X-Git-Url: https://git.distorted.org.uk/~mdw/catacomb/blobdiff_plain/53073dfb7fc2dd06c572e303fcae164cabdd4ba2..f4ac4f7b033ea65635f65104dc711b9aaf3a41e0:/rand/rand.c?ds=sidebyside diff --git a/rand/rand.c b/rand/rand.c index 8de66079..665152ac 100644 --- a/rand/rand.c +++ b/rand/rand.c @@ -27,6 +27,8 @@ /*----- Header files ------------------------------------------------------*/ +#include "config.h" + #include #include #include @@ -35,6 +37,7 @@ #include #include "arena.h" +#include "dispatch.h" #include "paranoia.h" #define RAND__HACKS @@ -84,9 +87,10 @@ gctx rand_global = { if (r->gen != gen) { r->gen = gen; rand_gate(r); } \ } while (0) -#define TIMER(r) do { \ - if ((r)->s && (r)->s->timer) \ - (r)->s->timer(r); \ +static int quick(rand_pool *); +#define QUICK(r) do { \ + quick(r); \ + if ((r)->s && (r)->s->timer) (r)->s->timer(r); \ } while (0) /*----- Main code ---------------------------------------------------------*/ @@ -141,6 +145,40 @@ void rand_noisesrc(rand_pool *r, const rand_source *s) r->s = s; } +/* --- @rand_quick@ --- * + * + * Arguments: @rand_pool *r@ = pointer to a randomness pool + * + * Returns: Zero on success; @-1@ on failure. + * + * Use Attempts to use some machine-specific `quick' source of + * entropy to top up @r@. This may not do anything at all on + * many systems. + */ + +CPU_DISPATCH(static, return, int, quick, (rand_pool *r), (r), + pick_quick, trivial_quick); + +static int trivial_quick(rand_pool *r) { return (-1); } + +#if CPUFAM_X86 || CPUFAM_AMD64 +extern int rand_quick_x86ish_rdrand(rand_pool */*r*/); +extern int rand_quick_x86ish_rdseed(rand_pool */*r*/); +#endif + +static quick__functype *pick_quick(void) +{ +#if CPUFAM_X86 || CPUFAM_AMD64 + DISPATCH_PICK_COND(rand_quick, rand_quick_x86ish_rdseed, + cpu_feature_p(CPUFEAT_X86_RDSEED)); + DISPATCH_PICK_COND(rand_quick, rand_quick_x86ish_rdrand, + cpu_feature_p(CPUFEAT_X86_RDRAND)); +#endif + DISPATCH_PICK_FALLBACK(rand_quick, trivial_quick); +} + +int rand_quick(rand_pool *r) { RAND_RESOLVE(r); return (quick(r)); } + /* --- @rand_seed@ --- * * * Arguments: @rand_pool *r@ = pointer to a randomness pool @@ -216,9 +254,7 @@ void rand_add(rand_pool *r, const void *p, size_t sz, unsigned goodbits) const octet *c = p; int i, rot; -#if RAND_POOLSZ != 128 -# error Polynomial in rand_add is out of date. Fix it. -#endif + STATIC_ASSERT(RAND_POOLSZ == 128, "Polynomial doesn't match pool size"); RAND_RESOLVE(r); @@ -271,13 +307,16 @@ void rand_gate(rand_pool *r) HASH_CTX hc; CIPHER_CTX cc; + STATIC_ASSERT(CIPHER_KEYSZ <= HASH_SZ, "rand cipher keysize too long"); + RAND_RESOLVE(r); - TIMER(r); + QUICK(r); /* --- Hash up all the data in the pool --- */ HASH_INIT(&hc); STORE32(g, r->gen); HASH(&hc, g, sizeof(g)); + HASH(&hc, r->k.k, RAND_KEYSZ); HASH(&hc, r->pool, RAND_POOLSZ); HASH(&hc, r->buf, RAND_BUFSZ); HASH_DONE(&hc, h); @@ -285,7 +324,6 @@ void rand_gate(rand_pool *r) /* --- Now mangle all of the data based on the hash --- */ - assert(CIPHER_KEYSZ <= HASH_SZ); CIPHER_INIT(&cc, h, CIPHER_KEYSZ, 0); CIPHER_ENCRYPT(&cc, r->pool, r->pool, RAND_POOLSZ); CIPHER_ENCRYPT(&cc, r->buf, r->buf, RAND_BUFSZ); @@ -296,11 +334,11 @@ void rand_gate(rand_pool *r) r->o = RAND_SECSZ; r->obits += r->ibits; if (r->obits > RAND_OBITS) { - r->ibits = r->obits - r->ibits; + r->ibits = r->obits - RAND_OBITS; r->obits = RAND_OBITS; } else r->ibits = 0; - TIMER(r); + QUICK(r); } /* --- @rand_stretch@ --- * @@ -321,13 +359,16 @@ void rand_stretch(rand_pool *r) HASH_CTX hc; CIPHER_CTX cc; + STATIC_ASSERT(CIPHER_KEYSZ <= HASH_SZ, "rand cipher keysize too long"); + RAND_RESOLVE(r); - TIMER(r); + QUICK(r); /* --- Hash up all the data in the buffer --- */ HASH_INIT(&hc); STORE32(g, r->gen); HASH(&hc, g, sizeof(g)); + HASH(&hc, r->k.k, RAND_KEYSZ); HASH(&hc, r->pool, RAND_POOLSZ); HASH(&hc, r->buf, RAND_BUFSZ); HASH_DONE(&hc, h); @@ -335,7 +376,6 @@ void rand_stretch(rand_pool *r) /* --- Now mangle the buffer based on the hash --- */ - assert(CIPHER_KEYSZ <= HASH_SZ); CIPHER_INIT(&cc, h, CIPHER_KEYSZ, 0); CIPHER_ENCRYPT(&cc, r->buf, r->buf, RAND_BUFSZ); BURN(cc); @@ -343,7 +383,7 @@ void rand_stretch(rand_pool *r) /* --- Reset the various state variables --- */ r->o = RAND_SECSZ; - TIMER(r); + QUICK(r); } /* --- @rand_get@ --- * @@ -368,12 +408,12 @@ void rand_get(rand_pool *r, void *p, size_t sz) RAND_RESOLVE(r); GENCHECK(r); - TIMER(r); + QUICK(r); if (!sz) return; for (;;) { - if (r->o + sz <= RAND_BUFSZ) { + if (sz <= RAND_BUFSZ - r->o) { memcpy(o, r->buf + r->o, sz); r->o += sz; break; @@ -388,8 +428,8 @@ void rand_get(rand_pool *r, void *p, size_t sz) } } - if (r->obits > sz * 8) - r->obits -= sz * 8; + if (r->obits > 8*sz) + r->obits -= 8*sz; else r->obits = 0; } @@ -422,25 +462,29 @@ void rand_getgood(rand_pool *r, void *p, size_t sz) return; } GENCHECK(r); - TIMER(r); + QUICK(r); while (sz) { size_t chunk = sz; - if (chunk * 8 > r->obits) { - if (chunk * 8 > r->ibits + r->obits) + if (8*chunk > r->obits) { + if (8*chunk > r->ibits + r->obits) do r->s->getnoise(r); while (r->ibits + r->obits < 256); rand_gate(r); - if (chunk * 8 > r->obits) - chunk = r->obits / 8; + if (8*chunk > r->obits) + chunk = r->obits/8; } - if (chunk + r->o > RAND_BUFSZ) + if (chunk <= RAND_BUFSZ - r->o) { + memcpy(o, r->buf + r->o, chunk); + r->o += chunk; + } else { chunk = RAND_BUFSZ - r->o; + memcpy(o, r->buf + r->o, chunk); + rand_stretch(r); + } - memcpy(o, r->buf + r->o, chunk); - r->o += chunk; - r->obits -= chunk * 8; + r->obits -= 8*chunk; o += chunk; sz -= chunk; } @@ -524,7 +568,7 @@ static int gmisc(grand *r, unsigned op, ...) rand_seed(&g->p, va_arg(ap, unsigned)); break; case RAND_TIMER: - TIMER(&g->p); + QUICK(&g->p); break; case RAND_GOODBITS: rc = rand_goodbits(&g->p);