Expanded the random number generator in the `platform_util.c` file
The earlier implementation had two problems: the random generator always
returned 0 if the MBEDTLS_ENTROPY_HARDWARE_ALT flag was not defined and there
was no protection needed if the HW RNG was malfunctioning. Both these problems
have been solved in this commit by adding the linear congruential generator algorithm.
Signed-off-by: Piotr Nowicki <piotr.nowicki@arm.com>
diff --git a/include/mbedtls/platform_util.h b/include/mbedtls/platform_util.h
index a5b95ae..6f09209 100644
--- a/include/mbedtls/platform_util.h
+++ b/include/mbedtls/platform_util.h
@@ -167,11 +167,10 @@
/**
* \brief Secure memset
*
- * This is a constant-time version of memset(). If
- * MBEDTLS_ENTROPY_HARDWARE_ALT is defined, the buffer is
- * initialised with random data and the order is also
- * randomised using the hardware RNG in order to further harden
- * against side-channel attacks.
+ * This is a constant-time version of memset(). The buffer is
+ * initialised with random data and the order is also randomised
+ * using the RNG in order to further harden against side-channel
+ * attacks.
*
* \param ptr Buffer to be set.
* \param value Value to be used when setting the buffer.
@@ -184,11 +183,10 @@
/**
* \brief Secure memcpy
*
- * This is a constant-time version of memcpy(). If
- * MBEDTLS_ENTROPY_HARDWARE_ALT is defined, the buffer is
- * initialised with random data and the order is also
- * randomised using the hardware RNG in order to further harden
- * against side-channel attacks.
+ * This is a constant-time version of memcpy(). The buffer is
+ * initialised with random data and the order is also randomised
+ * using the RNG in order to further harden against side-channel
+ * attacks.
*
* \param dst Destination buffer where the data is being copied to.
* \param src Source buffer where the data is being copied from.
@@ -218,9 +216,8 @@
* \brief Secure check if the buffers have the same data.
*
* This is a constant-time version of memcmp(), but without checking
- * if the bytes are greater or lower. If MBEDTLS_ENTROPY_HARDWARE_ALT
- * is defined, the order is also randomised using the hardware RNG in
- * order to further harden against side-channel attacks.
+ * if the bytes are greater or lower. The order is also randomised
+ * using the RNG in order to further harden against side-channel attacks.
*
* \param buf1 First buffer to compare.
* \param buf2 Second buffer to compare against.
@@ -234,11 +231,6 @@
/**
* \brief RNG-function for getting a random 32-bit integer.
*
- *
- * \note Currently the function is dependent of hardware providing an
- * rng with MBEDTLS_ENTROPY_HARDWARE_ALT. By default, 0 is
- * returned.
- *
* \return The generated random number.
*/
uint32_t mbedtls_platform_random_uint32( void );
@@ -253,10 +245,6 @@
* cryptographically secure RNG, but provide an RNG for utility
* functions.
*
- * \note Currently the function is dependent of hardware providing an
- * rng with MBEDTLS_ENTROPY_HARDWARE_ALT. By default, 0 is
- * returned.
- *
* \note If the given range is [0, 0), 0 is returned.
*
* \param num Max-value for the generated random number, exclusive.
@@ -274,9 +262,6 @@
*
* Duration of the delay is random as number of variable increments
* is randomized.
- *
- * \note Currently the function is dependent of hardware providing an
- * rng with MBEDTLS_ENTROPY_HARDWARE_ALT.
*/
void mbedtls_platform_random_delay( void );