iPXE
Macros | Functions
entropy.c File Reference

Entropy source. More...

#include <stdint.h>
#include <assert.h>
#include <string.h>
#include <errno.h>
#include <ipxe/crypto.h>
#include <ipxe/hash_df.h>
#include <ipxe/entropy.h>

Go to the source code of this file.

Macros

#define EPIPE_REPETITION_COUNT_TEST   __einfo_error ( EINFO_EPIPE_REPETITION_COUNT_TEST )
 
#define EINFO_EPIPE_REPETITION_COUNT_TEST   __einfo_uniqify ( EINFO_EPIPE, 0x01, "Repetition count test failed" )
 
#define EPIPE_ADAPTIVE_PROPORTION_TEST   __einfo_error ( EINFO_EPIPE_ADAPTIVE_PROPORTION_TEST )
 
#define EINFO_EPIPE_ADAPTIVE_PROPORTION_TEST   __einfo_uniqify ( EINFO_EPIPE, 0x02, "Adaptive proportion test failed" )
 

Functions

 FILE_LICENCE (GPL2_OR_LATER_OR_UBDL)
 
static void repetition_count_test_init (struct entropy_source *source)
 Initialise repetition count test. More...
 
static int repetition_count_test (struct entropy_source *source, noise_sample_t sample)
 Perform repetition count test. More...
 
static void adaptive_proportion_test_init (struct entropy_source *source)
 Initialise adaptive proportion test. More...
 
static int adaptive_proportion_test (struct entropy_source *source, noise_sample_t sample)
 Perform adaptive proportion test. More...
 
static int get_entropy (struct entropy_source *source, entropy_sample_t *entropy)
 Get entropy sample. More...
 
static void startup_test_init (struct entropy_source *source)
 Initialise startup test. More...
 
static int startup_test (struct entropy_source *source)
 Perform startup test. More...
 
int entropy_enable (struct entropy_source *source)
 Enable entropy gathering. More...
 
static int entropy_enable_and_test (struct entropy_source *source)
 Enable and test entropy source. More...
 
static int entropy_enable_working (struct entropy_source **source)
 Enable first working entropy source. More...
 
void entropy_disable (struct entropy_source *source)
 Disable entropy gathering. More...
 
static uint32_t make_next_nonce (void)
 Create next nonce value. More...
 
int get_entropy_input_tmp (min_entropy_t min_entropy, uint8_t *tmp, size_t tmp_len)
 Obtain entropy input temporary buffer. More...
 
 REQUIRING_SYMBOL (entropy_enable)
 
 REQUIRE_OBJECT (config_entropy)
 

Detailed Description

Entropy source.

This algorithm is designed to comply with ANS X9.82 Part 4 (April 2011 Draft) Section 13.3. This standard is unfortunately not freely available.

Definition in file entropy.c.

Macro Definition Documentation

◆ EPIPE_REPETITION_COUNT_TEST

#define EPIPE_REPETITION_COUNT_TEST   __einfo_error ( EINFO_EPIPE_REPETITION_COUNT_TEST )

Definition at line 44 of file entropy.c.

◆ EINFO_EPIPE_REPETITION_COUNT_TEST

#define EINFO_EPIPE_REPETITION_COUNT_TEST   __einfo_uniqify ( EINFO_EPIPE, 0x01, "Repetition count test failed" )

Definition at line 46 of file entropy.c.

◆ EPIPE_ADAPTIVE_PROPORTION_TEST

#define EPIPE_ADAPTIVE_PROPORTION_TEST   __einfo_error ( EINFO_EPIPE_ADAPTIVE_PROPORTION_TEST )

Definition at line 48 of file entropy.c.

◆ EINFO_EPIPE_ADAPTIVE_PROPORTION_TEST

#define EINFO_EPIPE_ADAPTIVE_PROPORTION_TEST   __einfo_uniqify ( EINFO_EPIPE, 0x02, "Adaptive proportion test failed" )

Definition at line 50 of file entropy.c.

