Explorar el Código

[rng] Add ANS X9.82 Approved Source of Entropy Input

ANS X9.82 specifies several Approved Sources of Entropy Input (SEI).
One such SEI uses an entropy source as the Source of Entropy Input,
condensing each entropy source output after each GetEntropy call.
This can be implemented relatively cheaply in iPXE and avoids the need
to allocate potentially very large buffers.

(Note that the terms "entropy source" and "Source of Entropy Input"
are not synonyms within the context of ANS X9.82.)

Use the iPXE API mechanism to allow entropy sources to be selected at
compilation time.

Signed-off-by: Michael Brown <mcb30@ipxe.org>
tags/v1.20.1
Michael Brown hace 12 años
padre
commit
073f41085f

+ 12
- 0
src/arch/i386/include/bits/entropy.h Ver fichero

@@ -0,0 +1,12 @@
1
+#ifndef _BITS_ENTROPY_H
2
+#define _BITS_ENTROPY_H
3
+
4
+/** @file
5
+ *
6
+ * i386-specific entropy API implementations
7
+ *
8
+ */
9
+
10
+FILE_LICENCE ( GPL2_OR_LATER );
11
+
12
+#endif /* _BITS_ENTROPY_H */

+ 12
- 0
src/arch/x86_64/include/bits/entropy.h Ver fichero

@@ -0,0 +1,12 @@
1
+#ifndef _BITS_ENTROPY_H
2
+#define _BITS_ENTROPY_H
3
+
4
+/** @file
5
+ *
6
+ * x86_64-specific entropy API implementations
7
+ *
8
+ */
9
+
10
+FILE_LICENCE ( GPL2_OR_LATER );
11
+
12
+#endif /* _BITS_ENTROPY_H */

+ 1
- 0
src/config/defaults/efi.h Ver fichero

@@ -17,6 +17,7 @@
17 17
 #define SMBIOS_EFI
18 18
 #define SANBOOT_NULL
19 19
 #define BOFM_EFI
20
+#define ENTROPY_NULL
20 21
 
21 22
 #define	IMAGE_EFI		/* EFI image support */
22 23
 #define	IMAGE_SCRIPT		/* iPXE script image support */

+ 1
- 0
src/config/defaults/linux.h Ver fichero

@@ -14,6 +14,7 @@
14 14
 #define NAP_LINUX
15 15
 #define SMBIOS_LINUX
16 16
 #define SANBOOT_NULL
17
+#define ENTROPY_NULL
17 18
 
18 19
 #define DRIVERS_LINUX
19 20
 

+ 1
- 0
src/config/defaults/pcbios.h Ver fichero

@@ -18,6 +18,7 @@ FILE_LICENCE ( GPL2_OR_LATER );
18 18
 #define UMALLOC_MEMTOP
19 19
 #define SMBIOS_PCBIOS
20 20
 #define SANBOOT_PCBIOS
21
+#define ENTROPY_NULL
21 22
 
22 23
 #define	IMAGE_ELF		/* ELF image support */
23 24
 #define	IMAGE_MULTIBOOT		/* MultiBoot image support */

+ 16
- 0
src/config/entropy.h Ver fichero

@@ -0,0 +1,16 @@
1
+#ifndef CONFIG_ENTROPY_H
2
+#define CONFIG_ENTROPY_H
3
+
4
+/** @file
5
+ *
6
+ * Entropy API configuration
7
+ *
8
+ */
9
+
10
+FILE_LICENCE ( GPL2_OR_LATER );
11
+
12
+#include <config/defaults.h>
13
+
14
+#include <config/local/entropy.h>
15
+
16
+#endif /* CONFIG_ENTROPY_H */

+ 2
- 2
src/crypto/drbg.c Ver fichero

@@ -63,7 +63,7 @@ int drbg_instantiate ( struct drbg_state *state, const void *personal,
63 63
 	unsigned int entropy_bits = ( ( 3 * DRBG_SECURITY_STRENGTH + 1 ) / 2 );
64 64
 	size_t min_len = DRBG_MIN_ENTROPY_LEN_BYTES;
65 65
 	size_t max_len = DRBG_MAX_ENTROPY_LEN_BYTES;
66
-	uint8_t data[ entropy_bufsize ( entropy_bits, min_len, max_len ) ];
66
+	uint8_t data[max_len];
67 67
 	int len;
68 68
 	int rc;
69 69
 
