Remove Havege module.

Signed-off-by: Mateusz Starzyk <mateusz.starzyk@mobica.com>
This commit is contained in:
Mateusz Starzyk 2021-01-29 16:46:31 +01:00
parent a120146afe
commit 0fdcc8eee9
33 changed files with 16 additions and 799 deletions

View file

@ -0,0 +1,7 @@
API changes
* Remove HAVEGE module.
The design of HAVEGE makes it unsuitable for microcontrollers. Platforms with a more complex
CPU usually have an operating system interface that provides better randomness.
Instead of HAVEGE, declare OS or hardware RNG interfaces with mbedtls_entropy_add_source()
and/or use an entropy seed file created securely during device provisioning.
See https://tls.mbed.org/kb/how-to/add-entropy-sources-to-entropy-pool for more information.

View file

@ -1079,8 +1079,8 @@
/** /**
* \def MBEDTLS_NO_DEFAULT_ENTROPY_SOURCES * \def MBEDTLS_NO_DEFAULT_ENTROPY_SOURCES
* *
* Do not add default entropy sources. These are the platform specific, * Do not add default entropy sources. These are the platform specific
* mbedtls_timing_hardclock and HAVEGE based poll functions. * or mbedtls_timing_hardclock poll function.
* *
* This is useful to have more control over the added entropy sources in an * This is useful to have more control over the added entropy sources in an
* application. * application.
@ -2333,29 +2333,6 @@
*/ */
#define MBEDTLS_GCM_C #define MBEDTLS_GCM_C
/**
* \def MBEDTLS_HAVEGE_C
*
* Enable the HAVEGE random generator.
*
* Warning: the HAVEGE random generator is not suitable for virtualized
* environments
*
* Warning: the HAVEGE random generator is dependent on timing and specific
* processor traits. It is therefore not advised to use HAVEGE as
* your applications primary random generator or primary entropy pool
* input. As a secondary input to your entropy pool, it IS able add
* the (limited) extra entropy it provides.
*
* Module: library/havege.c
* Caller:
*
* Requires: MBEDTLS_TIMING_C
*
* Uncomment to enable the HAVEGE random generator.
*/
//#define MBEDTLS_HAVEGE_C
/** /**
* \def MBEDTLS_HKDF_C * \def MBEDTLS_HKDF_C
* *
@ -2929,9 +2906,6 @@
* https://tls.mbed.org/kb/how-to/how-do-i-port-mbed-tls-to-a-new-environment-OS * https://tls.mbed.org/kb/how-to/how-do-i-port-mbed-tls-to-a-new-environment-OS
* *
* Module: library/timing.c * Module: library/timing.c
* Caller: library/havege.c
*
* This module is used by the HAVEGE random number generator.
*/ */
#define MBEDTLS_TIMING_C #define MBEDTLS_TIMING_C

View file

@ -64,7 +64,6 @@
#define MBEDTLS_ENTROPY_C #define MBEDTLS_ENTROPY_C
#define MBEDTLS_ERROR_C #define MBEDTLS_ERROR_C
#define MBEDTLS_GCM_C #define MBEDTLS_GCM_C
//#define MBEDTLS_HAVEGE_C
#define MBEDTLS_HKDF_C #define MBEDTLS_HKDF_C
#define MBEDTLS_HMAC_DRBG_C #define MBEDTLS_HMAC_DRBG_C
#define MBEDTLS_NIST_KW_C #define MBEDTLS_NIST_KW_C

View file

@ -32,11 +32,6 @@
* source of entropy. For these purposes \c mbedtls_entropy_func() can be used. * source of entropy. For these purposes \c mbedtls_entropy_func() can be used.
* This is an implementation based on a simple entropy accumulator design. * This is an implementation based on a simple entropy accumulator design.
* *
* The other number generator that is included is less strong and uses the
* HAVEGE (HArdware Volatile Entropy Gathering and Expansion) software heuristic
* which considered unsafe for primary usage, but provides additional random
* to the entropy pool if enables.
*
* Meaning that there seems to be no practical algorithm that can guess * Meaning that there seems to be no practical algorithm that can guess
* the next bit with a probability larger than 1/2 in an output sequence. * the next bit with a probability larger than 1/2 in an output sequence.
* *

View file

@ -210,8 +210,7 @@
#error "MBEDTLS_TEST_NULL_ENTROPY defined, but not all prerequisites" #error "MBEDTLS_TEST_NULL_ENTROPY defined, but not all prerequisites"
#endif #endif
#if defined(MBEDTLS_TEST_NULL_ENTROPY) && \ #if defined(MBEDTLS_TEST_NULL_ENTROPY) && \
( defined(MBEDTLS_ENTROPY_NV_SEED) || defined(MBEDTLS_ENTROPY_HARDWARE_ALT) || \ ( defined(MBEDTLS_ENTROPY_NV_SEED) || defined(MBEDTLS_ENTROPY_HARDWARE_ALT) )
defined(MBEDTLS_HAVEGE_C) )
#error "MBEDTLS_TEST_NULL_ENTROPY defined, but entropy sources too" #error "MBEDTLS_TEST_NULL_ENTROPY defined, but entropy sources too"
#endif #endif
@ -252,10 +251,6 @@
#error "MBEDTLS_ECP_NORMALIZE_MXZ_ALT defined, but not all prerequisites" #error "MBEDTLS_ECP_NORMALIZE_MXZ_ALT defined, but not all prerequisites"
#endif #endif
#if defined(MBEDTLS_HAVEGE_C) && !defined(MBEDTLS_TIMING_C)
#error "MBEDTLS_HAVEGE_C defined, but not all prerequisites"
#endif
#if defined(MBEDTLS_HKDF_C) && !defined(MBEDTLS_MD_C) #if defined(MBEDTLS_HKDF_C) && !defined(MBEDTLS_MD_C)
#error "MBEDTLS_HKDF_C defined, but not all prerequisites" #error "MBEDTLS_HKDF_C defined, but not all prerequisites"
#endif #endif

View file

@ -224,9 +224,6 @@
#if defined MBEDTLS_GENPRIME #if defined MBEDTLS_GENPRIME
#define POLARSSL_GENPRIME MBEDTLS_GENPRIME #define POLARSSL_GENPRIME MBEDTLS_GENPRIME
#endif #endif
#if defined MBEDTLS_HAVEGE_C
#define POLARSSL_HAVEGE_C MBEDTLS_HAVEGE_C
#endif
#if defined MBEDTLS_HAVE_ASM #if defined MBEDTLS_HAVE_ASM
#define POLARSSL_HAVE_ASM MBEDTLS_HAVE_ASM #define POLARSSL_HAVE_ASM MBEDTLS_HAVE_ASM
#endif #endif
@ -686,7 +683,6 @@
#define BLOWFISH_ROUNDS MBEDTLS_BLOWFISH_ROUNDS #define BLOWFISH_ROUNDS MBEDTLS_BLOWFISH_ROUNDS
#define CAMELLIA_DECRYPT MBEDTLS_CAMELLIA_DECRYPT #define CAMELLIA_DECRYPT MBEDTLS_CAMELLIA_DECRYPT
#define CAMELLIA_ENCRYPT MBEDTLS_CAMELLIA_ENCRYPT #define CAMELLIA_ENCRYPT MBEDTLS_CAMELLIA_ENCRYPT
#define COLLECT_SIZE MBEDTLS_HAVEGE_COLLECT_SIZE
#define CTR_DRBG_BLOCKSIZE MBEDTLS_CTR_DRBG_BLOCKSIZE #define CTR_DRBG_BLOCKSIZE MBEDTLS_CTR_DRBG_BLOCKSIZE
#define CTR_DRBG_ENTROPY_LEN MBEDTLS_CTR_DRBG_ENTROPY_LEN #define CTR_DRBG_ENTROPY_LEN MBEDTLS_CTR_DRBG_ENTROPY_LEN
#define CTR_DRBG_KEYBITS MBEDTLS_CTR_DRBG_KEYBITS #define CTR_DRBG_KEYBITS MBEDTLS_CTR_DRBG_KEYBITS
@ -707,7 +703,6 @@
#define ENTROPY_MAX_SEED_SIZE MBEDTLS_ENTROPY_MAX_SEED_SIZE #define ENTROPY_MAX_SEED_SIZE MBEDTLS_ENTROPY_MAX_SEED_SIZE
#define ENTROPY_MAX_SOURCES MBEDTLS_ENTROPY_MAX_SOURCES #define ENTROPY_MAX_SOURCES MBEDTLS_ENTROPY_MAX_SOURCES
#define ENTROPY_MIN_HARDCLOCK MBEDTLS_ENTROPY_MIN_HARDCLOCK #define ENTROPY_MIN_HARDCLOCK MBEDTLS_ENTROPY_MIN_HARDCLOCK
#define ENTROPY_MIN_HAVEGE MBEDTLS_ENTROPY_MIN_HAVEGE
#define ENTROPY_MIN_PLATFORM MBEDTLS_ENTROPY_MIN_PLATFORM #define ENTROPY_MIN_PLATFORM MBEDTLS_ENTROPY_MIN_PLATFORM
#define ENTROPY_SOURCE_MANUAL MBEDTLS_ENTROPY_SOURCE_MANUAL #define ENTROPY_SOURCE_MANUAL MBEDTLS_ENTROPY_SOURCE_MANUAL
#define EXT_AUTHORITY_KEY_IDENTIFIER MBEDTLS_X509_EXT_AUTHORITY_KEY_IDENTIFIER #define EXT_AUTHORITY_KEY_IDENTIFIER MBEDTLS_X509_EXT_AUTHORITY_KEY_IDENTIFIER
@ -1228,7 +1223,6 @@
#define POLARSSL_ERR_X509_UNKNOWN_VERSION MBEDTLS_ERR_X509_UNKNOWN_VERSION #define POLARSSL_ERR_X509_UNKNOWN_VERSION MBEDTLS_ERR_X509_UNKNOWN_VERSION
#define POLARSSL_ERR_XTEA_INVALID_INPUT_LENGTH MBEDTLS_ERR_XTEA_INVALID_INPUT_LENGTH #define POLARSSL_ERR_XTEA_INVALID_INPUT_LENGTH MBEDTLS_ERR_XTEA_INVALID_INPUT_LENGTH
#define POLARSSL_GCM_H MBEDTLS_GCM_H #define POLARSSL_GCM_H MBEDTLS_GCM_H
#define POLARSSL_HAVEGE_H MBEDTLS_HAVEGE_H
#define POLARSSL_HAVE_INT32 MBEDTLS_HAVE_INT32 #define POLARSSL_HAVE_INT32 MBEDTLS_HAVE_INT32
#define POLARSSL_HAVE_INT64 MBEDTLS_HAVE_INT64 #define POLARSSL_HAVE_INT64 MBEDTLS_HAVE_INT64
#define POLARSSL_HAVE_UDBL MBEDTLS_HAVE_UDBL #define POLARSSL_HAVE_UDBL MBEDTLS_HAVE_UDBL
@ -1963,11 +1957,6 @@
#define get_timer mbedtls_timing_get_timer #define get_timer mbedtls_timing_get_timer
#define hardclock mbedtls_timing_hardclock #define hardclock mbedtls_timing_hardclock
#define hardclock_poll mbedtls_hardclock_poll #define hardclock_poll mbedtls_hardclock_poll
#define havege_free mbedtls_havege_free
#define havege_init mbedtls_havege_init
#define havege_poll mbedtls_havege_poll
#define havege_random mbedtls_havege_random
#define havege_state mbedtls_havege_state
#define hmac_drbg_context mbedtls_hmac_drbg_context #define hmac_drbg_context mbedtls_hmac_drbg_context
#define hmac_drbg_free mbedtls_hmac_drbg_free #define hmac_drbg_free mbedtls_hmac_drbg_free
#define hmac_drbg_init mbedtls_hmac_drbg_init #define hmac_drbg_init mbedtls_hmac_drbg_init