Function Documentation

◆ FILE_LICENCE()

FILE_LICENCE ( GPL2_OR_LATER_OR_UBDL  )

◆ repetition_count_test_init()

static void repetition_count_test_init ( struct entropy_source source)
static

Initialise repetition count test.

Parameters
sourceEntropy source

Definition at line 58 of file entropy.c.

58  {
59  struct entropy_repetition_count_test *test =
60  &source->repetition_count_test;
61 
62  /* Sanity checks */
63  assert ( test->repetition_count == 0 );
64  assert ( test->cutoff > 0 );
65 }
entropy_repetition_count_test
Repetition count test state.
Definition: entropy.h:51
entropy_source::repetition_count_test
struct entropy_repetition_count_test repetition_count_test
Repetition count test state.
Definition: entropy.h:133
assert
assert((readw(&hdr->flags) &(GTF_reading|GTF_writing))==0)
test
static int test
Definition: epic100.c:73

References assert(), entropy_source::repetition_count_test, and test.

Referenced by entropy_enable().

◆ repetition_count_test()

static int repetition_count_test ( struct entropy_source source,
noise_sample_t  sample 
)
static

Perform repetition count test.

Parameters
sourceEntropy source
sampleNoise sample
Return values
rcReturn status code

This is the Repetition Count Test defined in ANS X9.82 Part 2 (October 2011 Draft) Section 8.5.2.1.2.

Definition at line 77 of file entropy.c.

78  {
79  struct entropy_repetition_count_test *test =
80  &source->repetition_count_test;
81 
82  /* A = the most recently seen sample value
83  * B = the number of times that value A has been seen in a row
84  * C = the cutoff value above which the repetition test should fail
85  */
86 
87  /* 1. For each new sample processed:
88  *
89  * (Note that the test for "repetition_count > 0" ensures that
90  * the initial value of most_recent_sample is treated as being
91  * undefined.)
92  */
93  if ( ( sample == test->most_recent_sample ) &&
94  ( test->repetition_count > 0 ) ) {
95 
96  /* a) If the new sample = A, then B is incremented by one. */
97  test->repetition_count++;
98 
99  /* i. If B >= C, then an error condition is raised
100  * due to a failure of the test
101  */
102  if ( test->repetition_count >= test->cutoff ) {
103  DBGC ( source, "ENTROPY %s excessively repeated "
104  "value %d (%d/%d)\n", source->name, sample,
105  test->repetition_count, test->cutoff );
106  return -EPIPE_REPETITION_COUNT_TEST;
107  }
108 
109  } else {
110 
111  /* b) Else:
112  * i. A = new sample
113  */
114  test->most_recent_sample = sample;
115 
116  /* ii. B = 1 */
117  test->repetition_count = 1;
118  }
119 
120  return 0;
121 }
DBGC
#define DBGC(...)
Definition: compiler.h:505
entropy_source::name
const char * name
Name.
Definition: entropy.h:118
EPIPE_REPETITION_COUNT_TEST
#define EPIPE_REPETITION_COUNT_TEST
Definition: entropy.c:44
entropy_repetition_count_test
Repetition count test state.
Definition: entropy.h:51
entropy_source::repetition_count_test
struct entropy_repetition_count_test repetition_count_test
Repetition count test state.
Definition: entropy.h:133
test
static int test
Definition: epic100.c:73

References DBGC, EPIPE_REPETITION_COUNT_TEST, entropy_source::name, entropy_source::repetition_count_test, and test.

Referenced by get_entropy().

◆ adaptive_proportion_test_init()

static void adaptive_proportion_test_init ( struct entropy_source source)
static

Initialise adaptive proportion test.

Parameters
sourceEntropy source

Definition at line 128 of file entropy.c.

