Merge GH #373 RDRAND/RDSEED logic changes

The Intel RNG may fail if heavily contended, so retry as needed.
author: Jack Lloyd <[email protected]> 2016-03-06 06:17:15 -0500
committer: Jack Lloyd <[email protected]> 2016-03-06 06:17:15 -0500
commit: 7827c50cbddec094412745d877dcf3ea118ad4d7 (patch)
tree: c043da905a7818a046893de6ac8ceb29a87a4d8b /src
parent: a3d7eb9c338d2cc48116f25894a07455b1a79443 (diff)
parent: b642fa9bc637b3a7fe39f5640b9a2f6f9ea5f581 (diff)
3 files changed, 51 insertions, 34 deletions
diff --git a/src/build-data/buildh.in b/src/build-data/buildh.in
index a1d8890db..6412fdcdf 100644
--- a/src/build-data/buildh.in
+++ b/src/build-data/buildh.in
@@ -167,6 +167,22 @@ softare-based entropy polling is still used.
 */
 #define BOTAN_ENTROPY_ESTIMATE_HARDWARE_RNG 0.0
 
+/*
+How often should the RdRand/RdSeed RNGs be polled
+
+Each poll generates 32 bit entropy
+*/
+#define BOTAN_ENTROPY_INTEL_RNG_POLLS 32
+
+// According to Intel RdRand is guaranteed to generate a random number within 10 retries on a working CPU
+#define BOTAN_ENTROPY_RDRAND_RETRIES 10
+
+/*
+* RdSeed is not guaranteed to generate a random number within a specific number of retries
+* Define the number of retries here
+*/
+#define BOTAN_ENTROPY_RDSEED_RETRIES 20
+
 // The output of a PRNG we are trusting to be strong
 #define BOTAN_ENTROPY_ESTIMATE_STRONG_RNG 7.0
 
diff --git a/src/lib/entropy/rdrand/rdrand.cpp b/src/lib/entropy/rdrand/rdrand.cpp
index 24fe98cf8..13263bb63 100644
--- a/src/lib/entropy/rdrand/rdrand.cpp
+++ b/src/lib/entropy/rdrand/rdrand.cpp
@@ -1,12 +1,14 @@
 /*
 * Entropy Source Using Intel's rdrand instruction
 * (C) 2012,2015 Jack Lloyd
+* (C) 2015 Daniel Neus
 *
 * Botan is released under the Simplified BSD License (see license.txt)
 */
 
 #include <botan/internal/rdrand.h>
 #include <botan/cpuid.h>
+#include <botan/build.h>
 
 #if !defined(BOTAN_USE_GCC_INLINE_ASM)
   #include <immintrin.h>
@@ -14,32 +16,31 @@
 
 namespace Botan {
 
-/*
-* Get the timestamp
-*/
-void Intel_Rdrand::poll(Entropy_Accumulator& accum)
-   {
+void Intel_Rdrand::poll(Entropy_Accumulator& accum) {
    if(!CPUID::has_rdrand())
       return;
 
-   const size_t RDRAND_POLLS = 32;
-
-   for(size_t i = 0; i != RDRAND_POLLS; ++i)
+   for(size_t i = 0; i != BOTAN_ENTROPY_INTEL_RNG_POLLS; ++i)
       {
-      unsigned int r = 0;
+      for(size_t i = 0; i != BOTAN_ENTROPY_RDRAND_RETRIES; ++i)
+         {
+         uint32_t r = 0;
 
 #if defined(BOTAN_USE_GCC_INLINE_ASM)
-      int cf = 0;
+         int cf = 0;
 
-      // Encoding of rdrand %eax
-      asm(".byte 0x0F, 0xC7, 0xF0; adcl $0,%1" :
-          "=a" (r), "=r" (cf) : "0" (r), "1" (cf) : "cc");
+         // Encoding of rdrand %eax
+         asm(".byte 0x0F, 0xC7, 0xF0; adcl $0,%1" :
+             "=a" (r), "=r" (cf) : "0" (r), "1" (cf) : "cc");
 #else
-      int cf = _rdrand32_step(&r);
+         int cf = _rdrand32_step(&r);
 #endif
-
-      if(cf == 1)
-         accum.add(r, BOTAN_ENTROPY_ESTIMATE_HARDWARE_RNG);
+         if(1 == cf)
+            {
+            accum.add(r, BOTAN_ENTROPY_ESTIMATE_HARDWARE_RNG);
+            break;
+            }
+         }
       }
    }
 
diff --git a/src/lib/entropy/rdseed/rdseed.cpp b/src/lib/entropy/rdseed/rdseed.cpp
index 91306769d..bcef9ad83 100644
--- a/src/lib/entropy/rdseed/rdseed.cpp
+++ b/src/lib/entropy/rdseed/rdseed.cpp
@@ -7,6 +7,7 @@
 
 #include <botan/internal/rdseed.h>
 #include <botan/cpuid.h>
+#include <botan/build.h>
 
 #if !defined(BOTAN_USE_GCC_INLINE_ASM)
   #include <immintrin.h>
@@ -14,32 +15,31 @@
 
 namespace Botan {
 
-/*
-* Get the timestamp
-*/
-void Intel_Rdseed::poll(Entropy_Accumulator& accum)
-   {
+void Intel_Rdseed::poll(Entropy_Accumulator& accum) {
    if(!CPUID::has_rdseed())
       return;
 
-   const size_t RDSEED_POLLS = 32;
-
-   for(size_t i = 0; i != RDSEED_POLLS; ++i)
+   for(size_t i = 0; i != BOTAN_ENTROPY_INTEL_RNG_POLLS; ++i)
       {
-      unsigned int r = 0;
+      for(size_t i = 0; i != BOTAN_ENTROPY_RDSEED_RETRIES; ++i)
+         {
+         uint32_t r = 0;
 
 #if defined(BOTAN_USE_GCC_INLINE_ASM)
-      int cf = 0;
+         int cf = 0;
 
-      // Encoding of rdseed %eax
-      asm(".byte 0x0F, 0xC7, 0xF8; adcl $0,%1" :
-          "=a" (r), "=r" (cf) : "0" (r), "1" (cf) : "cc");
+         // Encoding of rdseed %eax
+         asm(".byte 0x0F, 0xC7, 0xF8; adcl $0,%1" :
+             "=a" (r), "=r" (cf) : "0" (r), "1" (cf) : "cc");
 #else
-      int cf = _rdseed32_step(&r);
+         int cf = _rdseed32_step(&r);
 #endif
-
-      if(cf == 1)
-         accum.add(r, BOTAN_ENTROPY_ESTIMATE_HARDWARE_RNG);
+         if(1 == cf)
+            {
+            accum.add(r, BOTAN_ENTROPY_ESTIMATE_HARDWARE_RNG);
+            break;
+            }
+         }
       }
    }
author	Jack Lloyd <[email protected]>	2016-03-06 06:17:15 -0500
committer	Jack Lloyd <[email protected]>	2016-03-06 06:17:15 -0500
commit	7827c50cbddec094412745d877dcf3ea118ad4d7 (patch)
tree	c043da905a7818a046893de6ac8ceb29a87a4d8b /src
parent	a3d7eb9c338d2cc48116f25894a07455b1a79443 (diff)
parent	b642fa9bc637b3a7fe39f5640b9a2f6f9ea5f581 (diff)