LPC546XX: Add TRNG support #6221
There are no files selected for viewing
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,59 @@ | ||
| /* mbed Microcontroller Library | ||
| * Copyright (c) 2018 ARM Limited | ||
| * | ||
| * Licensed under the Apache License, Version 2.0 (the "License"); | ||
| * you may not use this file except in compliance with the License. | ||
| * You may obtain a copy of the License at | ||
| * | ||
| * http://www.apache.org/licenses/LICENSE-2.0 | ||
| * | ||
| * Unless required by applicable law or agreed to in writing, software | ||
| * distributed under the License is distributed on an "AS IS" BASIS, | ||
| * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. | ||
| * See the License for the specific language governing permissions and | ||
| * limitations under the License. | ||
| */ | ||
|
|
||
| #include "trng_api.h" | ||
|
|
||
| #if defined(DEVICE_TRNG) | ||
| #include "fsl_rng.h" | ||
|
|
||
| void trng_init(trng_t *obj) | ||
| { | ||
| } | ||
|
|
||
| void trng_free(trng_t *obj) | ||
| { | ||
| } | ||
|
|
||
| int trng_get_bytes(trng_t *obj, uint8_t *output, size_t length, size_t *output_length) | ||
| { | ||
| uint32_t skip; | ||
| uint32_t data; | ||
| size_t idx = 0; | ||
| int i; | ||
|
|
||
| /* Get Random data */ | ||
| while (idx < length) { | ||
|
|
||
| data = RNG_GetRandomData(); | ||
|
|
||
| for (i = 0; ((i < 4) && (idx < length)); i++) { | ||
| output[idx++] = (data >> (i * 8)) & 0xFF; | ||
| } | ||
|
|
||
| /* Skip next 32 random numbers for better entropy */ | ||
|
There was a problem hiding this comment. How is that guaranteeing better entropy? Is there some known correlation between subsequent bytes returned from the RNG? There was a problem hiding this comment. This is done per what is recommended in the reference manual. To constitute one 128 bit number, a 32 bit random number is read, then the next 32 There was a problem hiding this comment. The code doesn't implement this but instead skips 32*32 bits per 32 bits of entropy. Could you correct that, to avoid unnecessary workload in the device? There was a problem hiding this comment. For every 32 bit random number read, it is recommended that the next 32 32-bit random numbers are skipped. This is what the code is doing. There was a problem hiding this comment. I should have read that properly - apologies, my fault! |
||
| for (skip = 0; skip < 32; skip++) { | ||
| RNG_GetRandomData(); | ||
| } | ||
| } | ||
|
|
||
|
There was a problem hiding this comment. Please reliably zeroize There was a problem hiding this comment. I will zeroize data and update this commit There was a problem hiding this comment. @mmahadevan108 Please zeroize There was a problem hiding this comment. At the time the There was a problem hiding this comment. @mazimkhan Yes, it is zeroized before returning from the function, isn't it? |
||
| *output_length = idx; | ||
|
|
||
| /* Zeroize to avoid leakage of entropy on the stack. Also ensure this is not removed by compiler optimizations */ | ||
| *((volatile uint32_t*) &data) = 0; | ||
|
|
||
| return (idx == length ? 0 : -1); | ||
| } | ||
| #endif | ||
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Please suppress unused argument compiler warning for
obj.There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
@mmahadevan108 Could you address that comment, too, when you're fixing the zeroization below?