 592 | #ifdef DEBUG_CYASSL |
| Vanger | 4:e505054279ed | 593 | printf("GenerateSeed::Seed=%08x, %08x\n", RNGNUMGEN1, RNGNUMGEN2) ; |
| Vanger | 4:e505054279ed | 594 | #endif |
| Vanger | 4:e505054279ed | 595 | RNGCONbits.PLEN = 0x40; |
| Vanger | 4:e505054279ed | 596 | RNGCONbits.PRNGEN = 1; |
| Vanger | 4:e505054279ed | 597 | for(i=0; i<5; i++) { /* wait for RNGNUMGEN ready */ |
| Vanger | 4:e505054279ed | 598 | volatile int x ; |
| Vanger | 4:e505054279ed | 599 | x = RNGNUMGEN1 ; |
| Vanger | 4:e505054279ed | 600 | x = RNGNUMGEN2 ; |
| Vanger | 4:e505054279ed | 601 | } |
| Vanger | 4:e505054279ed | 602 | do { |
| Vanger | 4:e505054279ed | 603 | rnd32[0] = RNGNUMGEN1; |
| Vanger | 4:e505054279ed | 604 | rnd32[1] = RNGNUMGEN2; |
| Vanger | 4:e505054279ed | 605 | |
| Vanger | 4:e505054279ed | 606 | for(i=0; i<8; i++, op++) { |
| Vanger | 4:e505054279ed | 607 | *op = rnd[i] ; |
| Vanger | 4:e505054279ed | 608 | size -- ; |
| Vanger | 4:e505054279ed | 609 | if(size==0)break ; |
| Vanger | 4:e505054279ed | 610 | } |
| Vanger | 4:e505054279ed | 611 | } while(size) ; |
| Vanger | 4:e505054279ed | 612 | return 0; |
| Vanger | 4:e505054279ed | 613 | } |
| Vanger | 4:e505054279ed | 614 | #else /* CYASSL_MIC32MZ_RNG */ |
| Vanger | 4:e505054279ed | 615 | /* uses the core timer, in nanoseconds to seed srand */ |
| Vanger | 4:e505054279ed | 616 | int GenerateSeed(OS_Seed* os, byte* output, word32 sz) |
| Vanger | 4:e505054279ed | 617 | { |
| Vanger | 4:e505054279ed | 618 | int i; |
| Vanger | 4:e505054279ed | 619 | srand(PIC32_SEED_COUNT() * 25); |
| Vanger | 4:e505054279ed | 620 | |
| Vanger | 4:e505054279ed | 621 | for (i = 0; i < sz; i++ ) { |
| Vanger | 4:e505054279ed | 622 | output[i] = rand() % 256; |
| Vanger | 4:e505054279ed | 623 | if ( (i % 8) == 7) |
| Vanger | 4:e505054279ed | 624 | srand(PIC32_SEED_COUNT() * 25); |
| Vanger | 4:e505054279ed | 625 | } |
| Vanger | 4:e505054279ed | 626 | return 0; |
| Vanger | 4:e505054279ed | 627 | } |
| Vanger | 4:e505054279ed | 628 | #endif /* CYASSL_MIC32MZ_RNG */ |
| Vanger | 4:e505054279ed | 629 | |
| Vanger | 4:e505054279ed | 630 | #elif defined(FREESCALE_MQX) |
| Vanger | 4:e505054279ed | 631 | |
| Vanger | 4:e505054279ed | 632 | #ifdef FREESCALE_K70_RNGA |
| Vanger | 4:e505054279ed | 633 | /* |
| Vanger | 4:e505054279ed | 634 | * Generates a RNG seed using the Random Number Generator Accelerator |
| Vanger | 4:e505054279ed | 635 | * on the Kinetis K70. Documentation located in Chapter 37 of |
| Vanger | 4:e505054279ed | 636 | * K70 Sub-Family Reference Manual (see Note 3 in the README for link). |
| Vanger | 4:e505054279ed | 637 | */ |
| Vanger | 4:e505054279ed | 638 | int GenerateSeed(OS_Seed* os, byte* output, word32 sz) |
| Vanger | 4:e505054279ed | 639 | { |
| Vanger | 4:e505054279ed | 640 | int i; |
| Vanger | 4:e505054279ed | 641 | |
| Vanger | 4:e505054279ed | 642 | /* turn on RNGA module */ |
