diff --git a/core/SConscript.bootloader b/core/SConscript.bootloader index 56d41d4d1..db32bd410 100644 --- a/core/SConscript.bootloader +++ b/core/SConscript.bootloader @@ -49,8 +49,9 @@ CPPDEFINES_MOD += [ 'ED25519_NO_PRECOMP', 'TREZOR_UI2', 'USE_RUST_LOADER', - 'FANCY_FATAL_ERROR' + 'FANCY_FATAL_ERROR', ] + SOURCE_MOD += [ 'vendor/trezor-crypto/blake2s.c', 'vendor/trezor-crypto/chacha_drbg.c', @@ -77,6 +78,7 @@ SOURCE_MOD += [ 'embed/extmod/modtrezorui/display.c', 'embed/extmod/modtrezorui/fonts/fonts.c', 'embed/extmod/modtrezorui/fonts/font_bitmap.c', + 'embed/extmod/modtrezorcrypto/rand.c', 'vendor/micropython/lib/uzlib/adler32.c', 'vendor/micropython/lib/uzlib/crc32.c', 'vendor/micropython/lib/uzlib/tinflate.c', diff --git a/core/SConscript.bootloader_ci b/core/SConscript.bootloader_ci index 5768e3505..1d01b3293 100644 --- a/core/SConscript.bootloader_ci +++ b/core/SConscript.bootloader_ci @@ -71,6 +71,7 @@ SOURCE_MOD += [ 'embed/extmod/modtrezorui/colors.c', 'embed/extmod/modtrezorui/fonts/fonts.c', 'embed/extmod/modtrezorui/fonts/font_bitmap.c', + 'embed/extmod/modtrezorcrypto/rand.c', 'vendor/micropython/lib/uzlib/adler32.c', 'vendor/micropython/lib/uzlib/crc32.c', 'vendor/micropython/lib/uzlib/tinflate.c', diff --git a/core/SConscript.firmware b/core/SConscript.firmware index c3f677acd..5a0cfa114 100644 --- a/core/SConscript.firmware +++ b/core/SConscript.firmware @@ -61,7 +61,6 @@ CPPPATH_MOD += [ CPPDEFINES_MOD += [ 'AES_128', 'AES_192', - 'RAND_PLATFORM_INDEPENDENT', ('USE_BIP32_CACHE', '0'), ('USE_KECCAK', '1'), ('USE_ETHEREUM', '1' if EVERYTHING else '0'), diff --git a/core/SConscript.prodtest b/core/SConscript.prodtest index d2d401135..64fccf4a6 100644 --- a/core/SConscript.prodtest +++ b/core/SConscript.prodtest @@ -10,7 +10,9 @@ FEATURES_WANTED = ["input", "sbu", "sdcard", "rdb_led"] CCFLAGS_MOD = '' CPPPATH_MOD = [] -CPPDEFINES_MOD = [] +CPPDEFINES_MOD = [ + 'USE_INSECURE_PRNG', +] SOURCE_MOD = [] if TREZOR_MODEL in ('1', 'R'): diff --git a/core/SConscript.unix b/core/SConscript.unix index 09c5964af..04b958325 100644 --- a/core/SConscript.unix +++ b/core/SConscript.unix @@ -55,6 +55,7 @@ CPPPATH_MOD += [ CPPDEFINES_MOD += [ 'AES_128', 'AES_192', + 'USE_INSECURE_PRNG', ('USE_BIP32_CACHE', '0'), ('USE_KECCAK', '1'), ('USE_ETHEREUM', '1' if EVERYTHING else '0'), diff --git a/crypto/rand.c b/crypto/rand.c index ea95d143b..201fcf405 100644 --- a/crypto/rand.c +++ b/crypto/rand.c @@ -23,7 +23,7 @@ #include "rand.h" -#ifndef RAND_PLATFORM_INDEPENDENT +#ifdef USE_INSECURE_PRNG #pragma message( \ "NOT SUITABLE FOR PRODUCTION USE! Replace random32() function with your own secure code.") @@ -48,7 +48,7 @@ uint32_t random32(void) { return seed; } -#endif /* RAND_PLATFORM_INDEPENDENT */ +#endif /* USE_INSECURE_PRNG */ // // The following code is platform independent diff --git a/legacy/Makefile.include b/legacy/Makefile.include index 261316957..66e24e306 100644 --- a/legacy/Makefile.include +++ b/legacy/Makefile.include @@ -104,6 +104,7 @@ CFLAGS += -DHW_REVISION=0 ifeq ($(EMULATOR),1) CFLAGS += -DEMULATOR=1 +CFLAGS += -DUSE_INSECURE_PRNG=1 CFLAGS += -include $(TOP_DIR)emulator/emulator.h CFLAGS += -include stdio.h @@ -125,7 +126,6 @@ LDSCRIPT = $(TOP_DIR)/memory.ld endif CFLAGS += -DEMULATOR=0 -CFLAGS += -DRAND_PLATFORM_INDEPENDENT=1 LDFLAGS += --static \ -Wl,--start-group \