Make mg_random() fallible. Abort TLS on weak RNG

This commit is contained in:
Sergey Lyubka 2024-08-31 12:21:12 +01:00 committed by Sergio R. Caprile
parent 44b3d60692
commit 683f65f8ac
62 changed files with 253 additions and 111 deletions

View File

@ -8,11 +8,12 @@ void SysTick_Handler(void) { // SyStick IRQ handler, triggered every 1ms
s_ticks++;
}
void mg_random(void *buf, size_t len) { // Use on-board RNG
bool mg_random(void *buf, size_t len) { // Use on-board RNG
for (size_t n = 0; n < len; n += sizeof(uint32_t)) {
uint32_t r = rng_read();
memcpy((char *) buf + n, &r, n + sizeof(r) > len ? len - n : sizeof(r));
}
return true;
}
uint64_t mg_millis(void) { // Let Mongoose use our uptime function

View File

@ -22,11 +22,12 @@ uint64_t mg_millis(void) { // Let Mongoose use our uptime function
return s_ticks; // Return number of milliseconds since boot
}
void mg_random(void *buf, size_t len) { // Use on-board RNG
bool mg_random(void *buf, size_t len) { // Use on-board RNG
for (size_t n = 0; n < len; n += sizeof(uint32_t)) {
uint32_t r = rng_read();
memcpy((char *) buf + n, &r, n + sizeof(r) > len ? len - n : sizeof(r));
}
return true;
}
static void timer_fn(void *arg) {

View File

@ -24,11 +24,12 @@ uint64_t mg_millis(void) { // Let Mongoose use our uptime function
return s_ticks; // Return number of milliseconds since boot
}
void mg_random(void *buf, size_t len) { // Use on-board RNG
bool mg_random(void *buf, size_t len) { // Use on-board RNG
for (size_t n = 0; n < len; n += sizeof(uint32_t)) {
uint32_t r = rng_read();
memcpy((char *) buf + n, &r, n + sizeof(r) > len ? len - n : sizeof(r));
}
return true;
}
static void fn(struct mg_connection *c, int ev, void *ev_data) {

View File

@ -9,11 +9,12 @@ void SysTick_Handler(void) { // SyStick IRQ handler, triggered every 1ms
}
#if 0
void mg_random(void *buf, size_t len) { // Use on-board RNG
bool mg_random(void *buf, size_t len) { // Use on-board RNG
for (size_t n = 0; n < len; n += sizeof(uint32_t)) {
uint32_t r = rng_read();
memcpy((char *) buf + n, &r, n + sizeof(r) > len ? len - n : sizeof(r));
}
return true;
}
#endif

View File

@ -9,11 +9,12 @@ void SysTick_Handler(void) { // SyStick IRQ handler, triggered every 1ms
s_ticks++;
}
void mg_random(void *buf, size_t len) { // Use on-board RNG
bool mg_random(void *buf, size_t len) { // Use on-board RNG
for (size_t n = 0; n < len; n += sizeof(uint32_t)) {
uint32_t r = rng_read();
memcpy((char *) buf + n, &r, n + sizeof(r) > len ? len - n : sizeof(r));
}
return true;
}
uint64_t mg_millis(void) { // Let Mongoose use our uptime function

View File

@ -9,11 +9,12 @@ void SysTick_Handler(void) { // SyStick IRQ handler, triggered every 1ms
}
#if 0
void mg_random(void *buf, size_t len) { // Use on-board RNG
bool mg_random(void *buf, size_t len) { // Use on-board RNG
for (size_t n = 0; n < len; n += sizeof(uint32_t)) {
uint32_t r = rng_read();
memcpy((char *) buf + n, &r, n + sizeof(r) > len ? len - n : sizeof(r));
}
return true;
}
#endif

View File

@ -9,11 +9,12 @@ void SysTick_Handler(void) { // SyStick IRQ handler, triggered every 1ms
s_ticks++;
}
void mg_random(void *buf, size_t len) { // Use on-board RNG
bool mg_random(void *buf, size_t len) { // Use on-board RNG
for (size_t n = 0; n < len; n += sizeof(uint32_t)) {
uint32_t r = rng_read();
memcpy((char *) buf + n, &r, n + sizeof(r) > len ? len - n : sizeof(r));
}
return true;
}
uint64_t mg_millis(void) { // Let Mongoose use our uptime function

View File

@ -16,11 +16,12 @@ uint64_t mg_millis(void) { // Let Mongoose use our uptime function
return s_ticks; // Return number of milliseconds since boot
}
void mg_random(void *buf, size_t len) { // Use on-board RNG
bool mg_random(void *buf, size_t len) { // Use on-board RNG
for (size_t n = 0; n < len; n += sizeof(uint32_t)) {
uint32_t r = rng_read();
memcpy((char *) buf + n, &r, n + sizeof(r) > len ? len - n : sizeof(r));
}
return true;
}
static void timer_fn(void *arg) {
gpio_toggle(LED); // Blink LED