| Vanger | 4:e505054279ed | 643 | SIM_SCGC3 |= SIM_SCGC3_RNGA_MASK; |
| Vanger | 4:e505054279ed | 644 | |
| Vanger | 4:e505054279ed | 645 | /* set SLP bit to 0 - "RNGA is not in sleep mode" */ |
| Vanger | 4:e505054279ed | 646 | RNG_CR &= ~RNG_CR_SLP_MASK; |
| Vanger | 4:e505054279ed | 647 | |
| Vanger | 4:e505054279ed | 648 | /* set HA bit to 1 - "security violations masked" */ |
| Vanger | 4:e505054279ed | 649 | RNG_CR |= RNG_CR_HA_MASK; |
| Vanger | 4:e505054279ed | 650 | |
| Vanger | 4:e505054279ed | 651 | /* set GO bit to 1 - "output register loaded with data" */ |
| Vanger | 4:e505054279ed | 652 | RNG_CR |= RNG_CR_GO_MASK; |
| Vanger | 4:e505054279ed | 653 | |
| Vanger | 4:e505054279ed | 654 | for (i = 0; i < sz; i++) { |
| Vanger | 4:e505054279ed | 655 | |
| Vanger | 4:e505054279ed | 656 | /* wait for RNG FIFO to be full */ |
| Vanger | 4:e505054279ed | 657 | while((RNG_SR & RNG_SR_OREG_LVL(0xF)) == 0) {} |
| Vanger | 4:e505054279ed | 658 | |
| Vanger | 4:e505054279ed | 659 | /* get value */ |
| Vanger | 4:e505054279ed | 660 | output[i] = RNG_OR; |
| Vanger | 4:e505054279ed | 661 | } |
| Vanger | 4:e505054279ed | 662 | |
| Vanger | 4:e505054279ed | 663 | return 0; |
| Vanger | 4:e505054279ed | 664 | } |
| Vanger | 4:e505054279ed | 665 | |
| Vanger | 4:e505054279ed | 666 | #elif defined(FREESCALE_K53_RNGB) |
| Vanger | 4:e505054279ed | 667 | /* |
| Vanger | 4:e505054279ed | 668 | * Generates a RNG seed using the Random Number Generator (RNGB) |
| Vanger | 4:e505054279ed | 669 | * on the Kinetis K53. Documentation located in Chapter 33 of |
| Vanger | 4:e505054279ed | 670 | * K53 Sub-Family Reference Manual (see note in the README for link). |
| Vanger | 4:e505054279ed | 671 | */ |
| Vanger | 4:e505054279ed | 672 | int GenerateSeed(OS_Seed* os, byte* output, word32 sz) |
| Vanger | 4:e505054279ed | 673 | { |
| Vanger | 4:e505054279ed | 674 | int i; |
| Vanger | 4:e505054279ed | 675 | |
| Vanger | 4:e505054279ed | 676 | /* turn on RNGB module */ |
| Vanger | 4:e505054279ed | 677 | SIM_SCGC3 |= SIM_SCGC3_RNGB_MASK; |
| Vanger | 4:e505054279ed | 678 | |
| Vanger | 4:e505054279ed | 679 | /* reset RNGB */ |
| Vanger | 4:e505054279ed | 680 | RNG_CMD |= RNG_CMD_SR_MASK; |
| Vanger | 4:e505054279ed | 681 | |
| Vanger | 4:e505054279ed | 682 | /* FIFO generate interrupt, return all zeros on underflow, |
| Vanger | 4:e505054279ed | 683 | * set auto reseed */ |
| Vanger | 4:e505054279ed | 684 | RNG_CR |= (RNG_CR_FUFMOD_MASK | RNG_CR_AR_MASK); |
| Vanger | 4:e505054279ed | 685 | |
| Vanger | 4:e505054279ed | 686 | /* gen seed, clear interrupts, clear errors */ |
| Vanger | 4:e505054279ed | 687 | RNG_CMD |= (RNG_CMD_GS_MASK | RNG_CMD_CI_MASK | RNG_CMD_CE_MASK); |
| Vanger | 4:e505054279ed | 688 | |
| Vanger | 4:e505054279ed | 689 | /* wait for seeding to complete */ |
| Vanger | 4:e505054279ed | 690 | while ((RNG_SR & RNG_SR_SDN_MASK) == 0) {} |
