X-Git-Url: https://git.distorted.org.uk/~mdw/catacomb/blobdiff_plain/53073dfb7fc2dd06c572e303fcae164cabdd4ba2..6c0946ef1f1fa9b75b8c6d65ea0554ff4e1ec4eb:/rand/rand.c

diff --git a/rand/rand.c b/rand/rand.c
index 8de66079..3b056332 100644
--- a/rand/rand.c
+++ b/rand/rand.c
@@ -27,6 +27,8 @@
 
 /*----- Header files ------------------------------------------------------*/
 
+#include "config.h"
+
 #include <stdarg.h>
 #include <stdio.h>
 #include <string.h>
@@ -35,6 +37,7 @@
 #include <mLib/sub.h>
 
 #include "arena.h"
+#include "dispatch.h"
 #include "paranoia.h"
 
 #define RAND__HACKS
@@ -84,9 +87,10 @@ gctx rand_global = {
   if (r->gen != gen) { r->gen = gen; rand_gate(r); }			\
 } while (0)
 
-#define TIMER(r) do {							\
-  if ((r)->s && (r)->s->timer)						\
-    (r)->s->timer(r);							\
+static int quick(rand_pool *);
+#define QUICK(r) do {							\
+  quick(r);								\
+  if ((r)->s && (r)->s->timer) (r)->s->timer(r);			\
 } while (0)
 
 /*----- Main code ---------------------------------------------------------*/
@@ -141,6 +145,40 @@ void rand_noisesrc(rand_pool *r, const rand_source *s)
   r->s = s;
 }
 
+/* --- @rand_quick@ --- *
+ *
+ * Arguments:	@rand_pool *r@ = pointer to a randomness pool
+ *
+ * Returns:	Zero on success; @-1@ on failure.
+ *
+ * Use		Attempts to use some machine-specific `quick' source of
+ *		entropy to top up @r@.  This may not do anything at all on
+ *		many systems.
+ */
+
+CPU_DISPATCH(static, return, int, quick, (rand_pool *r), (r),
+	     pick_quick, trivial_quick);
+
+static int trivial_quick(rand_pool *r) { return (-1); }
+
+#if CPUFAM_X86 || CPUFAM_AMD64
+extern int rand_quick_x86ish_rdrand(rand_pool */*r*/);
+extern int rand_quick_x86ish_rdseed(rand_pool */*r*/);
+#endif
+
+static quick__functype *pick_quick(void)
+{
+#if CPUFAM_X86 || CPUFAM_AMD64
+  DISPATCH_PICK_COND(rand_quick, rand_quick_x86ish_rdseed,
+		     cpu_feature_p(CPUFEAT_X86_RDSEED));
+  DISPATCH_PICK_COND(rand_quick, rand_quick_x86ish_rdrand,
+		     cpu_feature_p(CPUFEAT_X86_RDRAND));
+#endif
+  DISPATCH_PICK_FALLBACK(rand_quick, trivial_quick);
+}
+
+int rand_quick(rand_pool *r) { RAND_RESOLVE(r); return (quick(r)); }
+
 /* --- @rand_seed@ --- *
  *
  * Arguments:	@rand_pool *r@ = pointer to a randomness pool
@@ -216,9 +254,7 @@ void rand_add(rand_pool *r, const void *p, size_t sz, unsigned goodbits)
   const octet *c = p;
   int i, rot;
 
-#if RAND_POOLSZ != 128
-#  error Polynomial in rand_add is out of date.  Fix it.
-#endif
+  STATIC_ASSERT(RAND_POOLSZ == 128, "Polynomial doesn't match pool size");
 
   RAND_RESOLVE(r);
 
@@ -271,13 +307,16 @@ void rand_gate(rand_pool *r)
   HASH_CTX hc;
   CIPHER_CTX cc;
 
+  STATIC_ASSERT(CIPHER_KEYSZ <= HASH_SZ, "rand cipher keysize too long");
+
   RAND_RESOLVE(r);
-  TIMER(r);
+  QUICK(r);
 
   /* --- Hash up all the data in the pool --- */
 
   HASH_INIT(&hc);
   STORE32(g, r->gen); HASH(&hc, g, sizeof(g));
+  HASH(&hc, r->k.k, RAND_KEYSZ);
   HASH(&hc, r->pool, RAND_POOLSZ);
   HASH(&hc, r->buf, RAND_BUFSZ);
   HASH_DONE(&hc, h);
@@ -285,7 +324,6 @@ void rand_gate(rand_pool *r)
 
   /* --- Now mangle all of the data based on the hash --- */
 
-  assert(CIPHER_KEYSZ <= HASH_SZ);
   CIPHER_INIT(&cc, h, CIPHER_KEYSZ, 0);
   CIPHER_ENCRYPT(&cc, r->pool, r->pool, RAND_POOLSZ);
   CIPHER_ENCRYPT(&cc, r->buf, r->buf, RAND_BUFSZ);
@@ -300,7 +338,7 @@ void rand_gate(rand_pool *r)
     r->obits = RAND_OBITS;
   } else
     r->ibits = 0;
-  TIMER(r);
+  QUICK(r);
 }
 
 /* --- @rand_stretch@ --- *
@@ -321,13 +359,16 @@ void rand_stretch(rand_pool *r)
   HASH_CTX hc;
   CIPHER_CTX cc;
 
+  STATIC_ASSERT(CIPHER_KEYSZ <= HASH_SZ, "rand cipher keysize too long");
+
   RAND_RESOLVE(r);
-  TIMER(r);
+  QUICK(r);
 
   /* --- Hash up all the data in the buffer --- */
 
   HASH_INIT(&hc);
   STORE32(g, r->gen); HASH(&hc, g, sizeof(g));
+  HASH(&hc, r->k.k, RAND_KEYSZ);
   HASH(&hc, r->pool, RAND_POOLSZ);
   HASH(&hc, r->buf, RAND_BUFSZ);
   HASH_DONE(&hc, h);
@@ -335,7 +376,6 @@ void rand_stretch(rand_pool *r)
 
   /* --- Now mangle the buffer based on the hash --- */
 
-  assert(CIPHER_KEYSZ <= HASH_SZ);
   CIPHER_INIT(&cc, h, CIPHER_KEYSZ, 0);
   CIPHER_ENCRYPT(&cc, r->buf, r->buf, RAND_BUFSZ);
   BURN(cc);
@@ -343,7 +383,7 @@ void rand_stretch(rand_pool *r)
   /* --- Reset the various state variables --- */
 
   r->o = RAND_SECSZ;
-  TIMER(r);
+  QUICK(r);
 }
 
 /* --- @rand_get@ --- *
@@ -368,7 +408,7 @@ void rand_get(rand_pool *r, void *p, size_t sz)
 
   RAND_RESOLVE(r);
   GENCHECK(r);
-  TIMER(r);
+  QUICK(r);
 
   if (!sz)
     return;
@@ -422,7 +462,7 @@ void rand_getgood(rand_pool *r, void *p, size_t sz)
     return;
   }
   GENCHECK(r);
-  TIMER(r);
+  QUICK(r);
 
   while (sz) {
     size_t chunk = sz;
@@ -524,7 +564,7 @@ static int gmisc(grand *r, unsigned op, ...)
       rand_seed(&g->p, va_arg(ap, unsigned));
       break;
     case RAND_TIMER:
-      TIMER(&g->p);
+      QUICK(&g->p);
       break;
     case RAND_GOODBITS:
       rc = rand_goodbits(&g->p);