View File

@ -7,11 +7,12 @@
#define BLINK_PERIOD_MS 1000 // LED blinking period in millis
void mg_random(void *buf, size_t len) { // Use on-board RNG
bool mg_random(void *buf, size_t len) { // Use on-board RNG
for (size_t n = 0; n < len; n += sizeof(uint32_t)) {
uint32_t r = rng_read();
memcpy((char *) buf + n, &r, n + sizeof(r) > len ? len - n : sizeof(r));
}
return true;
}
static void timer_fn(void *arg) {

View File

@ -16,12 +16,14 @@ uint64_t mg_millis(void) { // Let Mongoose use our uptime function
return s_ticks; // Return number of milliseconds since boot
}
void mg_random(void *buf, size_t len) { // Use on-board RNG
bool mg_random(void *buf, size_t len) { // Use on-board RNG
for (size_t n = 0; n < len; n += sizeof(uint32_t)) {
uint32_t r = rng_read();
memcpy((char *) buf + n, &r, n + sizeof(r) > len ? len - n : sizeof(r));
}
return true;
}
static void timer_fn(void *arg) {
gpio_toggle(LED); // Blink LED
struct mg_tcpip_if *ifp = arg; // And show

View File

@ -15,11 +15,12 @@ void SysTick_Handler(void) {
xPortSysTickHandler();
}
void mg_random(void *buf, size_t len) { // Use on-board RNG
bool mg_random(void *buf, size_t len) { // Use on-board RNG
for (size_t n = 0; n < len; n += sizeof(uint32_t)) {
uint32_t r = rng_read();
memcpy((char *) buf + n, &r, n + sizeof(r) > len ? len - n : sizeof(r));
}
return true;
}
static void timer_fn(void *arg) {

View File

@ -33,8 +33,9 @@ uint64_t mg_millis(void) { // Let Mongoose use our uptime function
return s_ticks; // Return number of milliseconds since boot
}
void mg_random(void *buf, size_t len) { // Use on-board RNG
bool mg_random(void *buf, size_t len) { // Use on-board RNG
TRNG_GetRandomData(TRNG, buf, len); // Init by BOARD_InitBootPeripherals()
return true;
}
static void timer_fn(void *arg) {

View File

@ -47,11 +47,12 @@ void SysTick_Handler(void) { // SyStick IRQ handler, triggered every 1ms
}
#if 0
void mg_random(void *buf, size_t len) { // Use on-board RNG
bool mg_random(void *buf, size_t len) { // Use on-board RNG
for (size_t n = 0; n < len; n += sizeof(uint32_t)) {
uint32_t r = rng_read();
memcpy((char *) buf + n, &r, n + sizeof(r) > len ? len - n : sizeof(r));
}
return true;
}
#endif

View File

@ -26,11 +26,12 @@ static uint8_t spi_txn(void *spi, uint8_t byte) {
return result;
}
void mg_random(void *buf, size_t len) {
bool mg_random(void *buf, size_t len) {
for (size_t n = 0; n < len; n += sizeof(uint32_t)) {
uint32_t r = get_rand_32();
memcpy((char *) buf + n, &r, n + sizeof(r) > len ? len - n : sizeof(r));
}
return true;
}
static void timer_fn(void *arg) {

View File

@ -76,13 +76,14 @@ uint64_t mg_millis(void) { // Let Mongoose use our uptime function
return (uint64_t)HAL_GetTick(); // Return number of milliseconds since boot
}
void mg_random(void *buf, size_t len) { // Use on-board RNG
bool mg_random(void *buf, size_t len) { // Use on-board RNG
extern RNG_HandleTypeDef hrng;
for (size_t n = 0; n < len; n += sizeof(uint32_t)) {
uint32_t r;
HAL_RNG_GenerateRandomNumber(&hrng, &r);
memcpy((char *) buf + n, &r, n + sizeof(r) > len ? len - n : sizeof(r));
}
return true;
}
static void timer_fn(void *arg) {

View File

@ -90,13 +90,14 @@ void server(void *argument);
/* Private user code ---------------------------------------------------------*/
/* USER CODE BEGIN 0 */
void mg_random(void *buf, size_t len) { // Use on-board RNG
bool mg_random(void *buf, size_t len) { // Use on-board RNG
extern RNG_HandleTypeDef hrng;
for (size_t n = 0; n < len; n += sizeof(uint32_t)) {
uint32_t r;
HAL_RNG_GenerateRandomNumber(&hrng, &r);
memcpy((char *) buf + n, &r, n + sizeof(r) > len ? len - n : sizeof(r));
}
return true;
}
static void timer_fn(void *arg) {

View File

@ -70,13 +70,14 @@ void blinker(void const * argument);
/* Private user code ---------------------------------------------------------*/
/* USER CODE BEGIN 0 */
void mg_random(void *buf, size_t len) { // Use on-board RNG
bool mg_random(void *buf, size_t len) { // Use on-board RNG
extern RNG_HandleTypeDef hrng;
for (size_t n = 0; n < len; n += sizeof(uint32_t)) {
uint32_t r;
HAL_RNG_GenerateRandomNumber(&hrng, &r);
memcpy((char *) buf + n, &r, n + sizeof(r) > len ? len - n : sizeof(r));
}
return true;
}
/* USER CODE END 0 */