128  {
129  struct entropy_adaptive_proportion_test *test =
130  &source->adaptive_proportion_test;
131 
132  /* Sanity checks */
133  assert ( test->sample_count == 0 );
134  assert ( test->repetition_count == 0 );
135  assert ( test->cutoff > 0 );
136 
137  /* Ensure that a new test run starts immediately */
138  test->sample_count = ADAPTIVE_PROPORTION_WINDOW_SIZE;
139 }
assert
assert((readw(&hdr->flags) &(GTF_reading|GTF_writing))==0)
ADAPTIVE_PROPORTION_WINDOW_SIZE
#define ADAPTIVE_PROPORTION_WINDOW_SIZE
Window size for the adaptive proportion test.
Definition: entropy.h:356
entropy_source::adaptive_proportion_test
struct entropy_adaptive_proportion_test adaptive_proportion_test
Adaptive proportion test state.
Definition: entropy.h:135
test
static int test
Definition: epic100.c:73
entropy_adaptive_proportion_test
Adaptive proportion test state.
Definition: entropy.h:75

References entropy_source::adaptive_proportion_test, ADAPTIVE_PROPORTION_WINDOW_SIZE, assert(), and test.

Referenced by entropy_enable().

◆ adaptive_proportion_test()

static int adaptive_proportion_test ( struct entropy_source source,
noise_sample_t  sample 
)
static

Perform adaptive proportion test.

Parameters
sourceEntropy source
sampleNoise sample
Return values
rcReturn status code

This is the Adaptive Proportion Test for the Most Common Value defined in ANS X9.82 Part 2 (October 2011 Draft) Section 8.5.2.1.3.

Definition at line 151 of file entropy.c.

152  {
153  struct entropy_adaptive_proportion_test *test =
154  &source->adaptive_proportion_test;
155 
156  /* A = the sample value currently being counted
157  * S = the number of samples examined in this run of the test so far
158  * N = the total number of samples that must be observed in
159  * one run of the test, also known as the "window size" of
160  * the test
161  * B = the current number of times that S (sic) has been seen
162  * in the W (sic) samples examined so far
163  * C = the cutoff value above which the repetition test should fail
164  * W = the probability of a false positive: 2^-30
165  */
166 
167  /* 1. The entropy source draws the current sample from the
168  * noise source.
169  *
170  * (Nothing to do; we already have the current sample.)
171  */
172 
173  /* 2. If S = N, then a new run of the test begins: */
174  if ( test->sample_count == ADAPTIVE_PROPORTION_WINDOW_SIZE ) {
175 
176  /* a. A = the current sample */
177  test->current_counted_sample = sample;
178 
179  /* b. S = 0 */
180  test->sample_count = 0;
181 
182  /* c. B = 0 */
183  test->repetition_count = 0;
184 
185  } else {
186 
187  /* Else: (the test is already running)
188  * a. S = S + 1
189  */
190  test->sample_count++;
191 
192  /* b. If A = the current sample, then: */
193  if ( sample == test->current_counted_sample ) {
194 
195  /* i. B = B + 1 */
196  test->repetition_count++;
197 
198  /* ii. If S (sic) > C then raise an error
199  * condition, because the test has
200  * detected a failure
201  */
202  if ( test->repetition_count > test->cutoff ) {
203  DBGC ( source, "ENTROPY %s excessively "
204  "repeated value %d (%d/%d)\n",
205  source->name, sample,
206  test->repetition_count, test->cutoff );
207  return -EPIPE_ADAPTIVE_PROPORTION_TEST;
208  }
209  }
210  }
211 
212  return 0;
213 }
DBGC
#define DBGC(...)
Definition: compiler.h:505
EPIPE_ADAPTIVE_PROPORTION_TEST
#define EPIPE_ADAPTIVE_PROPORTION_TEST
Definition: entropy.c:48
entropy_source::name
const char * name
Name.
Definition: entropy.h:118
ADAPTIVE_PROPORTION_WINDOW_SIZE
#define ADAPTIVE_PROPORTION_WINDOW_SIZE
Window size for the adaptive proportion test.
Definition: entropy.h:356
entropy_source::adaptive_proportion_test
struct entropy_adaptive_proportion_test adaptive_proportion_test
Adaptive proportion test state.
Definition: entropy.h:135
test
static int test
Definition: epic100.c:73
entropy_adaptive_proportion_test
Adaptive proportion test state.
Definition: entropy.h:75

References entropy_source::adaptive_proportion_test, ADAPTIVE_PROPORTION_WINDOW_SIZE, DBGC, EPIPE_ADAPTIVE_PROPORTION_TEST, entropy_source::name, and test.