@@ -175,7 +175,7 @@ int drbg_reseed ( struct drbg_state *state, const void *additional,
175 175
 	unsigned int entropy_bits = DRBG_SECURITY_STRENGTH;
176 176
 	size_t min_len = DRBG_MIN_ENTROPY_LEN_BYTES;
177 177
 	size_t max_len = DRBG_MAX_ENTROPY_LEN_BYTES;
178
-	uint8_t data[ entropy_bufsize ( entropy_bits, min_len, max_len ) ];
178
+	uint8_t data[max_len];
179 179
 	int len;
180 180
 	int rc;
181 181
 

+ 115
- 13
src/crypto/entropy.c Ver fichero

@@ -22,27 +22,129 @@ FILE_LICENCE ( GPL2_OR_LATER );
22 22
  *
23 23
  * Entropy source
24 24
  *
25
+ * This algorithm is designed to comply with ANS X9.82 Part 4 (April
26
+ * 2011 Draft) Section 13.3.  This standard is unfortunately not
27
+ * freely available.
25 28
  */
26 29
 
30
+#include <stdint.h>
31
+#include <assert.h>
27 32
 #include <string.h>
33
+#include <ipxe/crypto.h>
34
+#include <ipxe/hash_df.h>
28 35
 #include <ipxe/entropy.h>
29 36
 
30 37
 /**
31
- * Obtain entropy input
38
+ * Get entropy sample
32 39
  *
33
- * @v entropy_bits	Minimum amount of entropy, in bits
34
- * @v data		Data buffer
35
- * @v min_len		Minimum length of entropy input, in bytes
36
- * @v max_len		Maximum length of entropy input, in bytes
37
- * @ret len		Length of entropy input, in bytes
40
+ * @ret entropy		Entropy sample
41
+ * @ret rc		Return status code
42
+ *
43
+ * This is the GetEntropy function defined in ANS X9.82 Part 2
44
+ * (October 2011 Draft) Section 6.5.1.
45
+ */
46
+static int get_entropy ( entropy_sample_t *entropy ) {
47
+	noise_sample_t noise;
48
+	int rc;
49
+
50
+	/* Get noise sample */
51
+	if ( ( rc = get_noise ( &noise ) ) != 0 )
52
+		return rc;
53
+
54
+	/* We do not use any optional conditioning component */
55
+	*entropy = noise;
56
+
57
+	return 0;
58
+}
59
+
60
+/**
61
+ * Create next nonce value
62
+ *
63
+ * @ret nonce		Nonce
64
+ *
65
+ * This is the MakeNextNonce function defined in ANS X9.82 Part 4
66
+ * (April 2011 Draft) Section 13.3.4.2.
38 67
  */
39
-int get_entropy_input ( unsigned int entropy_bits, void *data, size_t min_len,
40
-			size_t max_len ) {
68
+static uint32_t make_next_nonce ( void ) {
69
+	static uint32_t nonce;
70
+
71
+	/* The simplest implementation of a nonce uses a large counter */
72
+	nonce++;
73
+
74
+	return nonce;
75
+}
76
+
77
+/**
78
+ * Obtain entropy input temporary buffer
79
+ *
80
+ * @v num_samples	Number of entropy samples
81
+ * @v tmp		Temporary buffer
82
+ * @v tmp_len		Length of temporary buffer
83
+ * @ret rc		Return status code
84
+ *
85
+ * This is (part of) the implementation of the Get_entropy_input
86
+ * function (using an entropy source as the source of entropy input
87
+ * and condensing each entropy source output after each GetEntropy
88
+ * call) as defined in ANS X9.82 Part 4 (April 2011 Draft) Section
89
+ * 13.3.4.2.
90
+ *
91
+ * To minimise code size, the number of samples required is calculated
92
+ * at compilation time.
93
+ */
94
+int get_entropy_input_tmp ( unsigned int num_samples, uint8_t *tmp,
95
+			    size_t tmp_len ) {
96
+	struct {
97
+		uint32_t nonce;
98
+		entropy_sample_t sample;
99
+	} __attribute__ (( packed )) data;;
100
+	uint8_t df_buf[tmp_len];
101
+	unsigned int i;
102
+	int rc;
103
+
104
+	/* Enable entropy gathering */
105
+	entropy_enable();
106
+
107
+	/* 3.  entropy_total = 0
108
+	 *
109
+	 * (Nothing to do; the number of entropy samples required has
110
+	 * already been precalculated.)
111
+	 */
112
+
113
+	/* 4.  tmp = a fixed n-bit value, such as 0^n */
114
+	memset ( tmp, 0, tmp_len );
115
+
116
+	/* 5.  While ( entropy_total < min_entropy ) */
117
+	while ( num_samples-- ) {
118
+		/* 5.1.  ( status, entropy_bitstring, assessed_entropy )
119
+		 *       = GetEntropy()
120
+		 * 5.2.  If status indicates an error, return ( status, Null )
121
+		 */
122
+		if ( ( rc = get_entropy ( &data.sample ) ) != 0 )
123
+			goto err_get_entropy;
124
+
125
+		/* 5.3.  nonce = MakeNextNonce() */
126
+		data.nonce = make_next_nonce();
127
+
128
+		/* 5.4.  tmp = tmp XOR
129
+		 *             df ( ( nonce || entropy_bitstring ), n )
130
+		 */
131
+		hash_df ( &data, sizeof ( data ), df_buf, sizeof ( df_buf ) );
132
+		for ( i = 0 ; i < tmp_len ; i++ )
133
+			tmp[i] ^= df_buf[i];
134
+
135
+		/* 5.5.  entropy_total = entropy_total + assessed_entropy
136
+		 *
137
+		 * (Nothing to do; the number of entropy samples
138
+		 * required has already been precalculated.)
139
+		 */
140
+	}
141
+
142
+	/* Disable entropy gathering */
143
+	entropy_disable();
41 144
 