View File

@ -11,13 +11,14 @@ uint64_t mg_millis(void) { // Let Mongoose use our uptime function
return (uint64_t) HAL_GetTick(); // Return number of milliseconds since boot
}
void mg_random(void *buf, size_t len) { // Use on-board RNG
bool mg_random(void *buf, size_t len) { // Use on-board RNG
extern RNG_HandleTypeDef hrng;
for (size_t n = 0; n < len; n += sizeof(uint32_t)) {
uint32_t r;
HAL_RNG_GenerateRandomNumber(&hrng, &r);
memcpy((char *) buf + n, &r, n + sizeof(r) > len ? len - n : sizeof(r));
}
return true;
}
static void timer_fn(void *arg) {

View File

@ -17,13 +17,14 @@ void SysTick_Handler(void) {
xPortSysTickHandler();
}
void mg_random(void *buf, size_t len) { // Use on-board RNG
bool mg_random(void *buf, size_t len) { // Use on-board RNG
extern RNG_HandleTypeDef hrng;
for (size_t n = 0; n < len; n += sizeof(uint32_t)) {
uint32_t r;
HAL_RNG_GenerateRandomNumber(&hrng, &r);
memcpy((char *) buf + n, &r, n + sizeof(r) > len ? len - n : sizeof(r));
}
return true;
}
static void timer_fn(void *arg) {

View File

@ -22,11 +22,12 @@ uint64_t mg_millis(void) { // Let Mongoose use our uptime function
return s_ticks; // Return number of milliseconds since boot
}
void mg_random(void *buf, size_t len) { // Use on-board RNG
bool mg_random(void *buf, size_t len) { // Use on-board RNG
for (size_t n = 0; n < len; n += sizeof(uint32_t)) {
uint32_t r = rng_read();
memcpy((char *) buf + n, &r, n + sizeof(r) > len ? len - n : sizeof(r));
}
return true;
}
bool tud_network_recv_cb(const uint8_t *buf, uint16_t len) {

View File

@ -16,11 +16,12 @@ uint64_t mg_millis(void) { // Let Mongoose use our uptime function
return s_ticks; // Return number of milliseconds since boot
}
void mg_random(void *buf, size_t len) { // Use on-board RNG
bool mg_random(void *buf, size_t len) { // Use on-board RNG
for (size_t n = 0; n < len; n += sizeof(uint32_t)) {
uint32_t r = rng_read();
memcpy((char *) buf + n, &r, n + sizeof(r) > len ? len - n : sizeof(r));
}
return true;
}
static void timer_fn(void *arg) {

View File

@ -7,11 +7,12 @@
#define BLINK_PERIOD_MS 1000 // LED blinking period in millis
void mg_random(void *buf, size_t len) { // Use on-board RNG
bool mg_random(void *buf, size_t len) { // Use on-board RNG
for (size_t n = 0; n < len; n += sizeof(uint32_t)) {
uint32_t r = rng_read();
memcpy((char *) buf + n, &r, n + sizeof(r) > len ? len - n : sizeof(r));
}
return true;
}
static void timer_fn(void *arg) {

View File

@ -90,13 +90,14 @@ uint64_t mg_millis(void) { // Let Mongoose use our uptime function
return (uint64_t)HAL_GetTick(); // Return number of milliseconds since boot
}
void mg_random(void *buf, size_t len) { // Use on-board RNG
bool mg_random(void *buf, size_t len) { // Use on-board RNG
extern RNG_HandleTypeDef hrng;
for (size_t n = 0; n < len; n += sizeof(uint32_t)) {
uint32_t r;
HAL_RNG_GenerateRandomNumber(&hrng, &r);
memcpy((char *) buf + n, &r, n + sizeof(r) > len ? len - n : sizeof(r));
}
return true;
}
static void timer_fn(void *arg) {

View File

@ -104,13 +104,14 @@ void server(void *argument);
/* Private user code ---------------------------------------------------------*/
/* USER CODE BEGIN 0 */
void mg_random(void *buf, size_t len) { // Use on-board RNG
bool mg_random(void *buf, size_t len) { // Use on-board RNG
extern RNG_HandleTypeDef hrng;
for (size_t n = 0; n < len; n += sizeof(uint32_t)) {
uint32_t r;
HAL_RNG_GenerateRandomNumber(&hrng, &r);
memcpy((char *) buf + n, &r, n + sizeof(r) > len ? len - n : sizeof(r));
}
return true;
}
static void timer_fn(void *arg) {

View File

@ -71,13 +71,14 @@ void blinker(void const * argument);
/* Private user code ---------------------------------------------------------*/
/* USER CODE BEGIN 0 */
void mg_random(void *buf, size_t len) { // Use on-board RNG
bool mg_random(void *buf, size_t len) { // Use on-board RNG
extern RNG_HandleTypeDef hrng;
for (size_t n = 0; n < len; n += sizeof(uint32_t)) {
uint32_t r;
HAL_RNG_GenerateRandomNumber(&hrng, &r);
memcpy((char *) buf + n, &r, n + sizeof(r) > len ? len - n : sizeof(r));
}
return true;
}
/* USER CODE END 0 */

