-
Notifications
You must be signed in to change notification settings - Fork 123
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
- Loading branch information
1 parent
cdac1f4
commit 7ba2b75
Showing
93 changed files
with
8,216 additions
and
219 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,5 @@ | ||
| name: jitterentropy-library | ||
| source: smuellerDD/jitterentropy-library.git | ||
| commit: 16c9e5c93e614f0df25f1cb30d0730102e6f4e41 | ||
| target: v3.6.1 | ||
| imported-at: 2025-02-24T16:50:05-0800 |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,65 @@ | ||
| #!/bin/bash -xu | ||
|
|
||
| # Copyright Amazon.com, Inc. or its affiliates. All Rights Reserved. | ||
| # SPDX-License-Identifier: Apache-2.0 OR ISC | ||
|
|
||
| # | ||
| # https://github.com/smuellerDD/jitterentropy-library -> AWS-LC importer script | ||
| # | ||
| # This script imports a version of Jitter Entropy source into AWS-LC. | ||
| # | ||
| # Usage: | ||
| # | ||
| # ``` | ||
| # rm -rf ./jitterentropy-library | ||
| # ./import.sh | ||
| # ``` | ||
| # | ||
| # This imports Jitter Entroopy from https://github.com/smuellerDD/jitterentropy-library | ||
| # and leaves import meta data in META.yml. | ||
| # | ||
| # If you want to import a specific branch/tag or from a specific repository | ||
| # either GITHUB_TARGET or GITHUB_REPOSITORY as below: | ||
| # | ||
| # ``` | ||
| # GITHUB_REPOSITORY=<repo owner>/<repo name> GITHUB_TARGET=<branch or tag> ./import.sh | ||
| # ``` | ||
|
|
||
| GITHUB_SERVER_URL="https://github.com/" | ||
| GITHUB_REPOSITORY=${GITHUB_REPOSITORY:=smuellerDD/jitterentropy-library.git} | ||
| GITHUB_TARGET=${GITHUB_TARGET:=master} | ||
|
|
||
| SRC="jitterentropy-library" | ||
| TMP="TEMP_CAN_DELETE" | ||
|
|
||
| # Check if source directory already exists | ||
| if [ -d "${SRC}" ]; then | ||
| echo "Source directory or symlink ${SRC} does already exist -- please remove it before re-running the importer" | ||
| exit 1 | ||
| fi | ||
|
|
||
| mkdir ${TMP} | ||
|
|
||
| echo "Fetching repository ..." | ||
| git clone ${GITHUB_SERVER_URL}/${GITHUB_REPOSITORY} ${TMP} --branch ${GITHUB_TARGET} --single-branch >/dev/null | ||
| GITHUB_COMMIT=$(cd ${TMP} >/dev/null; git rev-parse HEAD) | ||
|
|
||
| echo "Copy source code ..." | ||
| mkdir ${SRC} | ||
| cp -r ${TMP}/* ${SRC} | ||
|
|
||
| echo "Remove temporary artifacts ..." | ||
| rm -rf ${TMP} | ||
|
|
||
| # Remove upstream repo build scripts from being invoked. | ||
| rm "${SRC}/CMakeLists.txt" | ||
| rm "${SRC}/Makefile" | ||
|
|
||
| echo "Generating META.yml file ..." | ||
| cat <<EOF > META.yml | ||
| name: ${SRC} | ||
| source: ${GITHUB_REPOSITORY} | ||
| commit: ${GITHUB_COMMIT} | ||
| target: ${GITHUB_TARGET} | ||
| imported-at: $(date "+%Y-%m-%dT%H:%M:%S%z") | ||
| EOF |
132 changes: 132 additions & 0 deletions
132
third_party/jitterentropy/jitterentropy-library/CHANGES.md
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,132 @@ | ||
| 3.6.1 | ||
| * Add more test code | ||
| * Add support for SunPRO compiler | ||
| * Fix compilation on OpenBSD by replacing sed with tr | ||
| * internal timer: Add support for Apple | ||
| * Various small fixes to compilation to imporve portability | ||
|
|
||
| 3.6.0 | ||
| * Remove bi-modal behavior of conditioning function | ||
| * Make jent_read_entropy_safe safer by retrying the health test | ||