| Vanger | 4:e505054279ed | 691 | |
| Vanger | 4:e505054279ed | 692 | for (i = 0; i < sz; i++) { |
| Vanger | 4:e505054279ed | 693 | |
| Vanger | 4:e505054279ed | 694 | /* wait for a word to be available from FIFO */ |
| Vanger | 4:e505054279ed | 695 | while((RNG_SR & RNG_SR_FIFO_LVL_MASK) == 0) {} |
| Vanger | 4:e505054279ed | 696 | |
| Vanger | 4:e505054279ed | 697 | /* get value */ |
| Vanger | 4:e505054279ed | 698 | output[i] = RNG_OUT; |
| Vanger | 4:e505054279ed | 699 | } |
| Vanger | 4:e505054279ed | 700 | |
| Vanger | 4:e505054279ed | 701 | return 0; |
| Vanger | 4:e505054279ed | 702 | } |
| Vanger | 4:e505054279ed | 703 | |
| Vanger | 4:e505054279ed | 704 | #else |
| Vanger | 4:e505054279ed | 705 | #warning "write a real random seed!!!!, just for testing now" |
| Vanger | 4:e505054279ed | 706 | |
| Vanger | 4:e505054279ed | 707 | int GenerateSeed(OS_Seed* os, byte* output, word32 sz) |
| Vanger | 4:e505054279ed | 708 | { |
| Vanger | 4:e505054279ed | 709 | int i; |
| Vanger | 4:e505054279ed | 710 | for (i = 0; i < sz; i++ ) |
| Vanger | 4:e505054279ed | 711 | output[i] = i; |
| Vanger | 4:e505054279ed | 712 | |
| Vanger | 4:e505054279ed | 713 | return 0; |
| Vanger | 4:e505054279ed | 714 | } |
| Vanger | 4:e505054279ed | 715 | #endif /* FREESCALE_K70_RNGA */ |
| Vanger | 4:e505054279ed | 716 | |
| Vanger | 4:e505054279ed | 717 | #elif defined(CYASSL_SAFERTOS) || defined(CYASSL_LEANPSK) \ |
| Vanger | 4:e505054279ed | 718 | || defined(CYASSL_IAR_ARM) |
| Vanger | 4:e505054279ed | 719 | |
| Vanger | 4:e505054279ed | 720 | #warning "write a real random seed!!!!, just for testing now" |
| Vanger | 4:e505054279ed | 721 | |
| Vanger | 4:e505054279ed | 722 | int GenerateSeed(OS_Seed* os, byte* output, word32 sz) |
| Vanger | 4:e505054279ed | 723 | { |
| Vanger | 4:e505054279ed | 724 | word32 i; |
| Vanger | 4:e505054279ed | 725 | for (i = 0; i < sz; i++ ) |
| Vanger | 4:e505054279ed | 726 | output[i] = i; |
| Vanger | 4:e505054279ed | 727 | |
| Vanger | 4:e505054279ed | 728 | (void)os; |
| Vanger | 4:e505054279ed | 729 | |
| Vanger | 4:e505054279ed | 730 | return 0; |
| Vanger | 4:e505054279ed | 731 | } |
| Vanger | 4:e505054279ed | 732 | |
| Vanger | 4:e505054279ed | 733 | #elif defined(STM32F2_RNG) |
| Vanger | 4:e505054279ed | 734 | #undef RNG |
| Vanger | 4:e505054279ed | 735 | #include "stm32f2xx_rng.h" |
| Vanger | 4:e505054279ed | 736 | #include "stm32f2xx_rcc.h" |
| Vanger | 4:e505054279ed | 737 | /* |
| Vanger | 4:e505054279ed | 738 | * Generate a RNG seed using the hardware random number generator |
| Vanger | 4:e505054279ed | 739 | * on the STM32F2. Documentation located in STM32F2xx Standard Peripheral |
| Vanger | 4:e505054279ed | 740 | * Library document (See note in README). |
| Vanger | 4:e505054279ed | 741 | */ |
| Vanger | 4:e505054279ed | 742 | int GenerateSeed(OS_Seed* os, byte* output, word32 sz) |