View File

@ -12,13 +12,14 @@ uint64_t mg_millis(void) { // Let Mongoose use our uptime function
return (uint64_t) HAL_GetTick(); // Return number of milliseconds since boot
}
void mg_random(void *buf, size_t len) { // Use on-board RNG
bool mg_random(void *buf, size_t len) { // Use on-board RNG
extern RNG_HandleTypeDef hrng;
for (size_t n = 0; n < len; n += sizeof(uint32_t)) {
uint32_t r;
HAL_RNG_GenerateRandomNumber(&hrng, &r);
memcpy((char *) buf + n, &r, n + sizeof(r) > len ? len - n : sizeof(r));
}
return true;
}
static void timer_fn(void *arg) {

View File

@ -21,13 +21,14 @@ void SysTick_Handler (void) {
xPortSysTickHandler();
}
void mg_random(void *buf, size_t len) { // Use on-board RNG
bool mg_random(void *buf, size_t len) { // Use on-board RNG
extern RNG_HandleTypeDef hrng;
for (size_t n = 0; n < len; n += sizeof(uint32_t)) {
uint32_t r;
HAL_RNG_GenerateRandomNumber(&hrng, &r);
memcpy((char *) buf + n, &r, n + sizeof(r) > len ? len - n : sizeof(r));
}
return true;
}
static void server(void *args) {

View File

@ -18,12 +18,13 @@ void SysTick_Handler (void) {
xPortSysTickHandler();
}
void mg_random(void *buf, size_t len) { // Use on-board RNG
bool mg_random(void *buf, size_t len) { // Use on-board RNG
for (size_t n = 0; n < len; n += sizeof(uint32_t)) {
uint32_t r;
HAL_RNG_GenerateRandomNumber(&hrng, &r);
memcpy((char *) buf + n, &r, n + sizeof(r) > len ? len - n : sizeof(r));
}
return true;
}
static void server(void *args) {

View File

@ -17,13 +17,14 @@ void SysTick_Handler(void) {
xPortSysTickHandler();
}
void mg_random(void *buf, size_t len) { // Use on-board RNG
bool mg_random(void *buf, size_t len) { // Use on-board RNG
extern RNG_HandleTypeDef hrng;
for (size_t n = 0; n < len; n += sizeof(uint32_t)) {
uint32_t r;
HAL_RNG_GenerateRandomNumber(&hrng, &r);
memcpy((char *) buf + n, &r, n + sizeof(r) > len ? len - n : sizeof(r));
}
return true;
}
static void timer_fn(void *arg) {

View File

@ -14,13 +14,14 @@
#define BLINK_PERIOD_MS 1000 // LED blinking period in millis
void mg_random(void *buf, size_t len) { // Use on-board RNG
bool mg_random(void *buf, size_t len) { // Use on-board RNG
extern RNG_HandleTypeDef hrng;
for (size_t n = 0; n < len; n += sizeof(uint32_t)) {
uint32_t r;
HAL_RNG_GenerateRandomNumber(&hrng, &r);
memcpy((char *) buf + n, &r, n + sizeof(r) > len ? len - n : sizeof(r));
}
return true;
}
static void server(void *args) {
@ -97,4 +98,3 @@ int main(void) {
osKernelStart(); // This blocks
return 0;
}

View File

@ -9,13 +9,14 @@
#define BLINK_PERIOD_MS 1000 // LED blinking period in millis
void mg_random(void *buf, size_t len) { // Use on-board RNG
bool mg_random(void *buf, size_t len) { // Use on-board RNG
extern RNG_HandleTypeDef hrng;
for (size_t n = 0; n < len; n += sizeof(uint32_t)) {
uint32_t r;
HAL_RNG_GenerateRandomNumber(&hrng, &r);
memcpy((char *) buf + n, &r, n + sizeof(r) > len ? len - n : sizeof(r));
}
return true;
}
static void timer_fn(void *arg) {

View File

@ -10,13 +10,14 @@
#define BLINK_PERIOD_MS 1000 // LED blinking period in millis
void mg_random(void *buf, size_t len) { // Use on-board RNG
bool mg_random(void *buf, size_t len) { // Use on-board RNG
extern RNG_HandleTypeDef hrng;
for (size_t n = 0; n < len; n += sizeof(uint32_t)) {
uint32_t r;
HAL_RNG_GenerateRandomNumber(&hrng, &r);
memcpy((char *) buf + n, &r, n + sizeof(r) > len ? len - n : sizeof(r));
}
return true;
}
static void server(const void *args) {

View File

@ -9,13 +9,14 @@
#define BLINK_PERIOD_MS 1000 // LED blinking period in millis
void mg_random(void *buf, size_t len) { // Use on-board RNG
bool mg_random(void *buf, size_t len) { // Use on-board RNG
extern RNG_HandleTypeDef hrng;
for (size_t n = 0; n < len; n += sizeof(uint32_t)) {
uint32_t r;
HAL_RNG_GenerateRandomNumber(&hrng, &r);
memcpy((char *) buf + n, &r, n + sizeof(r) > len ? len - n : sizeof(r));
}
return true;
}
static void timer_fn(void *arg) {