View file

@ -1193,8 +1193,8 @@
/** /**
* \def MBEDTLS_NO_DEFAULT_ENTROPY_SOURCES * \def MBEDTLS_NO_DEFAULT_ENTROPY_SOURCES
* *
* Do not add default entropy sources. These are the platform specific, * Do not add default entropy sources. These are the platform specific
* mbedtls_timing_hardclock and HAVEGE based poll functions. * or mbedtls_timing_hardclock poll function.
* *
* This is useful to have more control over the added entropy sources in an * This is useful to have more control over the added entropy sources in an
* application. * application.
@ -2784,29 +2784,6 @@
*/ */
#define MBEDTLS_GCM_C #define MBEDTLS_GCM_C
/**
* \def MBEDTLS_HAVEGE_C
*
* Enable the HAVEGE random generator.
*
* Warning: the HAVEGE random generator is not suitable for virtualized
* environments
*
* Warning: the HAVEGE random generator is dependent on timing and specific
* processor traits. It is therefore not advised to use HAVEGE as
* your applications primary random generator or primary entropy pool
* input. As a secondary input to your entropy pool, it IS able add
* the (limited) extra entropy it provides.
*
* Module: library/havege.c
* Caller:
*
* Requires: MBEDTLS_TIMING_C
*
* Uncomment to enable the HAVEGE random generator.
*/
//#define MBEDTLS_HAVEGE_C
/** /**
* \def MBEDTLS_HKDF_C * \def MBEDTLS_HKDF_C
* *
@ -3405,9 +3382,6 @@
* https://tls.mbed.org/kb/how-to/how-do-i-port-mbed-tls-to-a-new-environment-OS * https://tls.mbed.org/kb/how-to/how-do-i-port-mbed-tls-to-a-new-environment-OS
* *
* Module: library/timing.c * Module: library/timing.c
* Caller: library/havege.c
*
* This module is used by the HAVEGE random number generator.
*/ */
#define MBEDTLS_TIMING_C #define MBEDTLS_TIMING_C

View file

@ -44,9 +44,6 @@
#include "mbedtls/threading.h" #include "mbedtls/threading.h"
#endif #endif
#if defined(MBEDTLS_HAVEGE_C)
#include "mbedtls/havege.h"
#endif
#define MBEDTLS_ERR_ENTROPY_SOURCE_FAILED -0x003C /**< Critical entropy source failure. */ #define MBEDTLS_ERR_ENTROPY_SOURCE_FAILED -0x003C /**< Critical entropy source failure. */
#define MBEDTLS_ERR_ENTROPY_MAX_SOURCES -0x003E /**< No more sources can be added. */ #define MBEDTLS_ERR_ENTROPY_MAX_SOURCES -0x003E /**< No more sources can be added. */
@ -128,9 +125,6 @@ typedef struct mbedtls_entropy_context
#endif #endif
int source_count; int source_count;
mbedtls_entropy_source_state source[MBEDTLS_ENTROPY_MAX_SOURCES]; mbedtls_entropy_source_state source[MBEDTLS_ENTROPY_MAX_SOURCES];
#if defined(MBEDTLS_HAVEGE_C)
mbedtls_havege_state havege_data;
#endif
#if defined(MBEDTLS_THREADING_C) #if defined(MBEDTLS_THREADING_C)
mbedtls_threading_mutex_t mutex; /*!< mutex */ mbedtls_threading_mutex_t mutex; /*!< mutex */
#endif #endif

View file

@ -38,7 +38,6 @@ extern "C" {
* Default thresholds for built-in sources, in bytes * Default thresholds for built-in sources, in bytes
*/ */
#define MBEDTLS_ENTROPY_MIN_PLATFORM 32 /**< Minimum for platform source */ #define MBEDTLS_ENTROPY_MIN_PLATFORM 32 /**< Minimum for platform source */
#define MBEDTLS_ENTROPY_MIN_HAVEGE 32 /**< Minimum for HAVEGE */
#define MBEDTLS_ENTROPY_MIN_HARDCLOCK 4 /**< Minimum for mbedtls_timing_hardclock() */ #define MBEDTLS_ENTROPY_MIN_HARDCLOCK 4 /**< Minimum for mbedtls_timing_hardclock() */
#if !defined(MBEDTLS_ENTROPY_MIN_HARDWARE) #if !defined(MBEDTLS_ENTROPY_MIN_HARDWARE)
#define MBEDTLS_ENTROPY_MIN_HARDWARE 32 /**< Minimum for the hardware source */ #define MBEDTLS_ENTROPY_MIN_HARDWARE 32 /**< Minimum for the hardware source */
@ -60,16 +59,6 @@ int mbedtls_platform_entropy_poll( void *data,
unsigned char *output, size_t len, size_t *olen ); unsigned char *output, size_t len, size_t *olen );
#endif #endif
#if defined(MBEDTLS_HAVEGE_C)
/**
* \brief HAVEGE based entropy poll callback
*
* Requires an HAVEGE state as its data pointer.
*/
int mbedtls_havege_poll( void *data,
unsigned char *output, size_t len, size_t *olen );
#endif
#if defined(MBEDTLS_TIMING_C) #if defined(MBEDTLS_TIMING_C)
/** /**
* \brief mbedtls_timing_hardclock-based entropy poll callback * \brief mbedtls_timing_hardclock-based entropy poll callback

View file

@ -1,80 +0,0 @@
/**
* \file havege.h
*
* \brief HAVEGE: HArdware Volatile Entropy Gathering and Expansion
*/
/*
* Copyright The Mbed TLS Contributors
* SPDX-License-Identifier: Apache-2.0
*
* Licensed under the Apache License, Version 2.0 (the "License"); you may
* not use this file except in compliance with the License.
* You may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
* WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
* See the License for the specific language governing permissions and
* limitations under the License.
*/
#ifndef MBEDTLS_HAVEGE_H
#define MBEDTLS_HAVEGE_H
#if !defined(MBEDTLS_CONFIG_FILE)
#include "mbedtls/config.h"
#else
#include MBEDTLS_CONFIG_FILE
#endif
#include <stddef.h>
#include <stdint.h>
#define MBEDTLS_HAVEGE_COLLECT_SIZE 1024
#ifdef __cplusplus
extern "C" {
#endif
/**
* \brief HAVEGE state structure
*/
typedef struct mbedtls_havege_state
{
uint32_t PT1, PT2, offset[2];
uint32_t pool[MBEDTLS_HAVEGE_COLLECT_SIZE];
uint32_t WALK[8192];
}
mbedtls_havege_state;
/**
* \brief HAVEGE initialization
*
* \param hs HAVEGE state to be initialized
*/
void mbedtls_havege_init( mbedtls_havege_state *hs );
/**
* \brief Clear HAVEGE state
*
* \param hs HAVEGE state to be cleared
*/
void mbedtls_havege_free( mbedtls_havege_state *hs );
/**
* \brief HAVEGE rand function
*
* \param p_rng A HAVEGE state
* \param output Buffer to fill
* \param len Length of buffer
*
* \return 0
*/
int mbedtls_havege_random( void *p_rng, unsigned char *output, size_t len );
#ifdef __cplusplus
}
#endif
#endif /* havege.h */

