mbedTLS: Add ESP8266 hardware entropy source discovered by @foogod

Addresses #3, provided turns out to be an effective HWRNG.
This commit is contained in:
Angus Gratton 2015-09-18 15:12:09 +10:00
parent 9f5dedd1a8
commit 18381f88fe
3 changed files with 76 additions and 3 deletions

View file

@ -0,0 +1,44 @@
/* esp/dport_regs.h
*
* ESP8266 WDEV register definitions
*
* In the DPORT memory space, alongside DPORT regs. However mostly
* concerned with the WiFi hardware interface.
*
* Not well understood at all, 100% figured out via reverse engineering.
*/
#ifndef _ESP_WDEV__REGS_H
#define _ESP_WDEV__REGS_H
#include "esp/types.h"
#include "common_macros.h"
#define WDEV_BASE 0x3ff20e00
#define WDEV (*(struct WDEV_REGS *)(WDEV_BASE))
/* WDEV registers
*/
struct WDEV_REGS {
uint32_t volatile _unknown00; // 0x00
uint32_t volatile _unknown04; // 0x04
uint32_t volatile _unknown08; // 0x08
uint32_t volatile _unknown0c; // 0x0c
uint32_t volatile _unknown10; // 0x10
uint32_t volatile _unknown14; // 0x14
uint32_t volatile _unknown18; // 0x18
uint32_t volatile _unknown1c; // 0x1c
uint32_t volatile _unknown20; // 0x20
uint32_t volatile _unknown24; // 0x24
uint32_t volatile _unknown28; // 0x28
uint32_t volatile _unknown2c; // 0x2c
uint32_t volatile _unknown30; // 0x30
uint32_t volatile _unknown34; // 0x34
uint32_t volatile _unknown38; // 0x38
uint32_t volatile _unknown3c; // 0x3c
uint32_t volatile _unknown40; // 0x40
uint32_t volatile HWRNG; // 0x44 Appears to be HW RNG, see https://github.com/SuperHouse/esp-open-rtos/issues/3#issuecomment-139453094
};
#endif

View file

@ -0,0 +1,27 @@
/* ESP8266 "Hardware RNG" (validity still being confirmed) support for ESP8266
*
* Based on research done by @foogod.
*
* Please don't rely on this too much as an entropy source, quite yet...
*
* Part of esp-open-rtos
* Copyright (C) 2015 Angus Gratton
* BSD Licensed as described in the file LICENSE
*/
#include <mbedtls/entropy_poll.h>
#include <esp/wdev_regs.h>
#include <string.h>
int mbedtls_hardware_poll( void *data,
unsigned char *output, size_t len, size_t *olen )
{
(void)(data);
for(int i = 0; i < len; i+=4) {
uint32_t random = WDEV.HWRNG;
/* using memcpy here in case output is unaligned */
memcpy(output + i, &random, (i+4 <= len) ? 4 : (len % 4));
}
if(olen)
*olen = len;
return 0;
}

View file

@ -289,7 +289,8 @@
* *
* Uncomment to use your own hardware entropy collector. * Uncomment to use your own hardware entropy collector.
*/ */
//#define MBEDTLS_ENTROPY_HARDWARE_ALT /* hardware RNG interface provided in hardware_entropy.c */
#define MBEDTLS_ENTROPY_HARDWARE_ALT
/** /**
* \def MBEDTLS_AES_ROM_TABLES * \def MBEDTLS_AES_ROM_TABLES
@ -777,7 +778,7 @@
* This option is only useful if both MBEDTLS_SHA256_C and * This option is only useful if both MBEDTLS_SHA256_C and
* MBEDTLS_SHA512_C are defined. Otherwise the available hash module is used. * MBEDTLS_SHA512_C are defined. Otherwise the available hash module is used.
*/ */
//#define MBEDTLS_ENTROPY_FORCE_SHA256 #define MBEDTLS_ENTROPY_FORCE_SHA256
/** /**
* \def MBEDTLS_MEMORY_DEBUG * \def MBEDTLS_MEMORY_DEBUG
@ -2350,7 +2351,8 @@
/* CTR_DRBG options */ /* CTR_DRBG options */
//#define MBEDTLS_CTR_DRBG_ENTROPY_LEN 48 /**< Amount of entropy used per seed by default (48 with SHA-512, 32 with SHA-256) */ //#define MBEDTLS_CTR_DRBG_ENTROPY_LEN 48 /**< Amount of entropy used per seed by default (48 with SHA-512, 32 with SHA-256) */
//#define MBEDTLS_CTR_DRBG_RESEED_INTERVAL 10000 /**< Interval before reseed is performed by default */ /* this is normally 10x higher, but reseeding seems quite inexpensive on esp8266 */
#define MBEDTLS_CTR_DRBG_RESEED_INTERVAL 1000 /**< Interval before reseed is performed by default */
//#define MBEDTLS_CTR_DRBG_MAX_INPUT 256 /**< Maximum number of additional input bytes */ //#define MBEDTLS_CTR_DRBG_MAX_INPUT 256 /**< Maximum number of additional input bytes */
//#define MBEDTLS_CTR_DRBG_MAX_REQUEST 1024 /**< Maximum number of requested bytes per call */ //#define MBEDTLS_CTR_DRBG_MAX_REQUEST 1024 /**< Maximum number of requested bytes per call */
//#define MBEDTLS_CTR_DRBG_MAX_SEED_INPUT 384 /**< Maximum size of (re)seed buffer */ //#define MBEDTLS_CTR_DRBG_MAX_SEED_INPUT 384 /**< Maximum size of (re)seed buffer */