View File

@ -14,13 +14,14 @@
#define BLINK_PERIOD_MS 1000 // LED blinking period in millis
void mg_random(void *buf, size_t len) { // Use on-board RNG
bool mg_random(void *buf, size_t len) { // Use on-board RNG
extern RNG_HandleTypeDef hrng;
for (size_t n = 0; n < len; n += sizeof(uint32_t)) {
uint32_t r;
HAL_RNG_GenerateRandomNumber(&hrng, &r);
memcpy((char *) buf + n, &r, n + sizeof(r) > len ? len - n : sizeof(r));
}
return true;
}
static void server(void *args) {
@ -98,4 +99,3 @@ int main(void) {
osKernelStart(); // This blocks
return 0;
}

View File

@ -10,13 +10,14 @@
#define BLINK_PERIOD_MS 1000 // LED blinking period in millis
void mg_random(void *buf, size_t len) { // Use on-board RNG
bool mg_random(void *buf, size_t len) { // Use on-board RNG
extern RNG_HandleTypeDef hrng;
for (size_t n = 0; n < len; n += sizeof(uint32_t)) {
uint32_t r;
HAL_RNG_GenerateRandomNumber(&hrng, &r);
memcpy((char *) buf + n, &r, n + sizeof(r) > len ? len - n : sizeof(r));
}
return true;
}
static void server(void *args) {
@ -83,4 +84,3 @@ int main(void) {
osKernelStart(); // This blocks
return 0;
}

View File

@ -9,13 +9,14 @@
#define BLINK_PERIOD_MS 1000 // LED blinking period in millis
void mg_random(void *buf, size_t len) { // Use on-board RNG
bool mg_random(void *buf, size_t len) { // Use on-board RNG
extern RNG_HandleTypeDef hrng;
for (size_t n = 0; n < len; n += sizeof(uint32_t)) {
uint32_t r;
HAL_RNG_GenerateRandomNumber(&hrng, &r);
memcpy((char *) buf + n, &r, n + sizeof(r) > len ? len - n : sizeof(r));
}
return true;
}
static void timer_fn(void *arg) {

View File

@ -16,11 +16,12 @@ uint64_t mg_millis(void) { // Let Mongoose use our uptime function
return s_ticks; // Return number of milliseconds since boot
}
void mg_random(void *buf, size_t len) { // Use on-board RNG
bool mg_random(void *buf, size_t len) { // Use on-board RNG
for (size_t n = 0; n < len; n += sizeof(uint32_t)) {
uint32_t r = rng_read();
memcpy((char *) buf + n, &r, n + sizeof(r) > len ? len - n : sizeof(r));
}
return true;
}
static void timer_fn(void *arg) {

View File

@ -22,11 +22,12 @@ uint64_t mg_millis(void) { // Let Mongoose use our uptime function
return s_ticks; // Return number of milliseconds since boot
}
void mg_random(void *buf, size_t len) { // Use on-board RNG
bool mg_random(void *buf, size_t len) { // Use on-board RNG
for (size_t n = 0; n < len; n += sizeof(uint32_t)) {
uint32_t r = rng_read();
memcpy((char *) buf + n, &r, n + sizeof(r) > len ? len - n : sizeof(r));
}
return true;
}
bool tud_network_recv_cb(const uint8_t *buf, uint16_t len) {

View File

@ -16,11 +16,12 @@ uint64_t mg_millis(void) { // Let Mongoose use our uptime function
return s_ticks; // Return number of milliseconds since boot
}
void mg_random(void *buf, size_t len) { // Use on-board RNG
bool mg_random(void *buf, size_t len) { // Use on-board RNG
for (size_t n = 0; n < len; n += sizeof(uint32_t)) {
uint32_t r = rng_read();
memcpy((char *) buf + n, &r, n + sizeof(r) > len ? len - n : sizeof(r));
}
return true;
}
static void timer_fn(void *arg) {

View File

@ -7,11 +7,12 @@
#define BLINK_PERIOD_MS 1000 // LED blinking period in millis
void mg_random(void *buf, size_t len) { // Use on-board RNG
bool mg_random(void *buf, size_t len) { // Use on-board RNG
for (size_t n = 0; n < len; n += sizeof(uint32_t)) {
uint32_t r = rng_read();
memcpy((char *) buf + n, &r, n + sizeof(r) > len ? len - n : sizeof(r));
}
return true;
}
static void timer_fn(void *arg) {

View File

@ -23,11 +23,12 @@ void SysTick_Handler(void) {
xPortSysTickHandler();
}
void mg_random(void *buf, size_t len) { // Use on-board RNG
bool mg_random(void *buf, size_t len) { // Use on-board RNG
for (size_t n = 0; n < len; n += sizeof(uint32_t)) {
uint32_t r = rng_read();
memcpy((char *) buf + n, &r, n + sizeof(r) > len ? len - n : sizeof(r));
}
return true;
}
static void ethernet_init(void) {