View file

@ -39,7 +39,6 @@ set(src_crypto
entropy_poll.c entropy_poll.c
error.c error.c
gcm.c gcm.c
havege.c
hkdf.c hkdf.c
hmac_drbg.c hmac_drbg.c
md.c md.c

View file

@ -96,7 +96,6 @@ OBJS_CRYPTO= \
entropy_poll.o \ entropy_poll.o \
error.o \ error.o \
gcm.o \ gcm.o \
havege.o \
hkdf.o \ hkdf.o \
hmac_drbg.o \ hmac_drbg.o \
md.o \ md.o \

View file

@ -51,9 +51,6 @@
#endif /* MBEDTLS_PLATFORM_C */ #endif /* MBEDTLS_PLATFORM_C */
#endif /* MBEDTLS_SELF_TEST */ #endif /* MBEDTLS_SELF_TEST */
#if defined(MBEDTLS_HAVEGE_C)
#include "mbedtls/havege.h"
#endif
#define ENTROPY_MAX_LOOP 256 /**< Maximum amount to loop before error */ #define ENTROPY_MAX_LOOP 256 /**< Maximum amount to loop before error */
@ -72,9 +69,6 @@ void mbedtls_entropy_init( mbedtls_entropy_context *ctx )
#else #else
mbedtls_sha256_init( &ctx->accumulator ); mbedtls_sha256_init( &ctx->accumulator );
#endif #endif
#if defined(MBEDTLS_HAVEGE_C)
mbedtls_havege_init( &ctx->havege_data );
#endif
/* Reminder: Update ENTROPY_HAVE_STRONG in the test files /* Reminder: Update ENTROPY_HAVE_STRONG in the test files
* when adding more strong entropy sources here. */ * when adding more strong entropy sources here. */
@ -95,11 +89,6 @@ void mbedtls_entropy_init( mbedtls_entropy_context *ctx )
MBEDTLS_ENTROPY_MIN_HARDCLOCK, MBEDTLS_ENTROPY_MIN_HARDCLOCK,
MBEDTLS_ENTROPY_SOURCE_WEAK ); MBEDTLS_ENTROPY_SOURCE_WEAK );
#endif #endif
#if defined(MBEDTLS_HAVEGE_C)
mbedtls_entropy_add_source( ctx, mbedtls_havege_poll, &ctx->havege_data,
MBEDTLS_ENTROPY_MIN_HAVEGE,
MBEDTLS_ENTROPY_SOURCE_STRONG );
#endif
#if defined(MBEDTLS_ENTROPY_HARDWARE_ALT) #if defined(MBEDTLS_ENTROPY_HARDWARE_ALT)
mbedtls_entropy_add_source( ctx, mbedtls_hardware_poll, NULL, mbedtls_entropy_add_source( ctx, mbedtls_hardware_poll, NULL,
MBEDTLS_ENTROPY_MIN_HARDWARE, MBEDTLS_ENTROPY_MIN_HARDWARE,
@ -116,9 +105,6 @@ void mbedtls_entropy_init( mbedtls_entropy_context *ctx )
void mbedtls_entropy_free( mbedtls_entropy_context *ctx ) void mbedtls_entropy_free( mbedtls_entropy_context *ctx )
{ {
#if defined(MBEDTLS_HAVEGE_C)
mbedtls_havege_free( &ctx->havege_data );
#endif
#if defined(MBEDTLS_THREADING_C) #if defined(MBEDTLS_THREADING_C)
mbedtls_mutex_free( &ctx->mutex ); mbedtls_mutex_free( &ctx->mutex );
#endif #endif

View file

@ -35,9 +35,6 @@
#if defined(MBEDTLS_TIMING_C) #if defined(MBEDTLS_TIMING_C)
#include "mbedtls/timing.h" #include "mbedtls/timing.h"
#endif #endif
#if defined(MBEDTLS_HAVEGE_C)
#include "mbedtls/havege.h"
#endif
#if defined(MBEDTLS_ENTROPY_NV_SEED) #if defined(MBEDTLS_ENTROPY_NV_SEED)
#include "mbedtls/platform.h" #include "mbedtls/platform.h"
#endif #endif
@ -234,22 +231,6 @@ int mbedtls_hardclock_poll( void *data,
} }
#endif /* MBEDTLS_TIMING_C */ #endif /* MBEDTLS_TIMING_C */
#if defined(MBEDTLS_HAVEGE_C)
int mbedtls_havege_poll( void *data,
unsigned char *output, size_t len, size_t *olen )
{
mbedtls_havege_state *hs = (mbedtls_havege_state *) data;
*olen = 0;
if( mbedtls_havege_random( hs, output, len ) != 0 )
return( MBEDTLS_ERR_ENTROPY_SOURCE_FAILED );
*olen = len;
return( 0 );
}
#endif /* MBEDTLS_HAVEGE_C */
#if defined(MBEDTLS_ENTROPY_NV_SEED) #if defined(MBEDTLS_ENTROPY_NV_SEED)
int mbedtls_nv_seed_poll( void *data, int mbedtls_nv_seed_poll( void *data,
unsigned char *output, size_t len, size_t *olen ) unsigned char *output, size_t len, size_t *olen )