Referenced by get_entropy().

◆ get_entropy()

static int get_entropy ( struct entropy_source source,
entropy_sample_t entropy 
)
static

Get entropy sample.

Parameters
sourceEntropy source
Return values
entropyEntropy sample
rcReturn status code

This is the GetEntropy function defined in ANS X9.82 Part 2 (October 2011 Draft) Section 6.5.1.

Definition at line 225 of file entropy.c.

226  {
227  noise_sample_t noise;
228  int rc;
229 
230  /* Any failure is permanent */
231  if ( ( rc = source->rc ) != 0 )
232  goto err_broken;
233 
234  /* Get noise sample */
235  if ( ( rc = get_noise ( source, &noise ) ) != 0 )
236  goto err_get_noise;
237 
238  /* Perform Repetition Count Test and Adaptive Proportion Test
239  * as mandated by ANS X9.82 Part 2 (October 2011 Draft)
240  * Section 8.5.2.1.1.
241  */
242  if ( ( rc = repetition_count_test ( source, noise ) ) != 0 )
243  goto err_repetition_count_test;
244  if ( ( rc = adaptive_proportion_test ( source, noise ) ) != 0 )
245  goto err_adaptive_proportion_test;
246 
247  /* We do not use any optional conditioning component */
248  *entropy = noise;
249 
250  return 0;
251 
252  err_adaptive_proportion_test:
253  err_repetition_count_test:
254  err_get_noise:
255  source->rc = rc;
256  err_broken:
257  return rc;
258 }
entropy_source::rc
int rc
Failure status (if any)
Definition: entropy.h:143
rc
struct arbelprm_rc_send_wqe rc
Definition: arbel.h:14
repetition_count_test
static int repetition_count_test(struct entropy_source *source, noise_sample_t sample)
Perform repetition count test.
Definition: entropy.c:77
adaptive_proportion_test
static int adaptive_proportion_test(struct entropy_source *source, noise_sample_t sample)
Perform adaptive proportion test.
Definition: entropy.c:151
get_noise
static int get_noise(struct entropy_source *source, noise_sample_t *noise)
Get noise sample.
Definition: entropy.h:208
noise_sample_t
uint8_t noise_sample_t
A noise sample.
Definition: entropy.h:21

References adaptive_proportion_test(), get_noise(), entropy_source::rc, rc, and repetition_count_test().

Referenced by get_entropy_input_tmp(), and startup_test().

◆ startup_test_init()

static void startup_test_init ( struct entropy_source source)
static

Initialise startup test.

Parameters
sourceEntropy source

Definition at line 265 of file entropy.c.

265  {
266  struct entropy_startup_test *test = &source->startup_test;
267 
268  /* Sanity check */
269  assert ( test->tested == 0 );
270  assert ( test->count > 0 );
271 }
assert
assert((readw(&hdr->flags) &(GTF_reading|GTF_writing))==0)
entropy_source::startup_test
struct entropy_startup_test startup_test
Startup test state.
Definition: entropy.h:137
entropy_startup_test
Startup test state.
Definition: entropy.h:104
test
static int test
Definition: epic100.c:73

References assert(), entropy_source::startup_test, and test.

Referenced by entropy_enable().

◆ startup_test()

static int startup_test ( struct entropy_source source)
static

Perform startup test.

Parameters
sourceEntropy source
Return values
rcReturn status code

Definition at line 279 of file entropy.c.

