diff --git a/bn.c b/bn.c index cc23f03..24e0c48 100644 --- a/bn.c +++ b/bn.c @@ -418,7 +418,7 @@ bn256_random (bn256 *X) for (i = 0; i < 256/256; i++) { - rand = random_bytes_get (); + rand = random_bytes_get (32); for (j = 0; j < BN256_WORDS; j++) X->word[i*BN256_WORDS+j] = ((uint32_t *)rand)[j]; random_bytes_free (rand); diff --git a/neug.c b/neug.c index 39d317b..0ca951f 100644 --- a/neug.c +++ b/neug.c @@ -62,7 +62,6 @@ static void ep_init (int mode) /* Here, we assume a little endian architecture. */ static int ep_process (int mode) { - if (ep_round == 0) { ep_init(mode); @@ -259,13 +258,16 @@ uint32_t neug_get (int kick) return v; } -void neug_wait_full (void) +void neug_wait_full (void) //should be called only on core1 { struct rng_rb *rb = &the_ring_buffer; //chopstx_mutex_lock (&rb->m); - while (!rb->full) - neug_task(); //chopstx_cond_wait (&rb->data_available, &rb->m); + while (!rb->full) { + printf("not full yet!\r\n"); + //neug_task(); //chopstx_cond_wait (&rb->data_available, &rb->m); + sleep_ms(1); + } //chopstx_mutex_unlock (&rb->m); } diff --git a/openpgp-do.c b/openpgp-do.c index 3d6f076..925b763 100644 --- a/openpgp-do.c +++ b/openpgp-do.c @@ -1472,7 +1472,7 @@ gpg_do_write_prvkey (enum kind_of_key kk, const uint8_t *key_data, compute_key_data_checksum (&kdi, prvkey_len, CKDC_CALC); - dek = random_bytes_get (); /* 32-byte random bytes */ + dek = random_bytes_get (32); /* 32-byte random bytes */ iv = dek + DATA_ENCRYPTION_KEY_SIZE; memcpy (pd->dek_encrypted_1, dek, DATA_ENCRYPTION_KEY_SIZE); memcpy (pd->dek_encrypted_2, dek, DATA_ENCRYPTION_KEY_SIZE); @@ -2532,7 +2532,7 @@ gpg_do_keygen (uint8_t *buf) { if (rnd) random_bytes_free (rnd); - rnd = random_bytes_get (); + rnd = random_bytes_get (32); r = ecc_check_secret_p256k1 (rnd, d1); } while (r == 0); @@ -2553,7 +2553,7 @@ gpg_do_keygen (uint8_t *buf) } else if (attr == ALGO_CURVE25519) { - rnd = random_bytes_get (); + rnd = random_bytes_get (32); memcpy (d, rnd, 32); random_bytes_free (rnd); d[0] &= 248; @@ -2564,7 +2564,7 @@ gpg_do_keygen (uint8_t *buf) } else if (attr == ALGO_ED25519) { - rnd = random_bytes_get (); + rnd = random_bytes_get (32); mbedtls_sha512_context ctx; mbedtls_sha512_init(&ctx); @@ -2584,11 +2584,11 @@ gpg_do_keygen (uint8_t *buf) else if (attr == ALGO_ED448) { shake_context ctx; - rnd = random_bytes_get (); + rnd = random_bytes_get (32); shake256_start (&ctx); shake256_update (&ctx, rnd, 32); random_bytes_free (rnd); - rnd = random_bytes_get (); + rnd = random_bytes_get (32); shake256_update (&ctx, rnd, 25); shake256_finish (&ctx, d, 2*57); random_bytes_free (rnd); @@ -2598,10 +2598,10 @@ gpg_do_keygen (uint8_t *buf) } else if (attr == ALGO_X448) { - rnd = random_bytes_get (); + rnd = random_bytes_get (32); memcpy (d, rnd, 32); random_bytes_free (rnd); - rnd = random_bytes_get (); + rnd = random_bytes_get (32); memcpy (d+32, rnd, 24); prv = d; ecdh_compute_public_x448 (pubkey, prv); diff --git a/openpgp.c b/openpgp.c index d703fd0..e09749a 100644 --- a/openpgp.c +++ b/openpgp.c @@ -1465,7 +1465,7 @@ cmd_get_challenge (queue_t *ccid_comm) eventflag_signal (ccid_comm, EV_EXEC_ACK_REQUIRED); #endif - challenge = random_bytes_get (); + challenge = random_bytes_get (32); memcpy (res_APDU, challenge, len); res_APDU_size = len; GPG_SUCCESS (); diff --git a/random.c b/random.c index 1427aaa..60a7eda 100644 --- a/random.c +++ b/random.c @@ -50,12 +50,14 @@ void random_fini (void) * Return pointer to random 32-byte */ void random_bytes_free (const uint8_t *p); -const uint8_t * random_bytes_get (void) +const uint8_t * random_bytes_get (size_t len) { - static uint32_t return_word[RANDOM_BYTES_LENGTH/sizeof (uint32_t)]; - neug_wait_full (); - memcpy(return_word, random_word, sizeof(return_word)); - random_bytes_free((const uint8_t *)random_word); + static uint32_t return_word[512/sizeof(uint32_t)]; + for (int ix = 0; ix < len; ix += RANDOM_BYTES_LENGTH) { + neug_wait_full (); + memcpy(return_word+ix/sizeof(uint32_t), random_word, RANDOM_BYTES_LENGTH); + random_bytes_free((const uint8_t *)random_word); + } return (const uint8_t *)return_word; } diff --git a/random.h b/random.h index 026922a..2045583 100644 --- a/random.h +++ b/random.h @@ -2,7 +2,7 @@ void random_init (void); void random_fini (void); /* 32-byte random bytes */ -const uint8_t *random_bytes_get (void); +const uint8_t *random_bytes_get (size_t); void random_bytes_free (const uint8_t *p); /* 8-byte salt */ diff --git a/sc_hsm.c b/sc_hsm.c index f89c09a..6e3a544 100644 --- a/sc_hsm.c +++ b/sc_hsm.c @@ -386,7 +386,7 @@ static int cmd_reset_retry() { } static int cmd_challenge() { - memcpy(res_APDU, random_bytes_get(), apdu.expected_res_size); + memcpy(res_APDU, random_bytes_get(apdu.expected_res_size), apdu.expected_res_size); res_APDU_size = apdu.expected_res_size; return SW_OK(); } @@ -437,11 +437,11 @@ static int cmd_initialize() { } p += tag_len; } - p = random_bytes_get(); + p = random_bytes_get(32); memset(tmp_dkek, 0, sizeof(tmp_dkek)); memcpy(tmp_dkek, p, IV_SIZE); if (dkeks == 0) { - p = random_bytes_get(); + p = random_bytes_get(32); memcpy(tmp_dkek, p, 32); encrypt(session_sopin, tmp_dkek, tmp_dkek+IV_SIZE, 32); file_t *tf = search_by_fid(EF_DKEK, NULL, SPECIFY_EF); @@ -1154,7 +1154,7 @@ static int cmd_key_gen() { if (!isUserAuthenticated) return SW_SECURITY_STATUS_NOT_SATISFIED(); //at this moment, we do not use the template, as only CBC is supported by the driver (encrypt, decrypt and CMAC) - const uint8_t *aes_key = random_bytes_get(); + const uint8_t *aes_key = random_bytes_get(32); file_t *fpk = file_new((KEY_PREFIX << 8) | key_id); int r = flash_write_data_to_file(fpk, aes_key, key_size); if (r != HSM_OK)