| Vanger | 4:e505054279ed | 743 | { |
| Vanger | 4:e505054279ed | 744 | int i; |
| Vanger | 4:e505054279ed | 745 | |
| Vanger | 4:e505054279ed | 746 | /* enable RNG clock source */ |
| Vanger | 4:e505054279ed | 747 | RCC_AHB2PeriphClockCmd(RCC_AHB2Periph_RNG, ENABLE); |
| Vanger | 4:e505054279ed | 748 | |
| Vanger | 4:e505054279ed | 749 | /* enable RNG peripheral */ |
| Vanger | 4:e505054279ed | 750 | RNG_Cmd(ENABLE); |
| Vanger | 4:e505054279ed | 751 | |
| Vanger | 4:e505054279ed | 752 | for (i = 0; i < sz; i++) { |
| Vanger | 4:e505054279ed | 753 | /* wait until RNG number is ready */ |
| Vanger | 4:e505054279ed | 754 | while(RNG_GetFlagStatus(RNG_FLAG_DRDY)== RESET) { } |
| Vanger | 4:e505054279ed | 755 | |
| Vanger | 4:e505054279ed | 756 | /* get value */ |
| Vanger | 4:e505054279ed | 757 | output[i] = RNG_GetRandomNumber(); |
| Vanger | 4:e505054279ed | 758 | } |
| Vanger | 4:e505054279ed | 759 | |
| Vanger | 4:e505054279ed | 760 | return 0; |
| Vanger | 4:e505054279ed | 761 | } |
| Vanger | 4:e505054279ed | 762 | #elif defined(CYASSL_LPC43xx) || defined(CYASSL_STM32F2xx) |
| Vanger | 4:e505054279ed | 763 | |
| Vanger | 4:e505054279ed | 764 | #warning "write a real random seed!!!!, just for testing now" |
| Vanger | 4:e505054279ed | 765 | |
| Vanger | 4:e505054279ed | 766 | int GenerateSeed(OS_Seed* os, byte* output, word32 sz) |
| Vanger | 4:e505054279ed | 767 | { |
| Vanger | 4:e505054279ed | 768 | int i; |
| Vanger | 4:e505054279ed | 769 | |
| Vanger | 4:e505054279ed | 770 | for (i = 0; i < sz; i++ ) |
| Vanger | 4:e505054279ed | 771 | output[i] = i; |
| Vanger | 4:e505054279ed | 772 | |
| Vanger | 4:e505054279ed | 773 | return 0; |
| Vanger | 4:e505054279ed | 774 | } |
| Vanger | 4:e505054279ed | 775 | |
| Vanger | 4:e505054279ed | 776 | #elif defined(CUSTOM_RAND_GENERATE) |
| Vanger | 4:e505054279ed | 777 | |
| Vanger | 4:e505054279ed | 778 | /* Implement your own random generation function |
| Vanger | 4:e505054279ed | 779 | * word32 rand_gen(void); |
| Vanger | 4:e505054279ed | 780 | * #define CUSTOM_RAND_GENERATE rand_gen */ |
| Vanger | 4:e505054279ed | 781 | |
| Vanger | 4:e505054279ed | 782 | int GenerateSeed(OS_Seed* os, byte* output, word32 sz) |
| Vanger | 4:e505054279ed | 783 | { |
| Vanger | 4:e505054279ed | 784 | int i; |
| Vanger | 4:e505054279ed | 785 | |
| Vanger | 4:e505054279ed | 786 | for (i = 0; i < sz; i++ ) |
| Vanger | 4:e505054279ed | 787 | output[i] = CUSTOM_RAND_GENERATE(); |
| Vanger | 4:e505054279ed | 788 | |
| Vanger | 4:e505054279ed | 789 | return 0; |
| Vanger | 4:e505054279ed | 790 | } |
| Vanger | 4:e505054279ed | 791 | |
| Vanger | 4:e505054279ed | 792 | #elif defined(NO_DEV_RANDOM) |
| Vanger | 4:e505054279ed | 793 | |
| Vanger | 4:e505054279ed | 794 | //#error "you need to write an os specific GenerateSeed() here" |
| Vanger | 4:e505054279ed | 795 | |