View File

@ -23,11 +23,12 @@ void SysTick_Handler(void) { // SyStick IRQ handler, triggered every 1ms
s_ticks++;
}
void mg_random(void *buf, size_t len) { // Use on-board RNG
bool mg_random(void *buf, size_t len) { // Use on-board RNG
for (size_t n = 0; n < len; n += sizeof(uint32_t)) {
uint32_t r = rng_read();
memcpy((char *) buf + n, &r, n + sizeof(r) > len ? len - n : sizeof(r));
}
return true;
}
uint64_t mg_millis(void) { // Let Mongoose use our uptime function

View File

@ -16,11 +16,12 @@ uint64_t mg_millis(void) { // Let Mongoose use our uptime function
return s_ticks; // Return number of milliseconds since boot
}
void mg_random(void *buf, size_t len) { // Use on-board RNG
bool mg_random(void *buf, size_t len) { // Use on-board RNG
for (size_t n = 0; n < len; n += sizeof(uint32_t)) {
uint32_t r = rng_read();
memcpy((char *) buf + n, &r, n + sizeof(r) > len ? len - n : sizeof(r));
}
return true;
}
static void timer_fn(void *arg) {

View File

@ -7,11 +7,12 @@
#define BLINK_PERIOD_MS 1000 // LED blinking period in millis
void mg_random(void *buf, size_t len) { // Use on-board RNG
bool mg_random(void *buf, size_t len) { // Use on-board RNG
for (size_t n = 0; n < len; n += sizeof(uint32_t)) {
uint32_t r = rng_read();
memcpy((char *) buf + n, &r, n + sizeof(r) > len ? len - n : sizeof(r));
}
return true;
}
static void timer_fn(void *arg) {

View File

@ -16,11 +16,12 @@ uint64_t mg_millis(void) { // Let Mongoose use our uptime function
return s_ticks; // Return number of milliseconds since boot
}
void mg_random(void *buf, size_t len) { // Use on-board RNG
bool mg_random(void *buf, size_t len) { // Use on-board RNG
for (size_t n = 0; n < len; n += sizeof(uint32_t)) {
uint32_t r = rng_read();
memcpy((char *) buf + n, &r, n + sizeof(r) > len ? len - n : sizeof(r));
}
return true;
}
#ifdef MQTT_DASHBOARD

View File

@ -15,11 +15,12 @@ void SysTick_Handler(void) {
xPortSysTickHandler();
}
void mg_random(void *buf, size_t len) { // Use on-board RNG
bool mg_random(void *buf, size_t len) { // Use on-board RNG
for (size_t n = 0; n < len; n += sizeof(uint32_t)) {
uint32_t r = rng_read();
memcpy((char *) buf + n, &r, n + sizeof(r) > len ? len - n : sizeof(r));
}
return true;
}
static void timer_fn(void *arg) {

View File

@ -90,13 +90,14 @@ uint64_t mg_millis(void) { // Let Mongoose use our uptime function
return (uint64_t)HAL_GetTick(); // Return number of milliseconds since boot
}
void mg_random(void *buf, size_t len) { // Use on-board RNG
bool mg_random(void *buf, size_t len) { // Use on-board RNG
extern RNG_HandleTypeDef hrng;
for (size_t n = 0; n < len; n += sizeof(uint32_t)) {
uint32_t r;
HAL_RNG_GenerateRandomNumber(&hrng, &r);
memcpy((char *) buf + n, &r, n + sizeof(r) > len ? len - n : sizeof(r));
}
return true;
}
static void timer_fn(void *arg) {

View File

@ -104,13 +104,14 @@ void server(void *argument);
/* Private user code ---------------------------------------------------------*/
/* USER CODE BEGIN 0 */
void mg_random(void *buf, size_t len) { // Use on-board RNG
bool mg_random(void *buf, size_t len) { // Use on-board RNG
extern RNG_HandleTypeDef hrng;
for (size_t n = 0; n < len; n += sizeof(uint32_t)) {
uint32_t r;
HAL_RNG_GenerateRandomNumber(&hrng, &r);
memcpy((char *) buf + n, &r, n + sizeof(r) > len ? len - n : sizeof(r));
}
return true;
}
static void timer_fn(void *arg) {

View File

@ -16,11 +16,12 @@ uint64_t mg_millis(void) { // Let Mongoose use our uptime function
return s_ticks; // Return number of milliseconds since boot
}
void mg_random(void *buf, size_t len) { // Use on-board RNG
bool mg_random(void *buf, size_t len) { // Use on-board RNG
for (size_t n = 0; n < len; n += sizeof(uint32_t)) {
uint32_t r = rng_read();
memcpy((char *) buf + n, &r, n + sizeof(r) > len ? len - n : sizeof(r));
}
return true;
}
static void timer_fn(void *arg) {

View File

@ -14,11 +14,12 @@ void SysTick_Handler(void) {
xPortSysTickHandler();
}
void mg_random(void *buf, size_t len) { // Use on-board RNG
bool mg_random(void *buf, size_t len) { // Use on-board RNG
for (size_t n = 0; n < len; n += sizeof(uint32_t)) {
uint32_t r = rng_read();
memcpy((char *) buf + n, &r, n + sizeof(r) > len ? len - n : sizeof(r));
}
return true;
}
static void timer_fn(void *arg) {