279  {
280  struct entropy_startup_test *test = &source->startup_test;
281  entropy_sample_t sample;
282  int rc;
283 
284  /* Perform mandatory number of startup tests */
285  for ( ; test->tested < test->count ; test->tested++ ) {
286  if ( ( rc = get_entropy ( source, &sample ) ) != 0 ) {
287  DBGC ( source, "ENTROPY %s failed: %s\n",
288  source->name, strerror ( rc ) );
289  return rc;
290  }
291  }
292 
293  return 0;
294 }
rc
struct arbelprm_rc_send_wqe rc
Definition: arbel.h:14
DBGC
#define DBGC(...)
Definition: compiler.h:505
entropy_source::name
const char * name
Name.
Definition: entropy.h:118
entropy_source::startup_test
struct entropy_startup_test startup_test
Startup test state.
Definition: entropy.h:137
strerror
char * strerror(int errno)
Retrieve string representation of error number.
Definition: strerror.c:78
get_entropy
static int get_entropy(struct entropy_source *source, entropy_sample_t *entropy)
Get entropy sample.
Definition: entropy.c:225
entropy_sample_t
uint8_t entropy_sample_t
An entropy sample.
Definition: entropy.h:24
entropy_startup_test
Startup test state.
Definition: entropy.h:104
test
static int test
Definition: epic100.c:73

References DBGC, get_entropy(), entropy_source::name, rc, entropy_source::startup_test, strerror(), and test.

Referenced by entropy_enable_and_test().

◆ entropy_enable()

int entropy_enable ( struct entropy_source source)

Enable entropy gathering.

Parameters
sourceEntropy source
Return values
rcReturn status code

Definition at line 302 of file entropy.c.

302  {
303  int rc;
304 
305  /* Refuse to enable a previously failed source */
306  if ( ( rc = source->rc ) != 0 )
307  return rc;
308 
309  /* Enable entropy source */
310  if ( ( rc = source->enable() ) != 0 ) {
311  DBGC ( source, "ENTROPY %s could not enable: %s\n",
312  source->name, strerror ( rc ) );
313  source->rc = rc;
314  return rc;
315  }
316 
317  /* Sanity check */
318  assert ( source->min_entropy_per_sample > 0 );
319 
320  /* Initialise test state if this source has not previously been used */
321  if ( source->startup_test.tested == 0 ) {
322  repetition_count_test_init ( source );
323  adaptive_proportion_test_init ( source );
324  startup_test_init ( source );
325  }
326 
327  DBGC ( source, "ENTROPY %s enabled\n", source->name );
328  return 0;
329 }
entropy_source::rc
int rc
Failure status (if any)
Definition: entropy.h:143
rc
struct arbelprm_rc_send_wqe rc
Definition: arbel.h:14
entropy_startup_test::tested
unsigned int tested
Number of startup tests performed.
Definition: entropy.h:106
entropy_source::enable
int(* enable)(void)
Enable entropy gathering.
Definition: entropy.h:150
DBGC
#define DBGC(...)
Definition: compiler.h:505
entropy_source::min_entropy_per_sample
min_entropy_t min_entropy_per_sample
min-entropy per sample
Definition: entropy.h:131
adaptive_proportion_test_init
static void adaptive_proportion_test_init(struct entropy_source *source)
Initialise adaptive proportion test.
Definition: entropy.c:128
entropy_source::name
const char * name
Name.
Definition: entropy.h:118
assert
assert((readw(&hdr->flags) &(GTF_reading|GTF_writing))==0)
entropy_source::startup_test
struct entropy_startup_test startup_test
Startup test state.
Definition: entropy.h:137
startup_test_init
static void startup_test_init(struct entropy_source *source)
Initialise startup test.
Definition: entropy.c:265
repetition_count_test_init
static void repetition_count_test_init(struct entropy_source *source)
Initialise repetition count test.
Definition: entropy.c:58
strerror
char * strerror(int errno)
Retrieve string representation of error number.
Definition: strerror.c:78

References adaptive_proportion_test_init(), assert(), DBGC, entropy_source::enable, entropy_source::min_entropy_per_sample, entropy_source::name, entropy_source::rc, rc, repetition_count_test_init(), entropy_source::startup_test, startup_test_init(), strerror(), and entropy_startup_test::tested.