| Vanger | 4:e505054279ed | 796 | #warning "PRNG is not well-implemented" |
| Vanger | 4:e505054279ed | 797 | int GenerateSeed(OS_Seed* os, byte* output, word32 sz) |
| Vanger | 4:e505054279ed | 798 | { |
| Vanger | 4:e505054279ed | 799 | srand(time()); |
| Vanger | 4:e505054279ed | 800 | int i; |
| Vanger | 4:e505054279ed | 801 | |
| Vanger | 4:e505054279ed | 802 | for (i = 0; i < sz; i++ ) { |
| Vanger | 4:e505054279ed | 803 | output[i] = rand() % 256; |
| Vanger | 4:e505054279ed | 804 | if ( (i % 8) == 7) |
| Vanger | 4:e505054279ed | 805 | rand(time()); |
| Vanger | 4:e505054279ed | 806 | } |
| Vanger | 4:e505054279ed | 807 | return 0; |
| Vanger | 4:e505054279ed | 808 | } |
| Vanger | 4:e505054279ed | 809 | |
| Vanger | 4:e505054279ed | 810 | |
| Vanger | 4:e505054279ed | 811 | #else /* !USE_WINDOWS_API && !HAVE_RPT_SYS && !MICRIUM && !NO_DEV_RANDOM */ |
| Vanger | 4:e505054279ed | 812 | |
| Vanger | 4:e505054279ed | 813 | |
| Vanger | 4:e505054279ed | 814 | /* may block */ |
| Vanger | 4:e505054279ed | 815 | int GenerateSeed(OS_Seed* os, byte* output, word32 sz) |
| Vanger | 4:e505054279ed | 816 | { |
| Vanger | 4:e505054279ed | 817 | int ret = 0; |
| Vanger | 4:e505054279ed | 818 | |
| Vanger | 4:e505054279ed | 819 | os->fd = open("/dev/urandom",O_RDONLY); |
| Vanger | 4:e505054279ed | 820 | if (os->fd == -1) { |
| Vanger | 4:e505054279ed | 821 | /* may still have /dev/random */ |
| Vanger | 4:e505054279ed | 822 | os->fd = open("/dev/random",O_RDONLY); |
| Vanger | 4:e505054279ed | 823 | if (os->fd == -1) |
| Vanger | 4:e505054279ed | 824 | return OPEN_RAN_E; |
| Vanger | 4:e505054279ed | 825 | } |
| Vanger | 4:e505054279ed | 826 | |
| Vanger | 4:e505054279ed | 827 | while (sz) { |
| Vanger | 4:e505054279ed | 828 | int len = (int)read(os->fd, output, sz); |
| Vanger | 4:e505054279ed | 829 | if (len == -1) { |
| Vanger | 4:e505054279ed | 830 | ret = READ_RAN_E; |
| Vanger | 4:e505054279ed | 831 | break; |
| Vanger | 4:e505054279ed | 832 | } |
| Vanger | 4:e505054279ed | 833 | |
| Vanger | 4:e505054279ed | 834 | sz -= len; |
| Vanger | 4:e505054279ed | 835 | output += len; |
| Vanger | 4:e505054279ed | 836 | |
| Vanger | 4:e505054279ed | 837 | if (sz) { |
| Vanger | 4:e505054279ed | 838 | #ifdef BLOCKING |
| Vanger | 4:e505054279ed | 839 | sleep(0); /* context switch */ |
| Vanger | 4:e505054279ed | 840 | #else |
| Vanger | 4:e505054279ed | 841 | ret = RAN_BLOCK_E; |
| Vanger | 4:e505054279ed | 842 | break; |
| Vanger | 4:e505054279ed | 843 | #endif |
| Vanger | 4:e505054279ed | 844 | } |
| Vanger | 4:e505054279ed | 845 | } |
| Vanger | 4:e505054279ed | 846 | close(os->fd); |
| Vanger | 4:e505054279ed | 847 | |
| Vanger | 4:e505054279ed | 848 | return ret; |
| Vanger | 4:e505054279ed | 849 | } |
| Vanger | 4:e505054279ed | 850 | |
| Vanger | 4:e505054279ed | 851 | #endif /* USE_WINDOWS_API */ |
| Vanger | 4:e505054279ed | 852 | |
| Vanger | 4:e505054279ed | 853 |