View File

@ -16,11 +16,12 @@ uint64_t mg_millis(void) { // Let Mongoose use our uptime function
return s_ticks; // Return number of milliseconds since boot
}
void mg_random(void *buf, size_t len) { // Use on-board RNG
bool mg_random(void *buf, size_t len) { // Use on-board RNG
for (size_t n = 0; n < len; n += sizeof(uint32_t)) {
uint32_t r = rng_read();
memcpy((char *) buf + n, &r, n + sizeof(r) > len ? len - n : sizeof(r));
}
return true;
}
static void timer_fn(void *arg) {

View File

@ -7,11 +7,12 @@
#define BLINK_PERIOD_MS 1000 // LED blinking period in millis
void mg_random(void *buf, size_t len) { // Use on-board RNG
bool mg_random(void *buf, size_t len) { // Use on-board RNG
for (size_t n = 0; n < len; n += sizeof(uint32_t)) {
uint32_t r = rng_read();
memcpy((char *) buf + n, &r, n + sizeof(r) > len ? len - n : sizeof(r));
}
return true;
}
static void timer_fn(void *arg) {

View File

@ -16,11 +16,12 @@ uint64_t mg_millis(void) { // Let Mongoose use our uptime function
return s_ticks; // Return number of milliseconds since boot
}
void mg_random(void *buf, size_t len) { // Use on-board RNG
bool mg_random(void *buf, size_t len) { // Use on-board RNG
for (size_t n = 0; n < len; n += sizeof(uint32_t)) {
uint32_t r = rng_read();
memcpy((char *) buf + n, &r, n + sizeof(r) > len ? len - n : sizeof(r));
}
return true;
}
static void timer_fn(void *arg) {

View File

@ -26,11 +26,12 @@ __attribute__((interrupt())) void SysTick_Handler(void) {
SysTick->SR = 0;
}
void mg_random(void *buf, size_t len) { // Use on-board RNG
bool mg_random(void *buf, size_t len) { // Use on-board RNG
for (size_t n = 0; n < len; n += sizeof(uint32_t)) {
uint32_t r = rng_read();
memcpy((char *) buf + n, &r, n + sizeof(r) > len ? len - n : sizeof(r));
}
return true;
}
uint64_t mg_millis(void) { // Let Mongoose use our uptime function

View File

@ -10066,7 +10066,7 @@ static void mg_tls_server_send_hello(struct mg_connection *c) {
// calculate keyshare
uint8_t x25519_pub[X25519_BYTES];
uint8_t x25519_prv[X25519_BYTES];
mg_random(x25519_prv, sizeof(x25519_prv));
if (!mg_random(x25519_prv, sizeof(x25519_prv))) mg_error(c, "RNG");
mg_tls_x25519(x25519_pub, x25519_prv, X25519_BASE_POINT, 1);
mg_tls_x25519(tls->x25519_sec, x25519_prv, tls->x25519_cli, 1);
mg_tls_hexdump("s x25519 sec", tls->x25519_sec, sizeof(tls->x25519_sec));
@ -10292,12 +10292,12 @@ static void mg_tls_client_send_hello(struct mg_connection *c) {
}
// calculate keyshare
mg_random(tls->x25519_cli, sizeof(tls->x25519_cli));
if (!mg_random(tls->x25519_cli, sizeof(tls->x25519_cli))) mg_error(c, "RNG");
mg_tls_x25519(x25519_pub, tls->x25519_cli, X25519_BASE_POINT, 1);
// fill in the gaps: random + session ID + keyshare
mg_random(tls->session_id, sizeof(tls->session_id));
mg_random(tls->random, sizeof(tls->random));
if (!mg_random(tls->session_id, sizeof(tls->session_id))) mg_error(c, "RNG");
if (!mg_random(tls->random, sizeof(tls->random))) mg_error(c, "RNG");
memmove(msg_client_hello + 11, tls->random, sizeof(tls->random));
memmove(msg_client_hello + 44, tls->session_id, sizeof(tls->session_id));
memmove(msg_client_hello + 94, x25519_pub, sizeof(x25519_pub));
@ -16337,6 +16337,7 @@ struct mg_str mg_url_pass(const char *url) {
#endif
// Not using memset for zeroing memory, cause it can be dropped by compiler
// See https://github.com/cesanta/mongoose/pull/1265
void mg_bzero(volatile unsigned char *buf, size_t len) {
@ -16347,22 +16348,50 @@ void mg_bzero(volatile unsigned char *buf, size_t len) {
#if MG_ENABLE_CUSTOM_RANDOM
#else
void mg_random(void *buf, size_t len) {
bool done = false;
bool mg_random(void *buf, size_t len) {
bool success = false;
unsigned char *p = (unsigned char *) buf;
#if MG_ARCH == MG_ARCH_ESP32
while (len--) *p++ = (unsigned char) (esp_random() & 255);
done = true;
success = true;
#elif MG_ARCH == MG_ARCH_WIN32
static bool initialised = false;
#if defined(_MSC_VER) && _MSC_VER < 1700
static HCRYPTPROV hProv;
// CryptGenRandom() implementation earlier than 2008 is weak, see
// https://en.wikipedia.org/wiki/CryptGenRandom
if (initialised == false) {
initialised = CryptAcquireContext(&hProv, NULL, NULL, PROV_RSA_FULL,
CRYPT_VERIFYCONTEXT);
}
if (initialised == true) {
success = CryptGenRandom(hProv, len, p);
}
#else
// BCrypt is a "new generation" strong crypto API, so try it first
static BCRYPT_ALG_HANDLE hProv;
if (initialised == false &&
BCryptOpenAlgorithmProvider(&hProv, BCRYPT_RNG_ALGORITHM, NULL, 0) == 0) {
initialised = true;
}
if (initialised == true) {
success = BCryptGenRandom(hProv, p, (ULONG) len, 0) == 0;
}
#endif
#elif MG_ARCH == MG_ARCH_UNIX
FILE *fp = fopen("/dev/urandom", "rb");
if (fp != NULL) {
if (fread(buf, 1, len, fp) == len) done = true;
if (fread(buf, 1, len, fp) == len) success = true;
fclose(fp);
}
#endif
// If everything above did not work, fallback to a pseudo random generator
while (!done && len--) *p++ = (unsigned char) (rand() & 255);
if (success == false) {
MG_ERROR(("Weak RNG: using rand()"));
while (len--) *p++ = (unsigned char) (rand() & 255);
}
return success;
}
#endif

