aboutsummaryrefslogtreecommitdiffstats
path: root/src/lib/entropy/rdseed/rdseed.cpp
diff options
context:
space:
mode:
authorDaniel Neus <[email protected]>2015-12-18 22:50:39 +0100
committerDaniel Neus <[email protected]>2015-12-18 22:50:39 +0100
commit3ebee37e0303d0a74c262153553d9905c847e5a9 (patch)
treea9e61c4b86ee7f7a6edf82a10f22b472d1584f98 /src/lib/entropy/rdseed/rdseed.cpp
parent56af160c9d4df53467ce742e2ba9b9f512fb7c83 (diff)
add support for Intel RdSeed
Diffstat (limited to 'src/lib/entropy/rdseed/rdseed.cpp')
-rw-r--r--src/lib/entropy/rdseed/rdseed.cpp56
1 files changed, 56 insertions, 0 deletions
diff --git a/src/lib/entropy/rdseed/rdseed.cpp b/src/lib/entropy/rdseed/rdseed.cpp
new file mode 100644
index 000000000..8bdd79a1d
--- /dev/null
+++ b/src/lib/entropy/rdseed/rdseed.cpp
@@ -0,0 +1,56 @@
+/*
+* Entropy Source Using Intel's rdseed instruction
+* (C) 2015 Jack Lloyd, Daniel Neus
+*
+* Botan is released under the Simplified BSD License (see license.txt)
+*/
+
+#include <botan/internal/rdseed.h>
+#include <botan/cpuid.h>
+
+#if !defined(BOTAN_USE_GCC_INLINE_ASM)
+ #include <immintrin.h>
+#endif
+
+namespace Botan {
+
+/*
+* Get the timestamp
+*/
+void Intel_Rdseed::poll(Entropy_Accumulator& accum)
+ {
+ if(!CPUID::has_rdseed())
+ return;
+
+ /*
+ Don't consider rdseed as contributing any entropy to the poll. It doesn't
+ make sense to trust uninspectible hardware.
+
+ Even if backdoored, rdseed cannot harm us because the HMAC_RNG poll process
+ is designed to handle arbitrarily large amounts of attacker known/chosen
+ input (or even a reseed where every bit we reseeded with was attacker chosen),
+ as long as at least one seed occurred with enough unknown-to-attacker entropy.
+ */
+ const double ENTROPY_ESTIMATE = 0.0;
+ const size_t RDSEED_POLLS = 32;
+
+ for(size_t i = 0; i != RDSEED_POLLS; ++i)
+ {
+ unsigned int r = 0;
+
+#if defined(BOTAN_USE_GCC_INLINE_ASM)
+ int cf = 0;
+
+ // Encoding of rdseed %eax
+ asm(".byte 0x0F, 0xC7, 0xF8; adcl $0,%1" :
+ "=a" (r), "=r" (cf) : "0" (r), "1" (cf) : "cc");
+#else
+ int cf = _rdseed32_step(&r);
+#endif
+
+ if(cf == 1)
+ accum.add(r, ENTROPY_ESTIMATE);
+ }
+ }
+
+}