1
0
mirror of https://github.com/RIOT-OS/RIOT.git synced 2024-12-29 04:50:03 +01:00

Merge pull request #16594 from fjmolinas/pr_sys_fortuna_reseed_ms

sys/random/fortuna: change interval ressed to ms
This commit is contained in:
Leandro Lanzieri 2021-09-27 20:46:06 +02:00 committed by GitHub
commit 0129cbe954
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
10 changed files with 100 additions and 18 deletions

View File

@ -125,6 +125,7 @@ PSEUDOMODULES += posix_headers
PSEUDOMODULES += printf_float
PSEUDOMODULES += prng
PSEUDOMODULES += prng_%
PSEUDOMODULES += fortuna_reseed
PSEUDOMODULES += qmc5883l_int
PSEUDOMODULES += riotboot_%
PSEUDOMODULES += rtt_cmd

View File

@ -71,6 +71,10 @@ config MODULE_LIBSTDCPP
depends on HAS_CPP
select MODULE_CPP
config MODULE_ATOMIC_UTILS
bool "Atomic access utility functions"
depends on TEST_KCONFIG
config MODULE_SYS
bool
default y

View File

@ -419,8 +419,11 @@ ifneq (,$(filter random,$(USEMODULE)))
USEMODULE += fortuna
USEMODULE += hashes
USEMODULE += crypto
ifneq (,$(filter fortuna_reseed,$(USEMODULE)))
USEMODULE += atomic_utils
USEMODULE += xtimer
endif
endif
ifneq (,$(filter prng_tinymt32,$(USEMODULE)))
USEMODULE += tinymt32

View File

@ -19,14 +19,21 @@ choice RANDOM_IMPLEMENTATION
default MODULE_PRNG_HWRNG if HAS_PERIPH_HWRNG
default MODULE_PRNG_TINYMT32
config MODULE_PRNG_FORTUNA
menuconfig MODULE_PRNG_FORTUNA
bool "Fortuna"
select MODULE_HASHES
select MODULE_XTIMER
select MODULE_FORTUNA
select MODULE_CRYPTO
select MODULE_CRYPTO_AES_128
if MODULE_PRNG_FORTUNA
config MODULE_FORTUNA_RESEED
bool "Reseed prng according to FORTUNA_RESEED_INTERVAL_MS"
select MODULE_XTIMER
select MODULE_ATOMIC_UTILS
endif
config MODULE_PRNG_HWRNG
bool "Hardware RNG"
depends on HAS_PERIPH_HWRNG

View File

@ -21,7 +21,6 @@
#include "log.h"
#include "mutex.h"
#include "fortuna/fortuna.h"
/**

View File

@ -6,8 +6,16 @@
*/
#include <string.h>
#include "fortuna.h"
#include "kernel_defines.h"
#if FORTUNA_RESEED_INTERVAL_MS > 0 && IS_USED(MODULE_FORTUNA_RESEED)
#include "atomic_utils.h"
#if IS_USED(MODULE_ZTIMER_MSEC)
#include "ztimer.h"
#else
#include "xtimer.h"
#endif
#endif
/**
* @brief Helper to increment the 128-bit counter (see section 9.4).
@ -137,6 +145,31 @@ static int fortuna_pseudo_random_data(fortuna_state_t *state, uint8_t *out,
return 0;
}
#if FORTUNA_RESEED_INTERVAL_MS > 0 && IS_USED(MODULE_FORTUNA_RESEED)
void _reseed_callback(void *arg)
{
fortuna_state_t *state = (fortuna_state_t *) arg;
state->needs_reseed = 1;
}
static void _reseed_timer_set(fortuna_state_t *state)
{
atomic_store_u8(&state->needs_reseed, 0);
#if IS_USED(MODULE_ZTIMER_MSEC)
ztimer_set(ZTIMER_MSEC, &state->reseed_timer, FORTUNA_RESEED_INTERVAL_MS);
#else
xtimer_set(&state->reseed_timer, FORTUNA_RESEED_INTERVAL_MS * US_PER_MS);
#endif
}
static void _reseed_timer_init(fortuna_state_t *state) {
/* initialize reseed timer */
state->reseed_timer.callback = _reseed_callback;
state->reseed_timer.arg = state;
_reseed_timer_set(state);
}
#endif
/*
* Corresponds to section 9.4.1 and 9.5.4.
*/
@ -149,9 +182,9 @@ int fortuna_init(fortuna_state_t *state)
sha256_init(&state->pools[i].ctx);
}
#if FORTUNA_RESEED_INTERVAL
/* set last reseed to ensure initial time diff is correct */
state->last_reseed = xtimer_now_usec64();
#if FORTUNA_RESEED_INTERVAL_MS > 0 && IS_USED(MODULE_FORTUNA_RESEED)
/* reseed time init if required */
_reseed_timer_init(state);
#endif
#if FORTUNA_LOCK
@ -174,9 +207,9 @@ int fortuna_random_data(fortuna_state_t *state, uint8_t *out, size_t bytes)
#endif
/* reseed the generator if needed, before returning data */
#if FORTUNA_RESEED_INTERVAL
#if FORTUNA_RESEED_INTERVAL_MS > 0 && IS_USED(MODULE_FORTUNA_RESEED)
if (state->pools[0].len >= FORTUNA_MIN_POOL_SIZE &&
(xtimer_now_usec64() - state->last_reseed) > FORTUNA_RESEED_INTERVAL) {
atomic_load_u8(&state->needs_reseed)) {
#else
if (state->pools[0].len >= FORTUNA_MIN_POOL_SIZE) {
#endif
@ -196,8 +229,8 @@ int fortuna_random_data(fortuna_state_t *state, uint8_t *out, size_t bytes)
fortuna_reseed(state, buf, len);
#if FORTUNA_RESEED_INTERVAL
state->last_reseed = xtimer_now_usec64();
#if FORTUNA_RESEED_INTERVAL_MS > 0 && IS_USED(MODULE_FORTUNA_RESEED)
_reseed_timer_set(state);
#endif
#if FORTUNA_CLEANUP