View file

@ -1,237 +0,0 @@
/**
* \brief HAVEGE: HArdware Volatile Entropy Gathering and Expansion
*
* Copyright The Mbed TLS Contributors
* SPDX-License-Identifier: Apache-2.0
*
* Licensed under the Apache License, Version 2.0 (the "License"); you may
* not use this file except in compliance with the License.
* You may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
* WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
* See the License for the specific language governing permissions and
* limitations under the License.
*/
/*
* The HAVEGE RNG was designed by Andre Seznec in 2002.
*
* http://www.irisa.fr/caps/projects/hipsor/publi.php
*
* Contact: seznec(at)irisa_dot_fr - orocheco(at)irisa_dot_fr
*/
#include "common.h"
#if defined(MBEDTLS_HAVEGE_C)
#include "mbedtls/havege.h"
#include "mbedtls/timing.h"
#include "mbedtls/platform_util.h"
#include <stdint.h>
#include <string.h>
/* ------------------------------------------------------------------------
* On average, one iteration accesses two 8-word blocks in the havege WALK
* table, and generates 16 words in the RES array.
*
* The data read in the WALK table is updated and permuted after each use.
* The result of the hardware clock counter read is used for this update.
*
* 25 conditional tests are present. The conditional tests are grouped in
* two nested groups of 12 conditional tests and 1 test that controls the
* permutation; on average, there should be 6 tests executed and 3 of them
* should be mispredicted.
* ------------------------------------------------------------------------
*/
#define SWAP(X,Y) { uint32_t *T = (X); (X) = (Y); (Y) = T; }
#define TST1_ENTER if( PTEST & 1 ) { PTEST ^= 3; PTEST >>= 1;
#define TST2_ENTER if( PTEST & 1 ) { PTEST ^= 3; PTEST >>= 1;
#define TST1_LEAVE U1++; }
#define TST2_LEAVE U2++; }
#define ONE_ITERATION \
\
PTEST = PT1 >> 20; \
\
TST1_ENTER TST1_ENTER TST1_ENTER TST1_ENTER \
TST1_ENTER TST1_ENTER TST1_ENTER TST1_ENTER \
TST1_ENTER TST1_ENTER TST1_ENTER TST1_ENTER \
\
TST1_LEAVE TST1_LEAVE TST1_LEAVE TST1_LEAVE \
TST1_LEAVE TST1_LEAVE TST1_LEAVE TST1_LEAVE \
TST1_LEAVE TST1_LEAVE TST1_LEAVE TST1_LEAVE \
\
PTX = (PT1 >> 18) & 7; \
PT1 &= 0x1FFF; \
PT2 &= 0x1FFF; \
CLK = (uint32_t) mbedtls_timing_hardclock(); \
\
i = 0; \
A = &WALK[PT1 ]; RES[i++] ^= *A; \
B = &WALK[PT2 ]; RES[i++] ^= *B; \
C = &WALK[PT1 ^ 1]; RES[i++] ^= *C; \
D = &WALK[PT2 ^ 4]; RES[i++] ^= *D; \
\
IN = (*A >> (1)) ^ (*A << (31)) ^ CLK; \
*A = (*B >> (2)) ^ (*B << (30)) ^ CLK; \
*B = IN ^ U1; \
*C = (*C >> (3)) ^ (*C << (29)) ^ CLK; \
*D = (*D >> (4)) ^ (*D << (28)) ^ CLK; \
\
A = &WALK[PT1 ^ 2]; RES[i++] ^= *A; \
B = &WALK[PT2 ^ 2]; RES[i++] ^= *B; \
C = &WALK[PT1 ^ 3]; RES[i++] ^= *C; \
D = &WALK[PT2 ^ 6]; RES[i++] ^= *D; \
\
if( PTEST & 1 ) SWAP( A, C ); \
\
IN = (*A >> (5)) ^ (*A << (27)) ^ CLK; \
*A = (*B >> (6)) ^ (*B << (26)) ^ CLK; \
*B = IN; CLK = (uint32_t) mbedtls_timing_hardclock(); \
*C = (*C >> (7)) ^ (*C << (25)) ^ CLK; \
*D = (*D >> (8)) ^ (*D << (24)) ^ CLK; \
\
A = &WALK[PT1 ^ 4]; \
B = &WALK[PT2 ^ 1]; \
\
PTEST = PT2 >> 1; \
\
PT2 = (RES[(i - 8) ^ PTY] ^ WALK[PT2 ^ PTY ^ 7]); \
PT2 = ((PT2 & 0x1FFF) & (~8)) ^ ((PT1 ^ 8) & 0x8); \
PTY = (PT2 >> 10) & 7; \
\
TST2_ENTER TST2_ENTER TST2_ENTER TST2_ENTER \
TST2_ENTER TST2_ENTER TST2_ENTER TST2_ENTER \
TST2_ENTER TST2_ENTER TST2_ENTER TST2_ENTER \
\
TST2_LEAVE TST2_LEAVE TST2_LEAVE TST2_LEAVE \
TST2_LEAVE TST2_LEAVE TST2_LEAVE TST2_LEAVE \
TST2_LEAVE TST2_LEAVE TST2_LEAVE TST2_LEAVE \
\
C = &WALK[PT1 ^ 5]; \
D = &WALK[PT2 ^ 5]; \
\
RES[i++] ^= *A; \
RES[i++] ^= *B; \
RES[i++] ^= *C; \
RES[i++] ^= *D; \
\
IN = (*A >> ( 9)) ^ (*A << (23)) ^ CLK; \
*A = (*B >> (10)) ^ (*B << (22)) ^ CLK; \
*B = IN ^ U2; \
*C = (*C >> (11)) ^ (*C << (21)) ^ CLK; \
*D = (*D >> (12)) ^ (*D << (20)) ^ CLK; \
\
A = &WALK[PT1 ^ 6]; RES[i++] ^= *A; \
B = &WALK[PT2 ^ 3]; RES[i++] ^= *B; \
C = &WALK[PT1 ^ 7]; RES[i++] ^= *C; \
D = &WALK[PT2 ^ 7]; RES[i++] ^= *D; \
\
IN = (*A >> (13)) ^ (*A << (19)) ^ CLK; \
*A = (*B >> (14)) ^ (*B << (18)) ^ CLK; \
*B = IN; \
*C = (*C >> (15)) ^ (*C << (17)) ^ CLK; \
*D = (*D >> (16)) ^ (*D << (16)) ^ CLK; \
\
PT1 = ( RES[( i - 8 ) ^ PTX] ^ \
WALK[PT1 ^ PTX ^ 7] ) & (~1); \
PT1 ^= (PT2 ^ 0x10) & 0x10; \
\
for( n++, i = 0; i < 16; i++ ) \
hs->pool[n % MBEDTLS_HAVEGE_COLLECT_SIZE] ^= RES[i];
/*
* Entropy gathering function
*/
static void havege_fill( mbedtls_havege_state *hs )
{
size_t n = 0;
size_t i;
uint32_t U1, U2, *A, *B, *C, *D;
uint32_t PT1, PT2, *WALK, RES[16];
uint32_t PTX, PTY, CLK, PTEST, IN;
WALK = hs->WALK;
PT1 = hs->PT1;
PT2 = hs->PT2;
PTX = U1 = 0;
PTY = U2 = 0;
(void)PTX;
memset( RES, 0, sizeof( RES ) );
while( n < MBEDTLS_HAVEGE_COLLECT_SIZE * 4 )
{
ONE_ITERATION
ONE_ITERATION
ONE_ITERATION
ONE_ITERATION
}
hs->PT1 = PT1;
hs->PT2 = PT2;
hs->offset[0] = 0;
hs->offset[1] = MBEDTLS_HAVEGE_COLLECT_SIZE / 2;
}
/*
* HAVEGE initialization
*/
void mbedtls_havege_init( mbedtls_havege_state *hs )
{
memset( hs, 0, sizeof( mbedtls_havege_state ) );
havege_fill( hs );
}
void mbedtls_havege_free( mbedtls_havege_state *hs )
{
if( hs == NULL )
return;
mbedtls_platform_zeroize( hs, sizeof( mbedtls_havege_state ) );
}
/*
* HAVEGE rand function
*/
int mbedtls_havege_random( void *p_rng, unsigned char *buf, size_t len )
{
uint32_t val;
size_t use_len;
mbedtls_havege_state *hs = (mbedtls_havege_state *) p_rng;
unsigned char *p = buf;
while( len > 0 )
{
use_len = len;
if( use_len > sizeof( val ) )
use_len = sizeof( val );
if( hs->offset[1] >= MBEDTLS_HAVEGE_COLLECT_SIZE )
havege_fill( hs );
val = hs->pool[hs->offset[0]++];
val ^= hs->pool[hs->offset[1]++];
memcpy( p, &val, use_len );
len -= use_len;
p += use_len;
}
return( 0 );
}
#endif /* MBEDTLS_HAVEGE_C */

View file

@ -690,9 +690,6 @@ static const char * const features[] = {
#if defined(MBEDTLS_GCM_C) #if defined(MBEDTLS_GCM_C)
"MBEDTLS_GCM_C", "MBEDTLS_GCM_C",
#endif /* MBEDTLS_GCM_C */ #endif /* MBEDTLS_GCM_C */
#if defined(MBEDTLS_HAVEGE_C)
"MBEDTLS_HAVEGE_C",
#endif /* MBEDTLS_HAVEGE_C */
#if defined(MBEDTLS_HKDF_C) #if defined(MBEDTLS_HKDF_C)
"MBEDTLS_HKDF_C", "MBEDTLS_HKDF_C",
#endif /* MBEDTLS_HKDF_C */ #endif /* MBEDTLS_HKDF_C */

1
programs/.gitignore vendored
View file

@ -40,7 +40,6 @@ psa/key_ladder_demo
psa/psa_constant_names psa/psa_constant_names
random/gen_entropy random/gen_entropy
random/gen_random_ctr_drbg random/gen_random_ctr_drbg
random/gen_random_havege
ssl/dtls_client ssl/dtls_client
ssl/dtls_server ssl/dtls_server
ssl/mini_client ssl/mini_client

View file

@ -85,7 +85,6 @@ APPS = \
psa/psa_constant_names$(EXEXT) \ psa/psa_constant_names$(EXEXT) \
random/gen_entropy$(EXEXT) \ random/gen_entropy$(EXEXT) \
random/gen_random_ctr_drbg$(EXEXT) \ random/gen_random_ctr_drbg$(EXEXT) \
random/gen_random_havege$(EXEXT) \
ssl/dtls_client$(EXEXT) \ ssl/dtls_client$(EXEXT) \
ssl/dtls_server$(EXEXT) \ ssl/dtls_server$(EXEXT) \
ssl/mini_client$(EXEXT) \ ssl/mini_client$(EXEXT) \
@ -247,10 +246,6 @@ random/gen_entropy$(EXEXT): random/gen_entropy.c $(DEP)
echo " CC random/gen_entropy.c" echo " CC random/gen_entropy.c"
$(CC) $(LOCAL_CFLAGS) $(CFLAGS) random/gen_entropy.c $(LOCAL_LDFLAGS) $(LDFLAGS) -o $@ $(CC) $(LOCAL_CFLAGS) $(CFLAGS) random/gen_entropy.c $(LOCAL_LDFLAGS) $(LDFLAGS) -o $@
random/gen_random_havege$(EXEXT): random/gen_random_havege.c $(DEP)
echo " CC random/gen_random_havege.c"
$(CC) $(LOCAL_CFLAGS) $(CFLAGS) random/gen_random_havege.c $(LOCAL_LDFLAGS) $(LDFLAGS) -o $@
random/gen_random_ctr_drbg$(EXEXT): random/gen_random_ctr_drbg.c $(DEP) random/gen_random_ctr_drbg$(EXEXT): random/gen_random_ctr_drbg.c $(DEP)
echo " CC random/gen_random_ctr_drbg.c" echo " CC random/gen_random_ctr_drbg.c"
$(CC) $(LOCAL_CFLAGS) $(CFLAGS) random/gen_random_ctr_drbg.c $(LOCAL_LDFLAGS) $(LDFLAGS) -o $@ $(CC) $(LOCAL_CFLAGS) $(CFLAGS) random/gen_random_ctr_drbg.c $(LOCAL_LDFLAGS) $(LDFLAGS) -o $@