Referenced by entropy_enable_and_test(), and entropy_sample().

◆ entropy_enable_and_test()

static int entropy_enable_and_test ( struct entropy_source source)
static

Enable and test entropy source.

Parameters
sourceEntropy source
Return values
rcReturn status code

Definition at line 337 of file entropy.c.

337  {
338  int rc;
339 
340  /* Enable source */
341  if ( ( rc = entropy_enable ( source ) ) != 0 )
342  goto err_enable;
343 
344  /* Test source */
345  if ( ( rc = startup_test ( source ) ) != 0 )
346  goto err_test;
347 
348  DBGC ( source, "ENTROPY %s passed %d startup tests\n",
349  source->name, source->startup_test.count );
350  return 0;
351 
352  err_test:
353  entropy_disable ( source );
354  err_enable:
355  assert ( source->rc == rc );
356  return rc;
357 }
entropy_source::rc
int rc
Failure status (if any)
Definition: entropy.h:143
rc
struct arbelprm_rc_send_wqe rc
Definition: arbel.h:14
DBGC
#define DBGC(...)
Definition: compiler.h:505
startup_test
static int startup_test(struct entropy_source *source)
Perform startup test.
Definition: entropy.c:279
entropy_source::name
const char * name
Name.
Definition: entropy.h:118
assert
assert((readw(&hdr->flags) &(GTF_reading|GTF_writing))==0)
entropy_source::startup_test
struct entropy_startup_test startup_test
Startup test state.
Definition: entropy.h:137
entropy_enable
int entropy_enable(struct entropy_source *source)
Enable entropy gathering.
Definition: entropy.c:302
entropy_startup_test::count
unsigned int count
Number of startup tests required for one full cycle.
Definition: entropy.h:112
entropy_disable
void entropy_disable(struct entropy_source *source)
Disable entropy gathering.
Definition: entropy.c:385

References assert(), entropy_startup_test::count, DBGC, entropy_disable(), entropy_enable(), entropy_source::name, entropy_source::rc, rc, entropy_source::startup_test, and startup_test().

Referenced by entropy_enable_working().

◆ entropy_enable_working()

static int entropy_enable_working ( struct entropy_source **  source)
static

Enable first working entropy source.

Parameters
sourceEntropy source to fill in
Return values
rcReturn status code

Definition at line 365 of file entropy.c.

365  {
366  int rc;
367 
368  /* Find the first working source */
369  rc = -ENOENT;
370  for_each_table_entry ( *source, ENTROPY_SOURCES ) {
371  if ( ( rc = entropy_enable_and_test ( *source ) ) == 0 )
372  return 0;
373  }
374 
375  DBGC ( *source, "ENTROPY has no working sources: %s\n",
376  strerror ( rc ) );
377  return rc;
378 }
rc
struct arbelprm_rc_send_wqe rc
Definition: arbel.h:14
DBGC
#define DBGC(...)
Definition: compiler.h:505
ENOENT
#define ENOENT
No such file or directory.
Definition: errno.h:514
ENTROPY_SOURCES
#define ENTROPY_SOURCES
Entropy source table.
Definition: entropy.h:169
strerror
char * strerror(int errno)
Retrieve string representation of error number.
Definition: strerror.c:78
for_each_table_entry
#define for_each_table_entry(pointer, table)
Iterate through all entries within a linker table.
Definition: tables.h:385
entropy_enable_and_test
static int entropy_enable_and_test(struct entropy_source *source)
Enable and test entropy source.
Definition: entropy.c:337

References DBGC, ENOENT, entropy_enable_and_test(), ENTROPY_SOURCES, for_each_table_entry, rc, and strerror().

Referenced by get_entropy_input_tmp().

◆ entropy_disable()

void entropy_disable ( struct entropy_source source)

Disable entropy gathering.

Parameters
sourceEntropy source

Definition at line 385 of file entropy.c.