| * Move the version information to make them available at compile time | ||
|
|
||
| 3.5.0 | ||
| * add distinction between intermittent and permanent health failure | ||
|
|
||
| * add compile time option to allow configuring a mask to reduce the size of | ||
| the time stamp used for the APT | ||
|
|
||
| 3.4.1 | ||
| * add FIPS 140 hints to man page | ||
| * simplify the test tool to search for optimal configurations | ||
| * fix: jent_loop_shuffle: re-add setting the time that was lost with 3.4.0 | ||
| * enhancement: add ARM64 assembler code to read high-res timer | ||
|
|
||
| 3.4.0 | ||
| * enhancement: add API call jent_set_fips_failure_callback as requested by Daniel Ojalvo | ||
| * fix: Change the SHA-3 integration: The entropy pool is now a SHA-3 state. | ||
| It is filled with the time delta containing entropy and auxiliary data that does not contain entropy using a SHA update operation. The auxiliary data is calculated by a SHA-3 hashing of some varying state data. The time delta that contains entropy is measured about the SHA-3 hasing of the auxiliary data. This satisfies FIPS 140-3 IG D.K resolutions 4, 6, and 8. | ||
| * enhancement: add CMake support by Andrew Hopkins | ||
|
|
||
| 3.3.1 | ||
| * fix: bug fix in initialization logic by Vladis Dronov <[email protected]> | ||
| * fix: use __asm__ instead of asm to suit the C11 standard | ||
|
|
||
| 3.3.0 | ||
| * add jent_get_cachesize if _SC_LEVEL1_DCACHE_SIZE is not defined | ||
| * limit the memory buffer size allocated and allow caller to provide | ||
| the means to provide a limit, too | ||
| * fix: update man page | ||
| * update README explaining how to handle entropy shortfall to make it consistent with the current code base | ||
|
|
||
| 3.2.0 | ||
| * fix: add API call jent_read_entropy_safe to header file | ||
| * enhancement: add jent_entropy_init_ex API call | ||
| * enhancement: call jent_entropy_init_ex automatically when jent_entropy_collector_alloc_internal detects that no self test has yet been performed | ||
| * test: provide jitterentropy-rng test tool allowing all options exported by the library to be invoked | ||
| * fix: re-add check of time_backwards in power-on test | ||
| * fix: silence static code analysis tool | ||
| * test: add test for GCD | ||
| * enhancement: add GCD selftest | ||
| * fix: simplify memory management for SHA-3 | ||
| * enhancement: add random memory access (JENT_RANDOM_MEMACCESS) | ||
|
|
||
| 3.1.0 | ||
| * Add link call to pthreads library as suggested by Mikhail Novosyolov | ||
| * Add ENTROPY_SAFETY_FACTOR to apply consideration of asymptotically reaching | ||
| full entropy following SP800-90C suggested by Joshua Hill | ||
| * Add test for finiding more entropy by changing the memory buffer size | ||
| used for the memory access loop | ||
| * Increase the memory buffer size to 512 kBytes per default based on | ||
| measurements on systems with low entropy. | ||
| * Add jent_ncpu() detecting the number of existing CPUs. Only when more than | ||
| one CPU is in the system, the internal timer thread is started. | ||
| * add GCD testing and analysis suggested by Joshua Hill | ||
| * add fixes to APT suggested by Joshua Hill | ||
| * add lag predictor health test suggested by Joshua Hill | ||
| * add jent_read_entropy_safe API call | ||
| * break up jitterentropy-base.c into various smaller code files | ||
|
|
||
| 3.0.2 | ||