42
-	/* Placeholder to allow remainder of RBG code to be tested */
43
-	( void ) entropy_bits;
44
-	( void ) min_len;
45
-	memset ( data, 0x01, max_len );
145
+	return 0;
46 146
 
47
-	return max_len;
147
+ err_get_entropy:
148
+	entropy_disable();
149
+	return rc;
48 150
 }

+ 35
- 0
src/crypto/null_entropy.c Ver fichero

@@ -0,0 +1,35 @@
1
+/*
2
+ * Copyright (C) 2012 Michael Brown <mbrown@fensystems.co.uk>.
3
+ *
4
+ * This program is free software; you can redistribute it and/or
5
+ * modify it under the terms of the GNU General Public License as
6
+ * published by the Free Software Foundation; either version 2 of the
7
+ * License, or any later version.
8
+ *
9
+ * This program is distributed in the hope that it will be useful, but
10
+ * WITHOUT ANY WARRANTY; without even the implied warranty of
11
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
12
+ * General Public License for more details.
13
+ *
14
+ * You should have received a copy of the GNU General Public License
15
+ * along with this program; if not, write to the Free Software
16
+ * Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA.
17
+ */
18
+
19
+FILE_LICENCE ( GPL2_OR_LATER );
20
+
21
+/** @file
22
+ *
23
+ * Nonexistent entropy source
24
+ *
25
+ *
26
+ * This source provides no entropy and must NOT be used in a
27
+ * security-sensitive environment.
28
+ */
29
+
30
+#include <ipxe/entropy.h>
31
+
32
+PROVIDE_ENTROPY_INLINE ( null, min_entropy_per_sample );
33
+PROVIDE_ENTROPY_INLINE ( null, entropy_enable );
34
+PROVIDE_ENTROPY_INLINE ( null, entropy_disable );
35
+PROVIDE_ENTROPY_INLINE ( null, get_noise );

+ 161
- 47
src/include/ipxe/entropy.h Ver fichero

@@ -10,9 +10,69 @@
10 10
 FILE_LICENCE ( GPL2_OR_LATER );
11 11
 
12 12
 #include <stdint.h>
13
+#include <string.h>
13 14
 #include <assert.h>
15
+#include <ipxe/api.h>
16
+#include <ipxe/hash_df.h>
17
+#include <config/entropy.h>
14 18
 