385  {
386 
387  /* Disable entropy gathering, if applicable */
388  if ( source->disable )
389  source->disable();
390 
391  DBGC ( source, "ENTROPY %s disabled\n", source->name );
392 }
entropy_source::disable
void(* disable)(void)
Disable entropy gathering.
Definition: entropy.h:155
DBGC
#define DBGC(...)
Definition: compiler.h:505
entropy_source::name
const char * name
Name.
Definition: entropy.h:118

References DBGC, entropy_source::disable, and entropy_source::name.

Referenced by entropy_enable_and_test(), entropy_sample(), and get_entropy_input_tmp().

◆ make_next_nonce()

static uint32_t make_next_nonce ( void  )
static

Create next nonce value.

Return values
nonceNonce

This is the MakeNextNonce function defined in ANS X9.82 Part 4 (April 2011 Draft) Section 13.3.4.2.

Definition at line 402 of file entropy.c.

402  {
403  static uint32_t nonce;
404 
405  /* The simplest implementation of a nonce uses a large counter */
406  nonce++;
407 
408  return nonce;
409 }
uint32_t
unsigned int uint32_t
Definition: stdint.h:12
nonce
struct ntlm_nonce nonce
Server nonce.
Definition: ntlm.h:18

References nonce.

Referenced by get_entropy_input_tmp().

◆ get_entropy_input_tmp()

int get_entropy_input_tmp ( min_entropy_t  min_entropy,
uint8_t tmp,
size_t  tmp_len 
)

Obtain entropy input temporary buffer.

Parameters
min_entropyMin-entropy required
tmpTemporary buffer
tmp_lenLength of temporary buffer
Return values
rcReturn status code

This is (part of) the implementation of the Get_entropy_input function (using an entropy source as the source of entropy input and condensing each entropy source output after each GetEntropy call) as defined in ANS X9.82 Part 4 (April 2011 Draft) Section 13.3.4.2.

Definition at line 425 of file entropy.c.