| * Small fixes suggested by Joshua Hill | ||
| * Update the invocation of SHA-3 invocation: each loop iteration defined by the loop shuffle is a self-contained SHA-3 operation. Therefore, the conditioning information is always *one* SHA-3 operation with different time duration. | ||
| * add JENT_CONF_DISABLE_LOOP_SHUFFLE config option allowing disabling of the shuffle operation | ||
| * Use -O0 | ||
|
|
||
| 3.0.1 | ||
| * on older GCC versions use -fstack-protector as suggested by Warszawski, | ||
| Diego | ||
| * prevent creating the internal timer thread if a high-res hardware timer is | ||
| found as reported by Lonnie Abelbeck | ||
|
|
||
| 3.0.0 | ||
| * use RDTSC on x86 directly instead of clock_gettime | ||
| * use SHA-3 instead of LFSR | ||
| * add internal high-resolution timer support | ||
|
|
||
| 2.2.0 | ||
| * SP800-90B compliance: Add RCT runtime health test | ||
| * SP800-90B compliance: Add Chi-Squared runtime health test as a replacement | ||
| for the adaptive proportion test | ||
| * SP800-90B compliance: Increase initial entropy test to 1024 rounds | ||
| * SP800-90B compliance: Invoke runtime health tests during initialization | ||
| * remove FIPS 140-2 continuous self test (RCT covers the requirement as per | ||
| FIPS 140-2 IG 9.8) | ||
| * SP800-90B compliance: Do not mix stuck time deltas into entropy pool | ||
|
|
||
| 2.1.2: | ||
| * Add static library compilation thanks to Neil Horman | ||
| * Initialize variable ec to satisfy valgrind as suggested by Steve Grubb | ||
| * Add cross-compilation support suggested by Lonnie Abelbeck | ||
|
|
||
| 2.1.1: | ||
| * Fix implementation of mathematical properties. | ||
|
|
||
| 2.1.0: | ||
| * Convert all __[u|s][32|64] into [uint|int][32|64]_t | ||
| * Remove all code protected by #if defined(__KERNEL__) && !defined(MODULE) | ||
| * Add JENT_PRIVATE_COMPILE: Enable flag during compile when | ||
| compiling a private copy of the Jitter RNG | ||
| * Remove unused statistical test code | ||
| * Add FIPS 140-2 continuous self test code | ||
| * threshold for init-time stuck test configurable with JENT_STUCK_INIT_THRES | ||
| during compile time | ||
|
|
||
| 2.0.1: | ||
| * Invcation of stuck test during initalization | ||
|
|
||
| 2.0.0: | ||
| * Replace the XOR folding of a time delta with an LFSR -- the use of an | ||
| LFSR is mathematically more sound for the argument to maintain entropy | ||
|
|
||
| 1.2.0: | ||
| * Use constant time operation of jent_stir_pool to prevent leaking | ||
| timing information about RNG. | ||
| * Make it compile on 32 bit archtectures | ||
|
|
||
| 1.1.0: | ||
| * start new numbering schema | ||
| * update processing of bit that is deemed holding no entropy by heuristic: | ||
| XOR it into pool without LSFR and bit rotation (reported and suggested | ||
| by Kevin Fowler <[email protected]>) | ||
|
|
2 changes: 1 addition & 1 deletion
2
third_party/jitterentropy/LICENSE → ...tterentropy/jitterentropy-library/LICENSE
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -1,4 +1,4 @@ | ||
| Copyright (C) 2017 - 2022, Stephan Mueller <[email protected]> | ||
| Copyright (C) 2017 - 2024, Stephan Mueller <[email protected]> | ||
|
|
||
| Redistribution and use in source and binary forms, with or without | ||
| modification, are permitted provided that the following conditions | ||
|
|
||
File renamed without changes.
