feedc0de/wolfssl
1
0
Fork 0
forked from wolfSSL/wolfssl
Code Pull Requests Activity

Intel rdrand/rdseed: fixed error check, separated rdrand and rdseed

Browse Source
This commit is contained in:
Takashi Kojo
2015-03-24 15:13:11 +09:00
parent 572214ebb4
commit 28109b01f7
2 changed files with 81 additions and 35 deletions
Download Patch File Download Diff File Expand all files Collapse all files

113
wolfcrypt/src/random.c
View File

@ -110,12 +110,13 @@ int wc_RNG_GenerateByte(RNG* rng, byte* b)
/* include headers that may be needed to get good seed */ /* include headers that may be needed to get good seed */
#endif #endif
#endif /* USE_WINDOWS_API */ #endif /* USE_WINDOWS_API */
#ifdef HAVE_INTEL_RDGEN #ifdef HAVE_INTEL_RDGEN
static int wc_InitRng_IntelRD() ; static int wc_InitRng_IntelRD(void) ;
static int wc_GenerateSeed_IntelRD(OS_Seed* os, byte* output, word32 sz) ; static int wc_GenerateSeed_IntelRD(OS_Seed* os, byte* output, word32 sz) ;
static word32 cpuid_check = 0 ; static int wc_GenerateRand_IntelRD(OS_Seed* os, byte* output, word32 sz) ;
static word32 cpuid_flags = 0 ; static word32 cpuid_check = 0 ;
static word32 cpuid_flags = 0 ;
#define CPUID_RDRAND 0x4 #define CPUID_RDRAND 0x4
#define CPUID_RDSEED 0x8 #define CPUID_RDSEED 0x8
#define IS_INTEL_RDRAND (cpuid_flags&CPUID_RDRAND) #define IS_INTEL_RDRAND (cpuid_flags&CPUID_RDRAND)
@ -427,6 +428,8 @@ int wc_InitRng(RNG* rng)
#ifdef HAVE_INTEL_RDGEN #ifdef HAVE_INTEL_RDGEN
wc_InitRng_IntelRD() ; wc_InitRng_IntelRD() ;
rng->drbg = NULL ;
if(IS_INTEL_RDRAND)return 0 ;
#endif #endif
if (rng != NULL) { if (rng != NULL) {
@ -480,10 +483,10 @@ int wc_RNG_GenerateBlock(RNG* rng, byte* output, word32 sz)
return BAD_FUNC_ARG; return BAD_FUNC_ARG;
#ifdef HAVE_INTEL_RDGEN #ifdef HAVE_INTEL_RDGEN
if(IS_INTEL_RDSEED||IS_INTEL_RDRAND) if(IS_INTEL_RDRAND)
return wc_GenerateSeed_IntelRD(NULL, output, sz) ; return wc_GenerateRand_IntelRD(NULL, output, sz) ;
#endif #endif
if (rng->status != DRBG_OK) if (rng->status != DRBG_OK)
return RNG_FAILURE_E; return RNG_FAILURE_E;
@ -605,6 +608,7 @@ int wc_InitRng(RNG* rng)
#ifdef HAVE_INTEL_RDGEN #ifdef HAVE_INTEL_RDGEN
wc_InitRng_IntelRD() ; wc_InitRng_IntelRD() ;
if(IS_INTEL_RDRAND)return 0 ;
#endif #endif
#ifdef HAVE_CAVIUM #ifdef HAVE_CAVIUM
if (rng->magic == WOLFSSL_RNG_CAVIUM_MAGIC) if (rng->magic == WOLFSSL_RNG_CAVIUM_MAGIC)
@ -647,8 +651,8 @@ int wc_InitRng(RNG* rng)
int wc_RNG_GenerateBlock(RNG* rng, byte* output, word32 sz) int wc_RNG_GenerateBlock(RNG* rng, byte* output, word32 sz)
{ {
#ifdef HAVE_INTEL_RDGEN #ifdef HAVE_INTEL_RDGEN