15
-/** min-entropy per entropy sample
19
+/**
20
+ * Calculate static inline entropy API function name
21
+ *
22
+ * @v _prefix		Subsystem prefix
23
+ * @v _api_func		API function
24
+ * @ret _subsys_func	Subsystem API function
25
+ */
26
+#define ENTROPY_INLINE( _subsys, _api_func ) \
27
+	SINGLE_API_INLINE ( ENTROPY_PREFIX_ ## _subsys, _api_func )
28
+
29
+/**
30
+ * Provide a entropy API implementation
31
+ *
32
+ * @v _prefix		Subsystem prefix
33
+ * @v _api_func		API function
34
+ * @v _func		Implementing function
35
+ */
36
+#define PROVIDE_ENTROPY( _subsys, _api_func, _func ) \
37
+	PROVIDE_SINGLE_API ( ENTROPY_PREFIX_ ## _subsys, _api_func, _func )
38
+
39
+/**
40
+ * Provide a static inline entropy API implementation
41
+ *
42
+ * @v _prefix		Subsystem prefix
43
+ * @v _api_func		API function
44
+ */
45
+#define PROVIDE_ENTROPY_INLINE( _subsys, _api_func ) \
46
+	PROVIDE_SINGLE_API_INLINE ( ENTROPY_PREFIX_ ## _subsys, _api_func )
47
+
48
+/** A noise sample */
49
+typedef uint8_t noise_sample_t;
50
+
51
+/** An entropy sample */
52
+typedef uint8_t entropy_sample_t;
53
+
54
+/* Include all architecture-independent entropy API headers */
55
+#include <ipxe/null_entropy.h>
56
+
57
+/* Include all architecture-dependent entropy API headers */
58
+#include <bits/entropy.h>
59
+
60
+/**
61
+ * Enable entropy gathering
62
+ *
63
+ */
64
+void entropy_enable ( void );
65
+
66
+/**
67
+ * Disable entropy gathering
68
+ *
69
+ */
70
+void entropy_disable ( void );
71
+
72
+/**
73
+ * min-entropy per sample
74
+ *
75
+ * @ret min_entropy	min-entropy of each sample
16 76
  *
17 77
  * min-entropy is defined in ANS X9.82 Part 1-2006 Section 8.3 and in
18 78
  * NIST SP 800-90 Appendix C.3 as
@@ -20,71 +80,125 @@ FILE_LICENCE ( GPL2_OR_LATER );
20 80
  *    H_min = -log2 ( p_max )
21 81
  *
22 82
  * where p_max is the probability of the most likely sample value.
83
+ *
84
+ * This must be a compile-time constant.
23 85
  */
24
-#define MIN_ENTROPY_PER_SAMPLE 0.16
86
+double min_entropy_per_sample ( void );
25 87
 
26
-/** Length of each entropy sample (in bits) */
27
-#define ENTROPY_SAMPLE_LEN_BITS 12
88
+/**
89
+ * Get noise sample
90
+ *
91
+ * @ret noise		Noise sample
92
+ * @ret rc		Return status code
93
+ *
94
+ * This is the GetNoise function defined in ANS X9.82 Part 2
95
+ * (October 2011 Draft) Section 6.5.2.
96
+ */
97
+int get_noise ( noise_sample_t *noise );
98
+
99
+extern int get_entropy_input_tmp ( unsigned int num_samples,
100
+				   uint8_t *tmp, size_t tmp_len );
28 101
 
29 102
 /**
30
- * Calculate entropy buffer size
103
+ * Obtain entropy input
104
+ *
105
+ * @v min_entropy_bits	Minimum amount of entropy, in bits
106
+ * @v data		Data buffer
107
+ * @v min_len		Minimum length of entropy input, in bytes
108
+ * @v max_len		Maximum length of entropy input, in bytes
109
+ * @ret len		Length of entropy input, in bytes, or negative error
31 110
  *
32
- * @v entropy_bits	Amount of entropy required, in bits
33
- * @v min_len		Minimum buffer size, in bytes
34
- * @v max_len		Maximum buffer size, in bytes
35
- * @ret len		Buffer size, in bytes
111
+ * This is the implementation of the Get_entropy_input function (using
112
+ * an entropy source as the source of entropy input and condensing
113
+ * each entropy source output after each GetEntropy call) as defined
114
+ * in ANS X9.82 Part 4 (April 2011 Draft) Section 13.3.4.2.
115
+ *
116
+ * To minimise code size, the number of samples required is calculated
117
+ * at compilation time.
36 118
  */
37
-static inline __attribute__ (( const, always_inline )) size_t
38
-entropy_bufsize ( unsigned int entropy_bits, size_t min_len, size_t max_len ) {
39
-	unsigned int min_len_bits;
119
+static inline __attribute__ (( always_inline )) int
120
+get_entropy_input ( unsigned int min_entropy_bits, void *data, size_t min_len,
121
+		    size_t max_len ) {
122
+	size_t tmp_len = ( ( ( min_entropy_bits * 2 ) + 7 ) / 8 );
123
+	uint8_t tmp_buf[ tmp_len ];
124
+	uint8_t *tmp = ( ( tmp_len > max_len ) ? tmp_buf : data );
40 125
 	double min_samples;
41
-	double samples;
42
-	unsigned int samples_int;
43
-	unsigned int len_bits;
44
-	size_t len;
126
+	unsigned int num_samples;
127
+	unsigned int n;
128
+	int rc;
45 129
 