View file

@ -61,8 +61,6 @@ This subdirectory mostly contains sample programs that illustrate specific featu
* [`random/gen_random_ctr_drbg.c`](random/gen_random_ctr_drbg.c): shows how to use the default entropy sources to seed a pseudorandom generator, and how to use the resulting random generator to generate random data. * [`random/gen_random_ctr_drbg.c`](random/gen_random_ctr_drbg.c): shows how to use the default entropy sources to seed a pseudorandom generator, and how to use the resulting random generator to generate random data.
* [`random/gen_random_havege.c`](random/gen_random_havege.c): demonstrates the HAVEGE entropy collector.
## SSL/TLS examples ## SSL/TLS examples
### SSL/TLS sample applications ### SSL/TLS sample applications

View file

@ -1,7 +1,6 @@
set(executables set(executables
gen_entropy gen_entropy
gen_random_ctr_drbg gen_random_ctr_drbg
gen_random_havege
) )
foreach(exe IN LISTS executables) foreach(exe IN LISTS executables)

View file

@ -1,107 +0,0 @@
/**
* \brief Generate random data into a file
*
* Copyright The Mbed TLS Contributors
* SPDX-License-Identifier: Apache-2.0
*
* Licensed under the Apache License, Version 2.0 (the "License"); you may
* not use this file except in compliance with the License.
* You may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
* WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
* See the License for the specific language governing permissions and
* limitations under the License.
*/
#if !defined(MBEDTLS_CONFIG_FILE)
#include "mbedtls/config.h"
#else
#include MBEDTLS_CONFIG_FILE
#endif
#if defined(MBEDTLS_PLATFORM_C)
#include "mbedtls/platform.h"
#else
#include <stdio.h>
#include <stdlib.h>
#define mbedtls_fprintf fprintf
#define mbedtls_printf printf
#define mbedtls_exit exit
#define MBEDTLS_EXIT_SUCCESS EXIT_SUCCESS
#define MBEDTLS_EXIT_FAILURE EXIT_FAILURE
#endif /* MBEDTLS_PLATFORM_C */
#if defined(MBEDTLS_HAVEGE_C) && defined(MBEDTLS_FS_IO)
#include "mbedtls/havege.h"
#include <stdio.h>
#include <time.h>
#endif
#if !defined(MBEDTLS_HAVEGE_C) || !defined(MBEDTLS_FS_IO)
int main( void )
{
mbedtls_printf("MBEDTLS_HAVEGE_C not defined.\n");
mbedtls_exit( 0 );
}
#else
int main( int argc, char *argv[] )
{
FILE *f;
time_t t;
int i, k, ret = 1;
int exit_code = MBEDTLS_EXIT_FAILURE;
mbedtls_havege_state hs;
unsigned char buf[1024];
if( argc < 2 )
{
mbedtls_fprintf( stderr, "usage: %s <output filename>\n", argv[0] );
mbedtls_exit( exit_code );
}
if( ( f = fopen( argv[1], "wb+" ) ) == NULL )
{
mbedtls_printf( "failed to open '%s' for writing.\n", argv[1] );
mbedtls_exit( exit_code );
}
mbedtls_havege_init( &hs );
t = time( NULL );
for( i = 0, k = 768; i < k; i++ )
{
if( ( ret = mbedtls_havege_random( &hs, buf, sizeof( buf ) ) ) != 0 )
{
mbedtls_printf( " failed\n ! mbedtls_havege_random returned -0x%04X",
-ret );
goto exit;
}
fwrite( buf, sizeof( buf ), 1, f );
mbedtls_printf( "Generating %ldkb of data in file '%s'... %04.1f" \
"%% done\r", (long)(sizeof(buf) * k / 1024), argv[1], (100 * (float) (i + 1)) / k );
fflush( stdout );
}
if( t == time( NULL ) )
t--;
mbedtls_printf(" \n ");
exit_code = MBEDTLS_EXIT_SUCCESS;
exit:
mbedtls_havege_free( &hs );
fclose( f );
mbedtls_exit( exit_code );
}
#endif /* MBEDTLS_HAVEGE_C */

View file

@ -65,7 +65,6 @@ int main( void )
#include "mbedtls/cmac.h" #include "mbedtls/cmac.h"
#include "mbedtls/poly1305.h" #include "mbedtls/poly1305.h"
#include "mbedtls/havege.h"
#include "mbedtls/ctr_drbg.h" #include "mbedtls/ctr_drbg.h"
#include "mbedtls/hmac_drbg.h" #include "mbedtls/hmac_drbg.h"
@ -101,7 +100,7 @@ int main( void )
"arc4, des3, des, camellia, blowfish, chacha20,\n" \ "arc4, des3, des, camellia, blowfish, chacha20,\n" \
"aes_cbc, aes_gcm, aes_ccm, aes_xts, chachapoly,\n" \ "aes_cbc, aes_gcm, aes_ccm, aes_xts, chachapoly,\n" \
"aes_cmac, des3_cmac, poly1305\n" \ "aes_cmac, des3_cmac, poly1305\n" \
"havege, ctr_drbg, hmac_drbg\n" \ "ctr_drbg, hmac_drbg\n" \
"rsa, dhm, ecdsa, ecdh.\n" "rsa, dhm, ecdsa, ecdh.\n"
#if defined(MBEDTLS_ERROR_C) #if defined(MBEDTLS_ERROR_C)
@ -275,7 +274,7 @@ typedef struct {
aes_cmac, des3_cmac, aes_cmac, des3_cmac,
aria, camellia, blowfish, chacha20, aria, camellia, blowfish, chacha20,
poly1305, poly1305,
havege, ctr_drbg, hmac_drbg, ctr_drbg, hmac_drbg,
rsa, dhm, ecdsa, ecdh; rsa, dhm, ecdsa, ecdh;
} todo_list; } todo_list;
@ -342,8 +341,6 @@ int main( int argc, char *argv[] )
todo.chacha20 = 1; todo.chacha20 = 1;
else if( strcmp( argv[i], "poly1305" ) == 0 ) else if( strcmp( argv[i], "poly1305" ) == 0 )
todo.poly1305 = 1; todo.poly1305 = 1;
else if( strcmp( argv[i], "havege" ) == 0 )
todo.havege = 1;
else if( strcmp( argv[i], "ctr_drbg" ) == 0 ) else if( strcmp( argv[i], "ctr_drbg" ) == 0 )
todo.ctr_drbg = 1; todo.ctr_drbg = 1;
else if( strcmp( argv[i], "hmac_drbg" ) == 0 ) else if( strcmp( argv[i], "hmac_drbg" ) == 0 )
@ -679,16 +676,6 @@ int main( int argc, char *argv[] )
} }
#endif #endif
#if defined(MBEDTLS_HAVEGE_C)
if( todo.havege )
{
mbedtls_havege_state hs;
mbedtls_havege_init( &hs );
TIME_AND_TSC( "HAVEGE", mbedtls_havege_random( &hs, buf, BUFSIZE ) );
mbedtls_havege_free( &hs );
}
#endif
#if defined(MBEDTLS_CTR_DRBG_C) #if defined(MBEDTLS_CTR_DRBG_C)
if( todo.ctr_drbg ) if( todo.ctr_drbg )
{ {

View file

@ -57,7 +57,6 @@
#include "mbedtls/entropy_poll.h" #include "mbedtls/entropy_poll.h"
#include "mbedtls/error.h" #include "mbedtls/error.h"
#include "mbedtls/gcm.h" #include "mbedtls/gcm.h"
#include "mbedtls/havege.h"
#include "mbedtls/hkdf.h" #include "mbedtls/hkdf.h"
#include "mbedtls/hmac_drbg.h" #include "mbedtls/hmac_drbg.h"
#include "mbedtls/md.h" #include "mbedtls/md.h"

View file

@ -64,7 +64,6 @@
#include "mbedtls/entropy_poll.h" #include "mbedtls/entropy_poll.h"
#include "mbedtls/error.h" #include "mbedtls/error.h"
#include "mbedtls/gcm.h" #include "mbedtls/gcm.h"
#include "mbedtls/havege.h"
#include "mbedtls/hkdf.h" #include "mbedtls/hkdf.h"
#include "mbedtls/hmac_drbg.h" #include "mbedtls/hmac_drbg.h"
#include "mbedtls/md.h" #include "mbedtls/md.h"
@ -1898,14 +1897,6 @@ int query_config( const char *config )
} }
#endif /* MBEDTLS_GCM_C */ #endif /* MBEDTLS_GCM_C */
#if defined(MBEDTLS_HAVEGE_C)
if( strcmp( "MBEDTLS_HAVEGE_C", config ) == 0 )
{
MACRO_EXPANSION_TO_STR( MBEDTLS_HAVEGE_C );
return( 0 );
}
#endif /* MBEDTLS_HAVEGE_C */
#if defined(MBEDTLS_HKDF_C) #if defined(MBEDTLS_HKDF_C)
if( strcmp( "MBEDTLS_HKDF_C", config ) == 0 ) if( strcmp( "MBEDTLS_HKDF_C", config ) == 0 )
{ {

