1
0
mirror of https://github.com/trezor/trezor-firmware.git synced 2024-11-22 07:28:10 +00:00
trezor-firmware/crypto/rand.c

92 lines
2.8 KiB
C
Raw Permalink Normal View History

2013-08-17 12:20:15 +00:00
/**
2014-05-22 18:54:58 +00:00
* Copyright (c) 2013-2014 Tomas Dzetkulic
* Copyright (c) 2013-2014 Pavol Rusnak
2013-08-17 12:20:15 +00:00
*
* Permission is hereby granted, free of charge, to any person obtaining
* a copy of this software and associated documentation files (the "Software"),
* to deal in the Software without restriction, including without limitation
* the rights to use, copy, modify, merge, publish, distribute, sublicense,
* and/or sell copies of the Software, and to permit persons to whom the
* Software is furnished to do so, subject to the following conditions:
*
* The above copyright notice and this permission notice shall be included
* in all copies or substantial portions of the Software.
*
* THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS
* OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
* FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL
* THE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES
* OR OTHER LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE,
* ARISING FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR
* OTHER DEALINGS IN THE SOFTWARE.
*/
#include "rand.h"
#ifdef USE_INSECURE_PRNG
2013-08-17 12:20:15 +00:00
#pragma message( \
"NOT SUITABLE FOR PRODUCTION USE! Replace random32() function with your own secure code.")
2018-01-21 22:38:32 +00:00
// The following code is not supposed to be used in a production environment.
// It's included only to make the library testable.
// The message above tries to prevent any accidental use outside of the test
// environment.
2018-01-21 22:38:32 +00:00
//
// You are supposed to replace the random8() and random32() function with your
// own secure code. There is also a possibility to replace the random_buffer()
// function as it is defined as a weak symbol.
2018-01-21 22:38:32 +00:00
static uint32_t seed = 0;
void random_reseed(const uint32_t value) { seed = value; }
uint32_t random32(void) {
// Linear congruential generator from Numerical Recipes
// https://en.wikipedia.org/wiki/Linear_congruential_generator
seed = 1664525 * seed + 1013904223;
return seed;
2013-08-17 12:20:15 +00:00
}
2014-03-12 19:45:51 +00:00
#endif /* USE_INSECURE_PRNG */
//
// The following code is platform independent
//
void __attribute__((weak)) random_buffer(uint8_t *buf, size_t len) {
uint32_t r = 0;
for (size_t i = 0; i < len; i++) {
if (i % 4 == 0) {
r = random32();
}
buf[i] = (r >> ((i % 4) * 8)) & 0xFF;
}
}
void random_xor(uint8_t *buf, size_t len) {
uint8_t r[4] = {0};
for (size_t i = 0; i < len; i++) {
if (i % sizeof(r) == 0) {
random_buffer(r, sizeof(r));
}
buf[i] ^= r[i % sizeof(r)];
}
}
uint32_t random_uniform(uint32_t n) {
uint32_t x = 0, max = 0xFFFFFFFF - (0xFFFFFFFF % n);
while ((x = random32()) >= max)
;
return x / (max / n);
2018-01-21 22:38:32 +00:00
}
void random_permute(char *str, size_t len) {
for (int i = len - 1; i >= 1; i--) {
int j = random_uniform(i + 1);
char t = str[j];
str[j] = str[i];
str[i] = t;
}
}