View File

@ -27,8 +27,14 @@
#ifndef FORTUNA_H
#define FORTUNA_H
#include "xtimer.h"
#include "mutex.h"
#if FORTUNA_RESEED_INTERVAL_MS > 0 && IS_USED(MODULE_FORTUNA_RESEED)
#if IS_USED(MODULE_ZTIMER_MSEC)
#include "ztimer.h"
#else
#include "xtimer.h"
#endif
#endif
#include "crypto/aes.h"
#include "hashes/sha256.h"
@ -63,13 +69,17 @@ extern "C" {
#define FORTUNA_SEED_SIZE (64U)
#endif
#if IS_USED(MODULE_FORTUNA_RESEED) || DOXYGEN
/**
* @brief Reseed interval in us. After this interval, the PRNG must be
* reseeded. Per section 9.5.5, the recommended value is 100ms. Set to
* zero to disable this security feature.
*
* @note Requires `fortuna_reseed` module.
*/
#ifndef FORTUNA_RESEED_INTERVAL
#define FORTUNA_RESEED_INTERVAL (0)
#ifndef FORTUNA_RESEED_INTERVAL_MS
#define FORTUNA_RESEED_INTERVAL_MS 100
#endif
#endif
/**
@ -138,12 +148,17 @@ typedef struct {
fortuna_generator_t gen;
fortuna_pool_t pools[FORTUNA_POOLS];
uint32_t reseeds;
#if FORTUNA_RESEED_INTERVAL > 0
uint64_t last_reseed;
#endif
#if FORTUNA_LOCK
mutex_t lock;
#endif
#if FORTUNA_RESEED_INTERVAL_MS > 0 && IS_USED(MODULE_FORTUNA_RESEED)
#if IS_USED(MODULE_ZTIMER_MSEC)
ztimer_t reseed_timer;
#else
xtimer_t reseed_timer;
#endif
uint8_t needs_reseed;
#endif
} fortuna_state_t;
/**

View File

@ -0,0 +1,5 @@
# this file enables modules defined in Kconfig. Do not use this file for
# application configuration. This is only needed during migration.
CONFIG_MODULE_ATOMIC_UTILS=y
CONFIG_MODULE_TEST_UTILS_INTERACTIVE_SYNC=y
CONFIG_MODULE_XTIMER=y

View File

@ -0,0 +1,8 @@
# this file enables modules defined in Kconfig. Do not use this file for
# application configuration. This is only needed during migration.
CONFIG_MODULE_ATOMIC_UTILS=y
CONFIG_MODULE_FMT=y
CONFIG_MODULE_SHELL=y
CONFIG_MODULE_RANDOM=y
CONFIG_MODULE_PRNG_TINYMT32=y
CONFIG_MODULE_XTIMER=y

View File

@ -0,0 +1,7 @@
# this file enables modules defined in Kconfig. Do not use this file for
# application configuration. This is only needed during migration.
CONFIG_MODULE_EMBUNIT=y
CONFIG_MODULE_ATOMIC_UTILS=y
CONFIG_MODULE_RANDOM=y
# Force tinymt32 to be selected
CONFIG_MODULE_PRNG_TINYMT32=y