-
Notifications
You must be signed in to change notification settings - Fork 2.1k
/
Copy pathEntropy.cpp
97 lines (77 loc) · 3.43 KB
/
Entropy.cpp
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
/*
*
* Copyright (c) 2020 Project CHIP Authors
* Copyright (c) 2019 Google LLC.
*
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
* You may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS,
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
* See the License for the specific language governing permissions and
* limitations under the License.
*/
/**
* @file
* Provides implementations for the chip entropy sourcing functions
* on the Linux platforms.
*/
#include <crypto/CHIPCryptoPAL.h>
#include <lib/support/CodeUtils.h>
#include <lib/support/RandUtils.h>
// Temporary includes for TemporaryAuditRandomPerformance()
// TODO: remove once https://github.com/project-chip/connectedhomeip/issues/10454 is done.
#if 1
#include <lib/support/BytesToHex.h>
#endif
namespace chip {
namespace {
// Audit random number generator proper initialization with prints.
// TODO: remove once https://github.com/project-chip/connectedhomeip/issues/10454 is done.
void TemporaryAuditRandomNumberGenerator()
{
uint8_t buf1[16];
uint8_t buf2[16];
memset(&buf1[0], 0, sizeof(buf1));
memset(&buf2[0], 0, sizeof(buf2));
VerifyOrDie(chip::Crypto::DRBG_get_bytes(&buf1[0], sizeof(buf1)) == CHIP_NO_ERROR);
VerifyOrDie(chip::Crypto::DRBG_get_bytes(&buf2[0], sizeof(buf2)) == CHIP_NO_ERROR);
char hex_buf[sizeof(buf1) * 2 + 1];
ChipLogProgress(DeviceLayer, "AUDIT: ===== RANDOM NUMBER GENERATOR AUDIT START ====");
ChipLogProgress(DeviceLayer, "AUDIT: * Validate buf1 and buf2 are <<<different every run/boot!>>>");
ChipLogProgress(DeviceLayer, "AUDIT: * Validate r1 and r2 are <<<different every run/boot!>>>");
memset(&hex_buf[0], 0, sizeof(hex_buf));
VerifyOrDie(Encoding::BytesToUppercaseHexString(&buf1[0], sizeof(buf1), &hex_buf[0], sizeof(hex_buf)) == CHIP_NO_ERROR);
ChipLogProgress(DeviceLayer, "AUDIT: * buf1: %s", &hex_buf[0]);
memset(&hex_buf[0], 0, sizeof(hex_buf));
VerifyOrDie(Encoding::BytesToUppercaseHexString(&buf2[0], sizeof(buf2), &hex_buf[0], sizeof(hex_buf)) == CHIP_NO_ERROR);
ChipLogProgress(DeviceLayer, "AUDIT: * buf2: %s", &hex_buf[0]);
VerifyOrDieWithMsg(memcmp(&buf1[0], &buf2[0], sizeof(buf1)) != 0, DeviceLayer,
"AUDIT: FAILED: buf1, buf2 are equal: DRBG_get_bytes() does not function!");
uint32_t r1 = GetRandU32();
uint32_t r2 = GetRandU32();
ChipLogProgress(DeviceLayer, "AUDIT: * r1: 0x%08" PRIX32 " r2: 0x%08" PRIX32, r1, r2);
VerifyOrDieWithMsg(r1 != r2, DeviceLayer, "AUDIT: FAILED: buf1, buf2 are equal: random number generator does not function!");
ChipLogProgress(DeviceLayer, "AUDIT: ===== RANDOM NUMBER GENERATOR AUDIT END ====");
}
} // namespace
namespace DeviceLayer {
namespace Internal {
CHIP_ERROR InitEntropy()
{
unsigned int seed;
ReturnErrorOnFailure(chip::Crypto::DRBG_get_bytes((uint8_t *) &seed, sizeof(seed)));
srand(seed);
{
// TODO: remove once https://github.com/project-chip/connectedhomeip/issues/10454 is done.
TemporaryAuditRandomNumberGenerator();
}
return CHIP_NO_ERROR;
}
} // namespace Internal
} // namespace DeviceLayer
} // namespace chip