if(IS_INTEL_RDSEED||IS_INTEL_RDRAND) if(IS_INTEL_RDRAND)
return wc_GenerateSeed_IntelRD(NULL, output, sz) ; return wc_GenerateRand_IntelRD(NULL, output, sz) ;
#endif #endif
#ifdef HAVE_CAVIUM #ifdef HAVE_CAVIUM
if (rng->magic == WOLFSSL_RNG_CAVIUM_MAGIC) if (rng->magic == WOLFSSL_RNG_CAVIUM_MAGIC)
@ -766,32 +770,46 @@ static int wc_InitRng_IntelRD()
if(cpuid_check==0) { if(cpuid_check==0) {
if(cpuid_flag(1, 0, ECX, 30)){ cpuid_flags |= CPUID_RDRAND ;} if(cpuid_flag(1, 0, ECX, 30)){ cpuid_flags |= CPUID_RDRAND ;}
if(cpuid_flag(7, 0, EBX, 18)){ cpuid_flags |= CPUID_RDSEED ;} if(cpuid_flag(7, 0, EBX, 18)){ cpuid_flags |= CPUID_RDSEED ;}
cpuid_check = 1 ; cpuid_check = 1 ;
} }
return 1 ; return 1 ;
} }
static inline int IntelRDrand32(unsigned int *rnd) static inline int IntelRDrand32(unsigned int *rnd)
{ {
int rdrand; int rdrand; unsigned char ok ;
__asm__ volatile("rdrand %0":"=r"(rdrand)); __asm__ volatile("rdrand %0; setc %1":"=r"(rdrand), "=qm"(ok));
if(rdrand){ *rnd = rdrand ;
*rnd = rdrand ; return ok ;
return 0 ;
} else
return 1;
} }
static inline int IntelRDseed32(unsigned int *seed) static inline int IntelRDseed32(unsigned int *seed)
{ {
int rdseed; int rdseed; unsigned char ok ;
__asm__ volatile("rdseed %0":"=r"(rdseed)); __asm__ volatile("rdseed %0; setc %1":"=r"(rdseed), "=qm"(ok));
if(rdseed){ if(ok){
*seed = rdseed ; *seed = rdseed ;
return 0 ; return 0 ;
} else } else
return 1; return 1;
}
#define INTELRD_RETRY 10
static inline int IntelRDrand32_r(unsigned int *rnd)
{
int i ;
for(i=0; i<INTELRD_RETRY;i++)
if(IntelRDrand32(rnd))return 0 ;
return 1 ;
}
static inline int IntelRDseed32_r(unsigned int *rnd)
{
int i ;
for(i=0; i<INTELRD_RETRY;i++)
if(IntelRDseed32(rnd))return 0 ;
return 1 ;
} }
static int wc_GenerateSeed_IntelRD(OS_Seed* os, byte* output, word32 sz) static int wc_GenerateSeed_IntelRD(OS_Seed* os, byte* output, word32 sz)
@ -800,16 +818,35 @@ static int wc_GenerateSeed_IntelRD(OS_Seed* os, byte* output, word32 sz)
int ret ; byte buff[4] ; int ret ; byte buff[4] ;
for( ; sz/4 > 0; sz-=4, output+=4) { for( ; sz/4 > 0; sz-=4, output+=4) {
if (IS_INTEL_RDSEED)ret = IntelRDseed32((word32 *)output) ; if(IS_INTEL_RDSEED)ret = IntelRDseed32_r((word32 *)output) ;
else if(IS_INTEL_RDRAND)ret = IntelRDrand32((word32 *)output);
else return 1 ; else return 1 ;
if(ret) if(ret)
return 1 ; return 1 ;
} }
if(sz == 0)return 0 ; if(sz == 0)return 0 ;
if (IS_INTEL_RDSEED)ret = IntelRDseed32((word32 *)buff) ; if(IS_INTEL_RDSEED)ret = IntelRDseed32_r((word32 *)buff) ;