View file

@ -241,7 +241,6 @@ EXCLUDE_FROM_BAREMETAL = frozenset([
#pylint: disable=line-too-long #pylint: disable=line-too-long
'MBEDTLS_ENTROPY_NV_SEED', # requires a filesystem and FS_IO or alternate NV seed hooks 'MBEDTLS_ENTROPY_NV_SEED', # requires a filesystem and FS_IO or alternate NV seed hooks
'MBEDTLS_FS_IO', # requires a filesystem 'MBEDTLS_FS_IO', # requires a filesystem
'MBEDTLS_HAVEGE_C', # requires a clock
'MBEDTLS_HAVE_TIME', # requires a clock 'MBEDTLS_HAVE_TIME', # requires a clock
'MBEDTLS_HAVE_TIME_DATE', # requires a clock 'MBEDTLS_HAVE_TIME_DATE', # requires a clock
'MBEDTLS_NET_C', # requires POSIX-like networking 'MBEDTLS_NET_C', # requires POSIX-like networking

View file

@ -64,7 +64,6 @@
#include "mbedtls/entropy_poll.h" #include "mbedtls/entropy_poll.h"
#include "mbedtls/error.h" #include "mbedtls/error.h"
#include "mbedtls/gcm.h" #include "mbedtls/gcm.h"
#include "mbedtls/havege.h"
#include "mbedtls/hkdf.h" #include "mbedtls/hkdf.h"
#include "mbedtls/hmac_drbg.h" #include "mbedtls/hmac_drbg.h"
#include "mbedtls/md.h" #include "mbedtls/md.h"

View file

@ -42,7 +42,6 @@ BLOWFISH_MIN_KEY MBEDTLS_BLOWFISH_MIN_KEY_BITS
BLOWFISH_ROUNDS MBEDTLS_BLOWFISH_ROUNDS BLOWFISH_ROUNDS MBEDTLS_BLOWFISH_ROUNDS
CAMELLIA_DECRYPT MBEDTLS_CAMELLIA_DECRYPT CAMELLIA_DECRYPT MBEDTLS_CAMELLIA_DECRYPT
CAMELLIA_ENCRYPT MBEDTLS_CAMELLIA_ENCRYPT CAMELLIA_ENCRYPT MBEDTLS_CAMELLIA_ENCRYPT
COLLECT_SIZE MBEDTLS_HAVEGE_COLLECT_SIZE
CTR_DRBG_BLOCKSIZE MBEDTLS_CTR_DRBG_BLOCKSIZE CTR_DRBG_BLOCKSIZE MBEDTLS_CTR_DRBG_BLOCKSIZE
CTR_DRBG_ENTROPY_LEN MBEDTLS_CTR_DRBG_ENTROPY_LEN CTR_DRBG_ENTROPY_LEN MBEDTLS_CTR_DRBG_ENTROPY_LEN
CTR_DRBG_KEYBITS MBEDTLS_CTR_DRBG_KEYBITS CTR_DRBG_KEYBITS MBEDTLS_CTR_DRBG_KEYBITS
@ -63,7 +62,6 @@ ENTROPY_MAX_GATHER MBEDTLS_ENTROPY_MAX_GATHER
ENTROPY_MAX_SEED_SIZE MBEDTLS_ENTROPY_MAX_SEED_SIZE ENTROPY_MAX_SEED_SIZE MBEDTLS_ENTROPY_MAX_SEED_SIZE
ENTROPY_MAX_SOURCES MBEDTLS_ENTROPY_MAX_SOURCES ENTROPY_MAX_SOURCES MBEDTLS_ENTROPY_MAX_SOURCES
ENTROPY_MIN_HARDCLOCK MBEDTLS_ENTROPY_MIN_HARDCLOCK ENTROPY_MIN_HARDCLOCK MBEDTLS_ENTROPY_MIN_HARDCLOCK
ENTROPY_MIN_HAVEGE MBEDTLS_ENTROPY_MIN_HAVEGE
ENTROPY_MIN_PLATFORM MBEDTLS_ENTROPY_MIN_PLATFORM ENTROPY_MIN_PLATFORM MBEDTLS_ENTROPY_MIN_PLATFORM
ENTROPY_SOURCE_MANUAL MBEDTLS_ENTROPY_SOURCE_MANUAL ENTROPY_SOURCE_MANUAL MBEDTLS_ENTROPY_SOURCE_MANUAL
EXT_AUTHORITY_KEY_IDENTIFIER MBEDTLS_X509_EXT_AUTHORITY_KEY_IDENTIFIER EXT_AUTHORITY_KEY_IDENTIFIER MBEDTLS_X509_EXT_AUTHORITY_KEY_IDENTIFIER
@ -663,8 +661,6 @@ POLARSSL_FS_IO MBEDTLS_FS_IO
POLARSSL_GCM_C MBEDTLS_GCM_C POLARSSL_GCM_C MBEDTLS_GCM_C
POLARSSL_GCM_H MBEDTLS_GCM_H POLARSSL_GCM_H MBEDTLS_GCM_H
POLARSSL_GENPRIME MBEDTLS_GENPRIME POLARSSL_GENPRIME MBEDTLS_GENPRIME
POLARSSL_HAVEGE_C MBEDTLS_HAVEGE_C
POLARSSL_HAVEGE_H MBEDTLS_HAVEGE_H
POLARSSL_HAVE_ASM MBEDTLS_HAVE_ASM POLARSSL_HAVE_ASM MBEDTLS_HAVE_ASM
POLARSSL_HAVE_INT16 MBEDTLS_HAVE_INT16 POLARSSL_HAVE_INT16 MBEDTLS_HAVE_INT16
POLARSSL_HAVE_INT32 MBEDTLS_HAVE_INT32 POLARSSL_HAVE_INT32 MBEDTLS_HAVE_INT32
@ -1551,11 +1547,6 @@ gcm_update mbedtls_gcm_update
get_timer mbedtls_timing_get_timer get_timer mbedtls_timing_get_timer
hardclock mbedtls_timing_hardclock hardclock mbedtls_timing_hardclock
hardclock_poll mbedtls_hardclock_poll hardclock_poll mbedtls_hardclock_poll
havege_free mbedtls_havege_free
havege_init mbedtls_havege_init
havege_poll mbedtls_havege_poll
havege_random mbedtls_havege_random
havege_state mbedtls_havege_state
hmac_drbg_context mbedtls_hmac_drbg_context hmac_drbg_context mbedtls_hmac_drbg_context
hmac_drbg_free mbedtls_hmac_drbg_free hmac_drbg_free mbedtls_hmac_drbg_free
hmac_drbg_init mbedtls_hmac_drbg_init hmac_drbg_init mbedtls_hmac_drbg_init

View file

@ -1980,7 +1980,6 @@ component_test_null_entropy () {
scripts/config.py unset MBEDTLS_ENTROPY_NV_SEED scripts/config.py unset MBEDTLS_ENTROPY_NV_SEED
scripts/config.py unset MBEDTLS_PLATFORM_NV_SEED_ALT scripts/config.py unset MBEDTLS_PLATFORM_NV_SEED_ALT
scripts/config.py unset MBEDTLS_ENTROPY_HARDWARE_ALT scripts/config.py unset MBEDTLS_ENTROPY_HARDWARE_ALT
scripts/config.py unset MBEDTLS_HAVEGE_C
CC=gcc cmake -D CMAKE_BUILD_TYPE:String=Asan -D UNSAFE_BUILD=ON . CC=gcc cmake -D CMAKE_BUILD_TYPE:String=Asan -D UNSAFE_BUILD=ON .
make make

View file

@ -376,7 +376,6 @@ jmp_buf jmp_tmp;
#if defined(MBEDTLS_TEST_NULL_ENTROPY) || \ #if defined(MBEDTLS_TEST_NULL_ENTROPY) || \
( !defined(MBEDTLS_NO_DEFAULT_ENTROPY_SOURCES) && \ ( !defined(MBEDTLS_NO_DEFAULT_ENTROPY_SOURCES) && \
( !defined(MBEDTLS_NO_PLATFORM_ENTROPY) || \ ( !defined(MBEDTLS_NO_PLATFORM_ENTROPY) || \
defined(MBEDTLS_HAVEGE_C) || \
defined(MBEDTLS_ENTROPY_HARDWARE_ALT) || \ defined(MBEDTLS_ENTROPY_HARDWARE_ALT) || \
defined(ENTROPY_NV_SEED) ) ) defined(ENTROPY_NV_SEED) ) )
#define ENTROPY_HAVE_STRONG #define ENTROPY_HAVE_STRONG