File renamed without changes.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,69 @@ | ||
| Hardware RNG based on CPU timing jitter | ||
| ======================================= | ||
|
|
||
| The Jitter RNG provides a noise source using the CPU execution timing jitter. | ||
| It does not depend on any system resource other than a high-resolution time | ||
| stamp. It is a small-scale, yet fast entropy source that is viable in almost | ||
| all environments and on a lot of CPU architectures. | ||
|
|
||
| The implementation of the Jitter RNG is independent of any operating system. | ||
| As such, it could even run on baremetal without any operating system. | ||
|
|
||
| The design of the RNG is given in the documentation found in at | ||
| http://www.chronox.de/jent . This documentation also covers the full | ||
| assessment of the SP800-90B compliance as well as all required test code. | ||
|
|
||
| API | ||
| --- | ||
|
|
||
| The API is documented in the man page jitterentropy.3. | ||
|
|
||
| To use the Jitter RNG, the header file jitterentropy.h must be included. | ||
|
|
||
| Build Instructions | ||
| ================== | ||
|
|
||
| To generate the shared library `make` followed by `make install`. | ||
|
|
||
| Android | ||
| ------- | ||
|
|
||
| To compile the code on Android, use the following Makefile: | ||
|
|
||
| arch/android/Android.mk -- NDK make file template that can be used to directly | ||
| compile the CPU Jitter RNG code into Android binaries | ||
|
|
||
| Direct CPU instructions | ||
| ----------------------- | ||
|
|
||
| If the function in jent_get_nstime is not available, you can replace the | ||
| jitterentropy-base-user.h with examples from the arch/ directory. | ||
|
|
||
| Testing | ||
| ======= | ||
|
|
||
| There are numerous tests around the Jitter RNG. Yet, they are too big to be | ||
| loaded into the official repository. Email me, if you want them. | ||
|
|
||
| Version Numbers | ||
| =============== | ||
| The version numbers for this library have the following schema: | ||
| MAJOR.MINOR.PATCHLEVEL | ||
|
|
||
| Changes in the major number implies API and ABI incompatible changes, or | ||
| functional changes that require consumer to be updated (as long as this | ||
| number is zero, the API is not considered stable and can change without a | ||
| bump of the major version). | ||
|
|
||
| Changes in the minor version are API compatible, but the ABI may change. | ||
| Functional enhancements only are added. Thus, a consumer can be left | ||
| unchanged if enhancements are not considered. The consumer only needs to | ||
| be recompiled. | ||
|
|
||
| Patchlevel changes are API / ABI compatible. No functional changes, no | ||
| enhancements are made. This release is a bug fixe release only. The | ||
| consumer can be left unchanged and does not need to be recompiled. | ||
|
|
||
| Author | ||
| ====== | ||
| Stephan Mueller <[email protected]> |
34 changes: 34 additions & 0 deletions
34
third_party/jitterentropy/jitterentropy-library/arch/android/Android.mk
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,34 @@ | ||
| # Copyright (C) 2009 The Android Open Source Project | ||
| # | ||
| # Licensed under the Apache License, Version 2.0 (the "License"); | ||
| # you may not use this file except in compliance with the License. | ||
| # You may obtain a copy of the License at | ||
| # | ||
| # http://www.apache.org/licenses/LICENSE-2.0 | ||
| # | ||
| # Unless required by applicable law or agreed to in writing, software | ||
| # distributed under the License is distributed on an "AS IS" BASIS, | ||
| # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. | ||
| # See the License for the specific language governing permissions and | ||
| # limitations under the License. | ||
| # | ||
| LOCAL_PATH := $(call my-dir) | ||
|
|
||
| include $(CLEAR_VARS) | ||
|
|
||
| LOCAL_MODULE := jitterentropy | ||
| LOCAL_CFLAGS := -O0 -DCRYPTO_CPU_JITTERENTROPY_STAT | ||
| LOCAL_SRC_FILES := jitterentropy-base.c jitterentropy-stat.c jitterentropy-foldtime.c | ||
|
|
||
| # compile into a shared library that can be pulled into an APK | ||
| LOCAL_STATIC_LIBRARIES := android_native_app_glue | ||
| include $(BUILD_SHARED_LIBRARY) | ||
| $(call import-module,android/native_app_glue) | ||
|
|
||
| # compilation of a standalone-binary that must be manually moved to | ||
| # Android /data partition for execution. | ||
| #include $(BUILD_EXECUTABLE) | ||
|
|
||
| # compilation of the CPU Jitter RNG app | ||
| #LOCAL_SRC_FILES := jitterentropy-base.c jitterentropy-main-user.c | ||
|
|
Oops, something went wrong.