else if(IS_INTEL_RDRAND)ret = IntelRDrand32((word32 *)buff); else return 1 ;
if(ret)
return 1 ;
XMEMCPY(output, buff, sz) ;
return 0;
}
static int wc_GenerateRand_IntelRD(OS_Seed* os, byte* output, word32 sz)
{
(void) os ;
int ret ; byte buff[4] ;
for( ; sz/4 > 0; sz-=4, output+=4) {
if(IS_INTEL_RDRAND)ret = IntelRDrand32_r((word32 *)output);
else return 1 ;
if(ret)
return 1 ;
}
if(sz == 0)return 0 ;
if(IS_INTEL_RDRAND)ret = IntelRDrand32_r((word32 *)buff);
else return 1 ; else return 1 ;
if(ret) if(ret)
return 1 ; return 1 ;
@ -1017,7 +1054,7 @@ int wc_GenerateSeed(OS_Seed* os, byte* output, word32 sz)
return 0; return 0;
} }
#else #else
#warning "write a real random seed!!!!, just for testing now" #warning "write a real random seed!!!!, just for testing now"
int wc_GenerateSeed(OS_Seed* os, byte* output, word32 sz) int wc_GenerateSeed(OS_Seed* os, byte* output, word32 sz)
@ -1028,7 +1065,7 @@ int wc_GenerateSeed(OS_Seed* os, byte* output, word32 sz)
return 0; return 0;
} }
#endif /* FREESCALE_K70_RNGA */ #endif /* FREESCALE_K70_RNGA */
#elif defined(WOLFSSL_SAFERTOS) || defined(WOLFSSL_LEANPSK) \ #elif defined(WOLFSSL_SAFERTOS) || defined(WOLFSSL_LEANPSK) \
|| defined(WOLFSSL_IAR_ARM) || defined(WOLFSSL_MDK_ARM) \ || defined(WOLFSSL_IAR_ARM) || defined(WOLFSSL_MDK_ARM) \
@ -1109,6 +1146,17 @@ int wc_GenerateSeed(OS_Seed* os, byte* output, word32 sz)
return 0; return 0;
} }
#elif defined(HAVE_INTEL_RDGEN)
int wc_GenerateSeed(OS_Seed* os, byte* output, word32 sz)
{
(void) os ;
if(IS_INTEL_RDSEED)
return wc_GenerateSeed_IntelRD(NULL, output, sz) ;
else return 1 ;
}
#elif defined(CUSTOM_RAND_GENERATE) #elif defined(CUSTOM_RAND_GENERATE)
/* Implement your own random generation function /* Implement your own random generation function
@ -1139,7 +1187,6 @@ int wc_GenerateSeed(OS_Seed* os, byte* output, word32 sz)
#else /* !USE_WINDOWS_API && !HAVE_RPT_SYS && !MICRIUM && !NO_DEV_RANDOM */ #else /* !USE_WINDOWS_API && !HAVE_RPT_SYS && !MICRIUM && !NO_DEV_RANDOM */
/* may block */ /* may block */
int wc_GenerateSeed(OS_Seed* os, byte* output, word32 sz) int wc_GenerateSeed(OS_Seed* os, byte* output, word32 sz)
{ {

3
wolfcrypt/test/test.c
View File

@ -3220,8 +3220,7 @@ int random_test(void)
ret = wc_RNG_GenerateBlock(&rng, block, sizeof(block)); ret = wc_RNG_GenerateBlock(&rng, block, sizeof(block));
if (ret != 0) return -40; if (ret != 0) return -40;
#include "stdio.h"
printf("%016lx,%016lx,%016lx,%016lx,\n", ((word64 *)block)[0],((word64 *)block)[1],((word64 *)block)[2],((word64 *)block)[3]) ;
return 0; return 0;
wc_FreeRng(&rng); wc_FreeRng(&rng);