View file

@ -54,9 +54,8 @@ static int fake_entropy_source( void *state_arg,
#define ENTROPY_SOURCE_PLATFORM 0x00000001 #define ENTROPY_SOURCE_PLATFORM 0x00000001
#define ENTROPY_SOURCE_TIMING 0x00000002 #define ENTROPY_SOURCE_TIMING 0x00000002
#define ENTROPY_SOURCE_HAVEGE 0x00000004 #define ENTROPY_SOURCE_HARDWARE 0x00000004
#define ENTROPY_SOURCE_HARDWARE 0x00000008 #define ENTROPY_SOURCE_NV_SEED 0x00000008
#define ENTROPY_SOURCE_NV_SEED 0x00000010
#define ENTROPY_SOURCE_FAKE 0x40000000 #define ENTROPY_SOURCE_FAKE 0x40000000
static uint32_t custom_entropy_sources_mask; static uint32_t custom_entropy_sources_mask;
@ -79,9 +78,6 @@ static void custom_entropy_init( mbedtls_entropy_context *ctx )
#else #else
mbedtls_sha256_init( &ctx->accumulator ); mbedtls_sha256_init( &ctx->accumulator );
#endif #endif
#if defined(MBEDTLS_HAVEGE_C)
mbedtls_havege_init( &ctx->havege_data );
#endif
#if !defined(MBEDTLS_NO_PLATFORM_ENTROPY) #if !defined(MBEDTLS_NO_PLATFORM_ENTROPY)
if( custom_entropy_sources_mask & ENTROPY_SOURCE_PLATFORM ) if( custom_entropy_sources_mask & ENTROPY_SOURCE_PLATFORM )
@ -95,12 +91,6 @@ static void custom_entropy_init( mbedtls_entropy_context *ctx )
MBEDTLS_ENTROPY_MIN_HARDCLOCK, MBEDTLS_ENTROPY_MIN_HARDCLOCK,
MBEDTLS_ENTROPY_SOURCE_WEAK ); MBEDTLS_ENTROPY_SOURCE_WEAK );
#endif #endif
#if defined(MBEDTLS_HAVEGE_C)
if( custom_entropy_sources_mask & ENTROPY_SOURCE_HAVEGE )
mbedtls_entropy_add_source( ctx, mbedtls_havege_poll, &ctx->havege_data,
MBEDTLS_ENTROPY_MIN_HAVEGE,
MBEDTLS_ENTROPY_SOURCE_STRONG );
#endif
#if defined(MBEDTLS_ENTROPY_HARDWARE_ALT) #if defined(MBEDTLS_ENTROPY_HARDWARE_ALT)
if( custom_entropy_sources_mask & ENTROPY_SOURCE_HARDWARE ) if( custom_entropy_sources_mask & ENTROPY_SOURCE_HARDWARE )
mbedtls_entropy_add_source( ctx, mbedtls_hardware_poll, NULL, mbedtls_entropy_add_source( ctx, mbedtls_hardware_poll, NULL,

View file

@ -1,167 +0,0 @@
<?xml version="1.0" encoding="utf-8"?>
<Project DefaultTargets="Build" ToolsVersion="4.0" xmlns="http://schemas.microsoft.com/developer/msbuild/2003">
<ItemGroup Label="ProjectConfigurations">
<ProjectConfiguration Include="Debug|Win32">
<Configuration>Debug</Configuration>
<Platform>Win32</Platform>
</ProjectConfiguration>
<ProjectConfiguration Include="Debug|x64">
<Configuration>Debug</Configuration>
<Platform>x64</Platform>
</ProjectConfiguration>
<ProjectConfiguration Include="Release|Win32">
<Configuration>Release</Configuration>
<Platform>Win32</Platform>
</ProjectConfiguration>
<ProjectConfiguration Include="Release|x64">
<Configuration>Release</Configuration>
<Platform>x64</Platform>
</ProjectConfiguration>
</ItemGroup>
<ItemGroup>
<ClCompile Include="..\..\programs\random\gen_random_havege.c" />
</ItemGroup>
<ItemGroup>
<ProjectReference Include="mbedTLS.vcxproj">
<Project>{46cf2d25-6a36-4189-b59c-e4815388e554}</Project>
<LinkLibraryDependencies>true</LinkLibraryDependencies>
</ProjectReference>
</ItemGroup>
<PropertyGroup Label="Globals">
<ProjectGuid>{71257802-BBCA-99F5-E9D2-905738F30893}</ProjectGuid>
<Keyword>Win32Proj</Keyword>
<RootNamespace>gen_random_havege</RootNamespace>
</PropertyGroup>
<Import Project="$(VCTargetsPath)\Microsoft.Cpp.Default.props" />
<PropertyGroup Condition="'$(Configuration)|$(Platform)'=='Debug|Win32'" Label="Configuration">
<ConfigurationType>Application</ConfigurationType>
<UseDebugLibraries>true</UseDebugLibraries>
<CharacterSet>Unicode</CharacterSet>
</PropertyGroup>
<PropertyGroup Condition="'$(Configuration)|$(Platform)'=='Debug|x64'" Label="Configuration">
<ConfigurationType>Application</ConfigurationType>
<UseDebugLibraries>true</UseDebugLibraries>
<CharacterSet>Unicode</CharacterSet>
</PropertyGroup>
<PropertyGroup Condition="'$(Configuration)|$(Platform)'=='Release|Win32'" Label="Configuration">
<ConfigurationType>Application</ConfigurationType>
<UseDebugLibraries>false</UseDebugLibraries>
<WholeProgramOptimization>true</WholeProgramOptimization>
<CharacterSet>Unicode</CharacterSet>
</PropertyGroup>
<PropertyGroup Condition="'$(Configuration)|$(Platform)'=='Release|x64'" Label="Configuration">
<ConfigurationType>Application</ConfigurationType>
<UseDebugLibraries>false</UseDebugLibraries>
<WholeProgramOptimization>true</WholeProgramOptimization>
<CharacterSet>Unicode</CharacterSet>
</PropertyGroup>
<Import Project="$(VCTargetsPath)\Microsoft.Cpp.props" />
<ImportGroup Label="ExtensionSettings">
</ImportGroup>
<ImportGroup Label="PropertySheets" Condition="'$(Configuration)|$(Platform)'=='Debug|Win32'">
<Import Project="$(UserRootDir)\Microsoft.Cpp.$(Platform).user.props" Condition="exists('$(UserRootDir)\Microsoft.Cpp.$(Platform).user.props')" Label="LocalAppDataPlatform" />
</ImportGroup>
<ImportGroup Condition="'$(Configuration)|$(Platform)'=='Debug|x64'" Label="PropertySheets">
<Import Project="$(UserRootDir)\Microsoft.Cpp.$(Platform).user.props" Condition="exists('$(UserRootDir)\Microsoft.Cpp.$(Platform).user.props')" Label="LocalAppDataPlatform" />
</ImportGroup>
<ImportGroup Label="PropertySheets" Condition="'$(Configuration)|$(Platform)'=='Release|Win32'">
<Import Project="$(UserRootDir)\Microsoft.Cpp.$(Platform).user.props" Condition="exists('$(UserRootDir)\Microsoft.Cpp.$(Platform).user.props')" Label="LocalAppDataPlatform" />
</ImportGroup>
<ImportGroup Condition="'$(Configuration)|$(Platform)'=='Release|x64'" Label="PropertySheets">
<Import Project="$(UserRootDir)\Microsoft.Cpp.$(Platform).user.props" Condition="exists('$(UserRootDir)\Microsoft.Cpp.$(Platform).user.props')" Label="LocalAppDataPlatform" />
</ImportGroup>
<PropertyGroup Label="UserMacros" />
<PropertyGroup Condition="'$(Configuration)|$(Platform)'=='Debug|Win32'">
<LinkIncremental>true</LinkIncremental>
<IntDir>$(Configuration)\$(TargetName)\</IntDir>
</PropertyGroup>
<PropertyGroup Condition="'$(Configuration)|$(Platform)'=='Debug|x64'">
<LinkIncremental>true</LinkIncremental>
<IntDir>$(Configuration)\$(TargetName)\</IntDir>
</PropertyGroup>
<PropertyGroup Condition="'$(Configuration)|$(Platform)'=='Release|Win32'">
<LinkIncremental>false</LinkIncremental>
<IntDir>$(Configuration)\$(TargetName)\</IntDir>
</PropertyGroup>
<PropertyGroup Condition="'$(Configuration)|$(Platform)'=='Release|x64'">
<LinkIncremental>false</LinkIncremental>
<IntDir>$(Configuration)\$(TargetName)\</IntDir>
</PropertyGroup>
<ItemDefinitionGroup Condition="'$(Configuration)|$(Platform)'=='Debug|Win32'">
<ClCompile>
<WarningLevel>Level3</WarningLevel>
<Optimization>Disabled</Optimization>
<PreprocessorDefinitions>%(PreprocessorDefinitions)</PreprocessorDefinitions>
<AdditionalIncludeDirectories>
../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib;../../tests/include </AdditionalIncludeDirectories>
</ClCompile>
<Link>
<SubSystem>Console</SubSystem>
<GenerateDebugInformation>true</GenerateDebugInformation>
<AdditionalDependencies>kernel32.lib;user32.lib;gdi32.lib;winspool.lib;comdlg32.lib;advapi32.lib;shell32.lib;ole32.lib;oleaut32.lib;uuid.lib;odbc32.lib;odbccp32.lib;%(AdditionalDependencies)</AdditionalDependencies>
<AdditionalLibraryDirectories>Debug</AdditionalLibraryDirectories>
</Link>
<ProjectReference>
<LinkLibraryDependencies>false</LinkLibraryDependencies>
</ProjectReference>
</ItemDefinitionGroup>
<ItemDefinitionGroup Condition="'$(Configuration)|$(Platform)'=='Debug|x64'">
<ClCompile>
<WarningLevel>Level3</WarningLevel>
<Optimization>Disabled</Optimization>
<PreprocessorDefinitions>%(PreprocessorDefinitions)</PreprocessorDefinitions>
<AdditionalIncludeDirectories>
../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib;../../tests/include </AdditionalIncludeDirectories>
</ClCompile>
<Link>
<SubSystem>Console</SubSystem>
<GenerateDebugInformation>true</GenerateDebugInformation>
<AdditionalDependencies>kernel32.lib;user32.lib;gdi32.lib;winspool.lib;comdlg32.lib;advapi32.lib;shell32.lib;ole32.lib;oleaut32.lib;uuid.lib;odbc32.lib;odbccp32.lib;%(AdditionalDependencies)</AdditionalDependencies>
<AdditionalLibraryDirectories>Debug</AdditionalLibraryDirectories>
</Link>
<ProjectReference>
<LinkLibraryDependencies>false</LinkLibraryDependencies>
</ProjectReference>
</ItemDefinitionGroup>
<ItemDefinitionGroup Condition="'$(Configuration)|$(Platform)'=='Release|Win32'">
<ClCompile>
<WarningLevel>Level3</WarningLevel>
<Optimization>MaxSpeed</Optimization>
<FunctionLevelLinking>true</FunctionLevelLinking>
<IntrinsicFunctions>true</IntrinsicFunctions>
<PreprocessorDefinitions>NDEBUG;%(PreprocessorDefinitions)</PreprocessorDefinitions>
<AdditionalIncludeDirectories>
../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib;../../tests/include </AdditionalIncludeDirectories>
</ClCompile>
<Link>
<SubSystem>Console</SubSystem>
<GenerateDebugInformation>true</GenerateDebugInformation>
<EnableCOMDATFolding>true</EnableCOMDATFolding>
<OptimizeReferences>true</OptimizeReferences>
<AdditionalLibraryDirectories>Release</AdditionalLibraryDirectories>
<AdditionalDependencies>kernel32.lib;user32.lib;gdi32.lib;winspool.lib;comdlg32.lib;advapi32.lib;shell32.lib;ole32.lib;oleaut32.lib;uuid.lib;odbc32.lib;odbccp32.lib;%(AdditionalDependencies)</AdditionalDependencies>
</Link>
</ItemDefinitionGroup>
<ItemDefinitionGroup Condition="'$(Configuration)|$(Platform)'=='Release|x64'">
<ClCompile>
<WarningLevel>Level3</WarningLevel>
<Optimization>MaxSpeed</Optimization>
<FunctionLevelLinking>true</FunctionLevelLinking>
<IntrinsicFunctions>true</IntrinsicFunctions>
<PreprocessorDefinitions>NDEBUG;%(PreprocessorDefinitions)</PreprocessorDefinitions>
<AdditionalIncludeDirectories>
../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib;../../tests/include </AdditionalIncludeDirectories>
</ClCompile>
<Link>
<SubSystem>Console</SubSystem>
<GenerateDebugInformation>true</GenerateDebugInformation>
<EnableCOMDATFolding>true</EnableCOMDATFolding>
<OptimizeReferences>true</OptimizeReferences>
<AdditionalLibraryDirectories>Release</AdditionalLibraryDirectories>
<AdditionalDependencies>%(AdditionalDependencies);</AdditionalDependencies>
</Link>
</ItemDefinitionGroup>
<Import Project="$(VCTargetsPath)\Microsoft.Cpp.targets" />
<ImportGroup Label="ExtensionTargets">
</ImportGroup>
</Project>

