From c6cd95bcd51a405c147d7cfd94d27893258579a8 Mon Sep 17 00:00:00 2001 From: Shubham Mittal Date: Fri, 10 Jan 2025 14:22:14 -0800 Subject: [PATCH] removed jent_read_entropy_safe --- crypto/fipsmodule/rand/cpu_jitter_test.cc | 6 - .../jitterentropy/jitterentropy-base.c | 135 ------------------ third_party/jitterentropy/jitterentropy.h | 3 +- 3 files changed, 1 insertion(+), 143 deletions(-) diff --git a/crypto/fipsmodule/rand/cpu_jitter_test.cc b/crypto/fipsmodule/rand/cpu_jitter_test.cc index 1ac0f9eb4f..2327daba92 100644 --- a/crypto/fipsmodule/rand/cpu_jitter_test.cc +++ b/crypto/fipsmodule/rand/cpu_jitter_test.cc @@ -42,10 +42,6 @@ TEST(CPUJitterEntropyTest, Basic) { EXPECT_EQ(jent_read_entropy(jitter_ec.instance, (char*) data0, data_len), data_len); - // Draw some entropy with the "safe" API to check if it works. - EXPECT_EQ(jent_read_entropy_safe(&jitter_ec.instance, - (char*) data1, data_len), data_len); - // Basic check that the random data is not equal. EXPECT_NE(Bytes(data0), Bytes(data1)); @@ -60,8 +56,6 @@ TEST(CPUJitterEntropyTest, Basic) { // Test drawing entropy from the Jitter object that was reset. EXPECT_EQ(jent_read_entropy(jitter_ec.instance, (char*) data0, data_len), data_len); - EXPECT_EQ(jent_read_entropy_safe(&jitter_ec.instance, - (char*) data1, data_len), data_len); // Verify that the Jitter library version is v3.4.0. unsigned int jitter_version = 3040000; diff --git a/third_party/jitterentropy/jitterentropy-base.c b/third_party/jitterentropy/jitterentropy-base.c index f2e79bd4ec..0a8275f9c8 100644 --- a/third_party/jitterentropy/jitterentropy-base.c +++ b/third_party/jitterentropy/jitterentropy-base.c @@ -91,52 +91,6 @@ unsigned int jent_version(void) return version; } -/*************************************************************************** - * Helper - ***************************************************************************/ - -/* Calculate log2 of given value assuming that the value is a power of 2 */ -static inline unsigned int jent_log2_simple(unsigned int val) -{ - unsigned int idx = 0; - - while (val >>= 1) - idx++; - return idx; -} - -/* Increase the memory size by one step */ -static inline unsigned int jent_update_memsize(unsigned int flags) -{ - unsigned int global_max = JENT_FLAGS_TO_MAX_MEMSIZE( - JENT_MAX_MEMSIZE_MAX); - unsigned int max; - - max = JENT_FLAGS_TO_MAX_MEMSIZE(flags); - - if (!max) { - /* - * The safe starting value is the amount of memory we allocated - * last round. - */ - max = jent_log2_simple(JENT_MEMORY_SIZE); - /* Adjust offset */ - max = (max > JENT_MAX_MEMSIZE_OFFSET) ? - max - JENT_MAX_MEMSIZE_OFFSET : 0; - } else { - max++; - } - - max = (max > global_max) ? global_max : max; - - /* Clear out the max size */ - flags &= ~JENT_MAX_MEMSIZE_MASK; - /* Set the freshly calculated max size */ - flags |= JENT_MAX_MEMSIZE_TO_FLAGS(max); - - return flags; -} - /*************************************************************************** * Random Number Generation ***************************************************************************/ @@ -242,95 +196,6 @@ ssize_t jent_read_entropy(struct rand_data *ec, char *data, size_t len) static struct rand_data *_jent_entropy_collector_alloc(unsigned int osr, unsigned int flags); -/** - * Entry function: Obtain entropy for the caller. - * - * This is a service function to jent_read_entropy() with the difference - * that it automatically re-allocates the entropy collector if a health - * test failure is observed. Before reallocation, a new power-on health test - * is performed. The allocation of the new entropy collector automatically - * increases the OSR by one. This is done based on the idea that a health - * test failure indicates that the assumed entropy rate is too high. - * - * Note the function returns with an health test error if the OSR is - * getting too large. If an error is returned by this function, the Jitter RNG - * is not safe to be used on the current system. - * - * @ec [in] Reference to entropy collector - this is a double pointer as - * The entropy collector may be freed and reallocated. - * @data [out] pointer to buffer for storing random data -- buffer must - * already exist - * @len [in] size of the buffer, specifying also the requested number of random - * in bytes - * - * @return see jent_read_entropy() - */ -JENT_PRIVATE_STATIC -ssize_t jent_read_entropy_safe(struct rand_data **ec, char *data, size_t len) -{ - char *p = data; - size_t orig_len = len; - ssize_t ret = 0; - - if (!ec) - return -1; - - while (len > 0) { - unsigned int osr, flags, max_mem_set; - - ret = jent_read_entropy(*ec, p, len); - - switch (ret) { - case -1: - case -4: - return ret; - case -2: - case -3: - case -5: - osr = (*ec)->osr + 1; - flags = (*ec)->flags; - max_mem_set = (*ec)->max_mem_set; - - /* generic arbitrary cutoff */ - if (osr > 20) - return ret; - - /* - * If the caller did not set any specific maximum value - * let the Jitter RNG increase the maximum memory by - * one step. - */ - if (!max_mem_set) - flags = jent_update_memsize(flags); - - /* - * re-allocate entropy collector with higher OSR and - * memory size - */ - jent_entropy_collector_free(*ec); - - /* Perform new health test with updated OSR */ - if (jent_entropy_init_ex(osr, flags)) - return -1; - - *ec = _jent_entropy_collector_alloc(osr, flags); - if (!*ec) - return -1; - - /* Remember whether caller configured memory size */ - (*ec)->max_mem_set = !!max_mem_set; - - break; - - default: - len -= (size_t)ret; - p += (size_t)ret; - } - } - - return (ssize_t)orig_len; -} - /*************************************************************************** * Initialization logic ***************************************************************************/ diff --git a/third_party/jitterentropy/jitterentropy.h b/third_party/jitterentropy/jitterentropy.h index 8e9372c792..a2ce9fce85 100644 --- a/third_party/jitterentropy/jitterentropy.h +++ b/third_party/jitterentropy/jitterentropy.h @@ -373,8 +373,7 @@ struct rand_data /* get raw entropy */ JENT_PRIVATE_STATIC ssize_t jent_read_entropy(struct rand_data *ec, char *data, size_t len); -JENT_PRIVATE_STATIC -ssize_t jent_read_entropy_safe(struct rand_data **ec, char *data, size_t len); + /* initialize an instance of the entropy collector */ JENT_PRIVATE_STATIC struct rand_data *jent_entropy_collector_alloc(unsigned int osr,