New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Entropy pool implementation #1090

Closed

torben-hansen wants to merge 17 commits into aws:main from torben-hansen:impl_entropy_pool

Contributor

torben-hansen commented Jul 11, 2023 •

edited

Loading

Issues:

CryptoAlg-1952

Description of changes:

Implements the backend for passive entropy. The integration as the actual entropy backend for RAND_bytes (for fips build), will occur in the next PR.

The entropy pool has one main action: RAND_entropy_pool_get. This function can be used to fetch entropy from the pool. If the pool is depleted, the "depleted workflow" is activated, that workflow requests a need for more entropy outside the module. New entropy is loaded into the module through RAND_load_entropy (the entropy sourcing part is not implemented yet).

Call-outs:

As noted in the source code:

	// Out-side module call
	// Could create a soft-lock in the struct here
	RAND_module_entropy_depleted();
	// And then unlock struct here

I could soft-lock the pool during the depleted workflow. This shouldn't really be necessary since the every operation is serialised in the thread.

Testing:

Added a bunch of tests. Can add more if needed.

By submitting this pull request, I confirm that my contribution is made under the terms of the Apache 2.0 license and the ISC license.

torben-hansen added 4 commits

July 11, 2023 21:17


          Entropy pool implementation

0a77b1a


          Missing statement

61fbeeb


          External linkage for symbols referenced in test file

37ff663


          Documentation and other fixes

6e59032

torben-hansen force-pushed the impl_entropy_pool branch from aefd0e1 to 6e59032 Compare

July 12, 2023 04:17


          Forgot to remove comments

11d77a7

torben-hansen commented

View reviewed changes

crypto/fipsmodule/rand/entropy_pool.c Outdated Show resolved Hide resolved

torben-hansen requested review from skmcgrail, dkostic and nebeid

July 12, 2023 04:28

torben-hansen marked this pull request as ready for review

July 12, 2023 04:29

torben-hansen added 2 commits

July 12, 2023 07:05


          Stronger tests

d18f7fc


          Correct indentation using spaces and width of 2...

78966b2

skmcgrail reviewed

View reviewed changes

crypto/fipsmodule/rand/entropy_pool.c

+              // entropy_pool_ensure_can_satisfy returns 1 if the entropy pool |entropy_pool|
+              // contains enough entropy to satisfy a get request of size |get_size|.
+              // Returns 0 otherwise.
+              static int entropy_pool_ensure_can_satisfy(struct entropy_pool *entropy_pool,

Member

skmcgrail Jul 14, 2023

Should this abort if entropy_pool == NULL?. I know you gate some of the functions already, but not all of them.

Contributor Author

torben-hansen Jul 15, 2023

I changed it to only validate the pointer in "exported" functions, not the static ones.

Also changed such that the entropy pool doesn't abort. Callers can do that if they wish. But not at this layer.

crypto/fipsmodule/rand/entropy_pool.c Show resolved Hide resolved

andrewhop reviewed

View reviewed changes

crypto/fipsmodule/rand/internal.h Show resolved Hide resolved

crypto/fipsmodule/rand/entropy_pool.c Outdated Show resolved Hide resolved

crypto/fipsmodule/rand/entropy_pool.c Outdated

+                return 1;
+              }
+              static void entropy_pool_cannot_satisfy_request(void) {

Contributor

andrewhop Jul 14, 2023

NP: to me entropy_pool_cannot_satisfy_request seems like it was getting ready to abort, it's not clear what it does.

Suggested change

      
            static void entropy_pool_cannot_satisfy_request(void) {
          
            static void request_external_entropy(void) {

Contributor Author

torben-hansen Jul 15, 2023

if not entropy_pool_ensure_can_satisfy() then entropy_pool_cannot_satisfy_request() seems like the logically named next action.

Just tried to separate logic. Maybe it was too "smart". Just inlined the code instead.

crypto/fipsmodule/rand/entropy_pool.c Show resolved Hide resolved

crypto/fipsmodule/rand/entropy_pool_test.cc Outdated Show resolved Hide resolved

crypto/fipsmodule/rand/entropy_pool_test.cc Show resolved Hide resolved

crypto/fipsmodule/rand/entropy_pool_test.cc Show resolved Hide resolved

torben-hansen added 10 commits

July 15, 2023 16:28


          Don't check for NULL in static functions and fix indentation in if st…

3d163fe

…atements


          Wipe entire context

b2ec169


          Readable code

1f7885d


          Make non-abortable in entropy pool implementation

5bf8b73


          Check return value

6cd9e23


          Inline code instead

38a2717


          Just wipe entropy buffer argument

179670f


          Check NULL argument is not an issue

5346ab9


          Redundant prototype

48e3b58


          Nothing should have touched the entropy pool

f401dc6

torben-hansen requested review from skmcgrail and andrewhop

July 16, 2023 00:12

dkostic approved these changes

View reviewed changes

crypto/fipsmodule/rand/entropy_pool.c Show resolved Hide resolved

dkostic reviewed

View reviewed changes

Contributor

dkostic left a comment

approved accidentally, taking it back for a moment :)

Contributor Author

torben-hansen commented Jul 24, 2023

Given #1112, this implementation is no longer needed. Closing.

torben-hansen closed this

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

None yet