View file

@ -148,11 +148,6 @@ Project("{8BC9CEB8-8B4A-11D0-8D11-00A0C91BC942}") = "gen_random_ctr_drbg", "gen_
{46CF2D25-6A36-4189-B59C-E4815388E554} = {46CF2D25-6A36-4189-B59C-E4815388E554} {46CF2D25-6A36-4189-B59C-E4815388E554} = {46CF2D25-6A36-4189-B59C-E4815388E554}
EndProjectSection EndProjectSection
EndProject EndProject
Project("{8BC9CEB8-8B4A-11D0-8D11-00A0C91BC942}") = "gen_random_havege", "gen_random_havege.vcxproj", "{71257802-BBCA-99F5-E9D2-905738F30893}"
ProjectSection(ProjectDependencies) = postProject
{46CF2D25-6A36-4189-B59C-E4815388E554} = {46CF2D25-6A36-4189-B59C-E4815388E554}
EndProjectSection
EndProject
Project("{8BC9CEB8-8B4A-11D0-8D11-00A0C91BC942}") = "dtls_client", "dtls_client.vcxproj", "{FE7AB78F-DBF1-0721-3522-0D7C3011D2E5}" Project("{8BC9CEB8-8B4A-11D0-8D11-00A0C91BC942}") = "dtls_client", "dtls_client.vcxproj", "{FE7AB78F-DBF1-0721-3522-0D7C3011D2E5}"
ProjectSection(ProjectDependencies) = postProject ProjectSection(ProjectDependencies) = postProject
{46CF2D25-6A36-4189-B59C-E4815388E554} = {46CF2D25-6A36-4189-B59C-E4815388E554} {46CF2D25-6A36-4189-B59C-E4815388E554} = {46CF2D25-6A36-4189-B59C-E4815388E554}
@ -511,14 +506,6 @@ Global
{5FCC71F6-FF33-EBCF-FBA2-8FC783D5318E}.Release|Win32.Build.0 = Release|Win32 {5FCC71F6-FF33-EBCF-FBA2-8FC783D5318E}.Release|Win32.Build.0 = Release|Win32
{5FCC71F6-FF33-EBCF-FBA2-8FC783D5318E}.Release|x64.ActiveCfg = Release|x64 {5FCC71F6-FF33-EBCF-FBA2-8FC783D5318E}.Release|x64.ActiveCfg = Release|x64
{5FCC71F6-FF33-EBCF-FBA2-8FC783D5318E}.Release|x64.Build.0 = Release|x64 {5FCC71F6-FF33-EBCF-FBA2-8FC783D5318E}.Release|x64.Build.0 = Release|x64
{71257802-BBCA-99F5-E9D2-905738F30893}.Debug|Win32.ActiveCfg = Debug|Win32
{71257802-BBCA-99F5-E9D2-905738F30893}.Debug|Win32.Build.0 = Debug|Win32
{71257802-BBCA-99F5-E9D2-905738F30893}.Debug|x64.ActiveCfg = Debug|x64
{71257802-BBCA-99F5-E9D2-905738F30893}.Debug|x64.Build.0 = Debug|x64
{71257802-BBCA-99F5-E9D2-905738F30893}.Release|Win32.ActiveCfg = Release|Win32
{71257802-BBCA-99F5-E9D2-905738F30893}.Release|Win32.Build.0 = Release|Win32
{71257802-BBCA-99F5-E9D2-905738F30893}.Release|x64.ActiveCfg = Release|x64
{71257802-BBCA-99F5-E9D2-905738F30893}.Release|x64.Build.0 = Release|x64
{FE7AB78F-DBF1-0721-3522-0D7C3011D2E5}.Debug|Win32.ActiveCfg = Debug|Win32 {FE7AB78F-DBF1-0721-3522-0D7C3011D2E5}.Debug|Win32.ActiveCfg = Debug|Win32
{FE7AB78F-DBF1-0721-3522-0D7C3011D2E5}.Debug|Win32.Build.0 = Debug|Win32 {FE7AB78F-DBF1-0721-3522-0D7C3011D2E5}.Debug|Win32.Build.0 = Debug|Win32
{FE7AB78F-DBF1-0721-3522-0D7C3011D2E5}.Debug|x64.ActiveCfg = Debug|x64 {FE7AB78F-DBF1-0721-3522-0D7C3011D2E5}.Debug|x64.ActiveCfg = Debug|x64

View file

@ -176,7 +176,6 @@
<ClInclude Include="..\..\include\mbedtls\entropy_poll.h" /> <ClInclude Include="..\..\include\mbedtls\entropy_poll.h" />
<ClInclude Include="..\..\include\mbedtls\error.h" /> <ClInclude Include="..\..\include\mbedtls\error.h" />
<ClInclude Include="..\..\include\mbedtls\gcm.h" /> <ClInclude Include="..\..\include\mbedtls\gcm.h" />
<ClInclude Include="..\..\include\mbedtls\havege.h" />
<ClInclude Include="..\..\include\mbedtls\hkdf.h" /> <ClInclude Include="..\..\include\mbedtls\hkdf.h" />
<ClInclude Include="..\..\include\mbedtls\hmac_drbg.h" /> <ClInclude Include="..\..\include\mbedtls\hmac_drbg.h" />
<ClInclude Include="..\..\include\mbedtls\md.h" /> <ClInclude Include="..\..\include\mbedtls\md.h" />
@ -292,7 +291,6 @@
<ClCompile Include="..\..\library\entropy_poll.c" /> <ClCompile Include="..\..\library\entropy_poll.c" />
<ClCompile Include="..\..\library\error.c" /> <ClCompile Include="..\..\library\error.c" />
<ClCompile Include="..\..\library\gcm.c" /> <ClCompile Include="..\..\library\gcm.c" />
<ClCompile Include="..\..\library\havege.c" />
<ClCompile Include="..\..\library\hkdf.c" /> <ClCompile Include="..\..\library\hkdf.c" />
<ClCompile Include="..\..\library\hmac_drbg.c" /> <ClCompile Include="..\..\library\hmac_drbg.c" />
<ClCompile Include="..\..\library\md.c" /> <ClCompile Include="..\..\library\md.c" />