46
-	/* Sanity check */
47
-	linker_assert ( MIN_ENTROPY_PER_SAMPLE <= ENTROPY_SAMPLE_LEN_BITS,
130
+	/* Sanity checks */
131
+	linker_assert ( ( min_entropy_per_sample() <=
132
+			  ( 8 * sizeof ( noise_sample_t ) ) ),
48 133
 			min_entropy_per_sample_is_impossibly_high );
134
+	linker_assert ( ( min_entropy_bits <= ( 8 * max_len ) ),
135
+			entropy_buffer_too_small );
49 136
 
50
-	/* Calculate number of samples required to contain sufficient entropy */
51
-	samples = ( ( entropy_bits * 1.0 ) / MIN_ENTROPY_PER_SAMPLE );
137
+	/* Round up minimum entropy to an integral number of bytes */
138
+	min_entropy_bits = ( ( min_entropy_bits + 7 ) & ~7 );
52 139
 
53
-	/* Increase to minimum length if necessary */
54
-	min_len_bits = ( min_len * 8 );
55
-	min_samples = ( ( min_len_bits * 1.0 ) / ENTROPY_SAMPLE_LEN_BITS );
56
-	if ( samples < min_samples )
57
-		samples = min_samples;
140
+	/* Calculate number of samples required to contain sufficient entropy */
141
+	min_samples = ( ( min_entropy_bits * 1.0 ) / min_entropy_per_sample() );
58 142
 
59 143
 	/* Round up to a whole number of samples.  We don't have the
60 144
 	 * ceil() function available, so do the rounding by hand.
61 145
 	 */
62
-	samples_int = samples;
63
-	if ( samples_int < samples )
64
-		samples_int++;
65
-	assert ( samples_int >= samples );
66
-
67
-	/* Calculate buffer length in bits */
68
-	len_bits = ( samples_int * ENTROPY_SAMPLE_LEN_BITS );
69
-
70
-	/* Calculate buffer length in bytes (rounding up) */
71
-	len = ( ( len_bits + 7 ) / 8 );
72
-
73
-	/* Check that buffer is within allowed lengths */
74
-	linker_assert ( len >= min_len, entropy_bufsize_too_short );
75
-	linker_assert ( len <= max_len, entropy_bufsize_too_long );
146
+	num_samples = min_samples;
147
+	if ( num_samples < min_samples )
148
+		num_samples++;
149
+	linker_assert ( ( num_samples >= min_samples ), rounding_error );
76 150
 
77 151
 	/* Floating-point operations are not allowed in iPXE since we
78 152
 	 * never set up a suitable environment.  Abort the build
79
-	 * unless the calculated length is a compile-time constant.
153
+	 * unless the calculated number of samples is a compile-time
154
+	 * constant.
80 155
 	 */
81
-	linker_assert ( __builtin_constant_p ( len ),
82
-			entropy_bufsize_not_constant );
83
-
84
-	return len;
156
+	linker_assert ( __builtin_constant_p ( num_samples ),
157
+			num_samples_not_constant );
158
+
159
+	/* 1.  If ( min_length > max_length ), then return ( FAILURE, Null ) */
160
+	linker_assert ( ( min_len <= max_len ), min_len_greater_than_max_len );
161
+
162
+	/* 2.  n = 2 * min_entropy */
163
+	n = ( 2 * min_entropy_bits );
164
+
165
+	/* 3.  entropy_total = 0
166
+	 * 4.  tmp = a fixed n-bit value, such as 0^n
167
+	 * 5.  While ( entropy_total < min_entropy )
168
+	 *     5.1.  ( status, entropy_bitstring, assessed_entropy )
169
+	 *           = GetEntropy()
170
+	 *     5.2.  If status indicates an error, return ( status, Null )
171
+	 *     5.3.  nonce = MakeNextNonce()
172
+	 *     5.4.  tmp = tmp XOR df ( ( nonce || entropy_bitstring ), n )
173
+	 *     5.5.  entropy_total = entropy_total + assessed_entropy
174
+	 *
175
+	 * (The implementation of these steps is inside the function
176
+	 * get_entropy_input_tmp().)
177
+	 */
178
+	linker_assert ( __builtin_constant_p ( tmp_len ),
179
+			tmp_len_not_constant );
180
+	linker_assert ( ( n == ( 8 * tmp_len ) ), tmp_len_mismatch );
181
+	if ( ( rc = get_entropy_input_tmp ( num_samples, tmp, tmp_len ) ) != 0 )
182
+		return rc;
183
+
184
+	/* 6.  If ( n < min_length ), then tmp = tmp || 0^(min_length-n)
185
+	 * 7.  If ( n > max_length ), then tmp = df ( tmp, max_length )
186
+	 * 8.  Return ( SUCCESS, tmp )
187
+	 */
188
+	if ( tmp_len < min_len ) {
189
+		/* (Data is already in-place.) */
190
+		linker_assert ( ( data == tmp ), data_not_inplace );
191
+		memset ( ( data + tmp_len ), 0, ( min_len - tmp_len ) );
192
+		return min_len;
193
+	} else if ( tmp_len > max_len ) {
194
+		linker_assert ( ( tmp == tmp_buf ), data_inplace );
195
+		hash_df ( tmp, tmp_len, data, max_len );
196
+		return max_len;
197
+	} else {
198
+		/* (Data is already in-place.) */
199
+		linker_assert ( ( data == tmp ), data_not_inplace );
200
+		return tmp_len;
201
+	}
85 202
 }
86 203
 