426  {
427  struct entropy_source *source;
428  struct {
429  uint32_t nonce;
430  entropy_sample_t sample;
431  } __attribute__ (( packed )) data;;
432  uint8_t df_buf[tmp_len];
433  min_entropy_t entropy_total;
434  unsigned int num_samples;
435  unsigned int i;
436  int rc;
437 
438  /* Enable entropy gathering */
439  if ( ( rc = entropy_enable_working ( &source ) ) != 0 )
440  goto err_enable_working;
441 
442  /* Sanity checks */
443  assert ( source->startup_test.count > 0 );
444  assert ( source->startup_test.tested >= source->startup_test.count );
445 
446  /* 3. entropy_total = 0 */
447  entropy_total = MIN_ENTROPY ( 0 );
448 
449  /* 4. tmp = a fixed n-bit value, such as 0^n */
450  memset ( tmp, 0, tmp_len );
451 
452  /* 5. While ( entropy_total < min_entropy ) */
453  for ( num_samples = 0 ; entropy_total < min_entropy ; num_samples++ ) {
454  /* 5.1. ( status, entropy_bitstring, assessed_entropy )
455  * = GetEntropy()
456  * 5.2. If status indicates an error, return ( status, Null )
457  */
458  if ( ( rc = get_entropy ( source, &data.sample ) ) != 0 )
459  goto err_get_entropy;
460 
461  /* 5.3. nonce = MakeNextNonce() */
462  data.nonce = make_next_nonce();
463 
464  /* 5.4. tmp = tmp XOR
465  * df ( ( nonce || entropy_bitstring ), n )
466  */
467  hash_df ( &entropy_hash_df_algorithm, &data, sizeof ( data ),
468  df_buf, sizeof ( df_buf ) );
469  for ( i = 0 ; i < tmp_len ; i++ )
470  tmp[i] ^= df_buf[i];
471 
472  /* 5.5. entropy_total = entropy_total + assessed_entropy */
473  entropy_total += source->min_entropy_per_sample;
474  }
475 
476  /* Disable entropy gathering */
477  entropy_disable ( source );
478 
479  DBGC ( source, "ENTROPY %s gathered %d bits in %d samples\n",
480  source->name, ( min_entropy / MIN_ENTROPY_SCALE ), num_samples );
481  return 0;
482 
483  err_get_entropy:
484  entropy_disable ( source );
485  assert ( source->rc == rc );
486  err_enable_working:
487  return rc;
488 }
__attribute__
#define __attribute__(x)
Definition: compiler.h:10
entropy_source::rc
int rc
Failure status (if any)
Definition: entropy.h:143
rc
struct arbelprm_rc_send_wqe rc
Definition: arbel.h:14
entropy_startup_test::tested
unsigned int tested
Number of startup tests performed.
Definition: entropy.h:106
MIN_ENTROPY_SCALE
#define MIN_ENTROPY_SCALE
Fixed-point scale for min-entropy amounts.
Definition: entropy.h:34
DBGC
#define DBGC(...)
Definition: compiler.h:505
entropy_source::min_entropy_per_sample
min_entropy_t min_entropy_per_sample
min-entropy per sample
Definition: entropy.h:131
entropy_source
An entropy source.
Definition: entropy.h:116
entropy_source::name
const char * name
Name.
Definition: entropy.h:118
make_next_nonce
static uint32_t make_next_nonce(void)
Create next nonce value.
Definition: entropy.c:402
tmp
unsigned long tmp
Definition: linux_pci.h:53
assert
assert((readw(&hdr->flags) &(GTF_reading|GTF_writing))==0)
entropy_source::startup_test
struct entropy_startup_test startup_test
Startup test state.
Definition: entropy.h:137
hash_df
void hash_df(struct digest_algorithm *hash, const void *input, size_t input_len, void *output, size_t output_len)
Distribute entropy throughout a buffer.
Definition: hash_df.c:84
uint8_t
unsigned char uint8_t
Definition: stdint.h:10
entropy_enable_working
static int entropy_enable_working(struct entropy_source **source)
Enable first working entropy source.
Definition: entropy.c:365
get_entropy
static int get_entropy(struct entropy_source *source, entropy_sample_t *entropy)
Get entropy sample.
Definition: entropy.c:225
uint32_t
unsigned int uint32_t
Definition: stdint.h:12
MIN_ENTROPY
#define MIN_ENTROPY(bits)
Construct a min-entropy fixed-point value.
Definition: entropy.h:42
min_entropy_t
unsigned int min_entropy_t
An amount of min-entropy.
Definition: entropy.h:31
entropy_sample_t
uint8_t entropy_sample_t
An entropy sample.
Definition: entropy.h:24
entropy_startup_test::count
unsigned int count
Number of startup tests required for one full cycle.
Definition: entropy.h:112
data
uint8_t data[48]
Additional event data.
Definition: ena.h:22
entropy_hash_df_algorithm
#define entropy_hash_df_algorithm
Use SHA-256 as the underlying hash algorithm for Hash_df.
Definition: entropy.h:192
entropy_disable
void entropy_disable(struct entropy_source *source)
Disable entropy gathering.
Definition: entropy.c:385
nonce
struct ntlm_nonce nonce
Server nonce.
Definition: ntlm.h:18
memset
void * memset(void *dest, int character, size_t len) __nonnull

References __attribute__, assert(), entropy_startup_test::count, data, DBGC, entropy_disable(), entropy_enable_working(), entropy_hash_df_algorithm, get_entropy(), hash_df(), make_next_nonce(), memset(), MIN_ENTROPY, entropy_source::min_entropy_per_sample, MIN_ENTROPY_SCALE, entropy_source::name, nonce, entropy_source::rc, rc, entropy_source::startup_test, entropy_startup_test::tested, and tmp.

Referenced by get_entropy_input().

◆ REQUIRING_SYMBOL()

REQUIRING_SYMBOL ( entropy_enable  )

◆ REQUIRE_OBJECT()

REQUIRE_OBJECT ( config_entropy  )
Generated by   doxygen 1.8.15