87
-extern int get_entropy_input ( unsigned int entropy_bits, void *data,
88
-			       size_t min_len, size_t max_len );
89
-
90 204
 #endif /* _IPXE_ENTROPY_H */

+ 2
- 2
src/include/ipxe/hmac_drbg.h Ver fichero

@@ -59,9 +59,9 @@ FILE_LICENCE ( GPL2_OR_LATER );
59 59
  * according to ANS X9.82 Part 3-2007 Section 10.2.1 Table 2 (NIST SP
60 60
  * 800-90 Section 10.1 Table 2).
61 61
  *
62
- * We choose to allow up to 2^32-1 bytes (i.e. 2^35-8 bits).
62
+ * We choose to allow up to 32 bytes.
63 63
  */
64
-#define HMAC_DRBG_MAX_ENTROPY_LEN_BYTES 0xffffffffUL
64
+#define HMAC_DRBG_MAX_ENTROPY_LEN_BYTES 32
65 65
 
66 66
 /** Maximum personalisation string length
67 67
  *

+ 51
- 0
src/include/ipxe/null_entropy.h Ver fichero

@@ -0,0 +1,51 @@
1
+#ifndef _IPXE_NULL_ENTROPY_H
2
+#define _IPXE_NULL_ENTROPY_H
3
+
4
+/** @file
5
+ *
6
+ * Nonexistent entropy source
7
+ *
8
+ * This source provides no entropy and must NOT be used in a
9
+ * security-sensitive environment.
10
+ */
11
+
12
+FILE_LICENCE ( GPL2_OR_LATER );
13
+
14
+#include <stdint.h>
15
+
16
+#ifdef ENTROPY_NULL
17
+#define ENTROPY_PREFIX_null
18
+#else
19
+#define ENTROPY_PREFIX_null __null_
20
+#endif
21
+
22
+static inline __always_inline void
23
+ENTROPY_INLINE ( null, entropy_enable ) ( void ) {
24
+	/* Do nothing */
25
+}
26
+
27
+static inline __always_inline void
28
+ENTROPY_INLINE ( null, entropy_disable ) ( void ) {
29
+	/* Do nothing */
30
+}
31
+
32
+static inline __always_inline double
33
+ENTROPY_INLINE ( null, min_entropy_per_sample ) ( void ) {
34
+	/* Actual amount of min-entropy is zero.  To avoid
35
+	 * division-by-zero errors and to allow compilation of
36
+	 * entropy-consuming code, pretend to have 1 bit of entropy in
37
+	 * each sample.
38
+	 */
39
+	return 1.0;
40
+}
41
+
42
+static inline __always_inline int
43
+ENTROPY_INLINE ( null, get_noise ) ( noise_sample_t *noise ) {
44
+
45
+	/* All sample values are constant */
46
+	*noise = 0x01;
47
+
48
+	return 0;
49
+}
50
+
51
+#endif /* _IPXE_NULL_ENTROPY_H */

Loading…
Cancelar
Guardar