View File

@ -443,6 +443,20 @@ typedef enum { false = 0, true = 1 } bool;
#include <winerror.h>
#include <winsock2.h>
// For mg_random()
#if defined(_MSC_VER) && _MSC_VER < 1700
#ifndef _WIN32_WINNT
#define _WIN32_WINNT 0x400 // Let vc98 pick up wincrypt.h
#endif
#include <wincrypt.h>
#pragma comment(lib, "advapi32.lib")
#else
#include <bcrypt.h>
#if defined(_MSC_VER)
#pragma comment(lib, "bcrypt.lib")
#endif
#endif
// Protect from calls like std::snprintf in app code
// See https://github.com/cesanta/mongoose/issues/1047
#ifndef __cplusplus
@ -1056,7 +1070,7 @@ struct mg_str mg_unpacked(const char *path); // Packed file as mg_str
#endif
void mg_bzero(volatile unsigned char *buf, size_t len);
void mg_random(void *buf, size_t len);
bool mg_random(void *buf, size_t len);
char *mg_random_str(char *buf, size_t len);
uint16_t mg_ntohs(uint16_t net);
uint32_t mg_ntohl(uint32_t net);

View File

@ -50,6 +50,20 @@ typedef enum { false = 0, true = 1 } bool;
#include <winerror.h>
#include <winsock2.h>
// For mg_random()
#if defined(_MSC_VER) && _MSC_VER < 1700
#ifndef _WIN32_WINNT
#define _WIN32_WINNT 0x400 // Let vc98 pick up wincrypt.h
#endif
#include <wincrypt.h>
#pragma comment(lib, "advapi32.lib")
#else
#include <bcrypt.h>
#if defined(_MSC_VER)
#pragma comment(lib, "bcrypt.lib")
#endif
#endif
// Protect from calls like std::snprintf in app code
// See https://github.com/cesanta/mongoose/issues/1047
#ifndef __cplusplus

View File

@ -623,7 +623,7 @@ static void mg_tls_server_send_hello(struct mg_connection *c) {
// calculate keyshare
uint8_t x25519_pub[X25519_BYTES];
uint8_t x25519_prv[X25519_BYTES];
mg_random(x25519_prv, sizeof(x25519_prv));
if (!mg_random(x25519_prv, sizeof(x25519_prv))) mg_error(c, "RNG");
mg_tls_x25519(x25519_pub, x25519_prv, X25519_BASE_POINT, 1);
mg_tls_x25519(tls->x25519_sec, x25519_prv, tls->x25519_cli, 1);
mg_tls_hexdump("s x25519 sec", tls->x25519_sec, sizeof(tls->x25519_sec));
@ -849,12 +849,12 @@ static void mg_tls_client_send_hello(struct mg_connection *c) {
}
// calculate keyshare
mg_random(tls->x25519_cli, sizeof(tls->x25519_cli));
if (!mg_random(tls->x25519_cli, sizeof(tls->x25519_cli))) mg_error(c, "RNG");
mg_tls_x25519(x25519_pub, tls->x25519_cli, X25519_BASE_POINT, 1);
// fill in the gaps: random + session ID + keyshare
mg_random(tls->session_id, sizeof(tls->session_id));
mg_random(tls->random, sizeof(tls->random));
if (!mg_random(tls->session_id, sizeof(tls->session_id))) mg_error(c, "RNG");
if (!mg_random(tls->random, sizeof(tls->random))) mg_error(c, "RNG");
memmove(msg_client_hello + 11, tls->random, sizeof(tls->random));
memmove(msg_client_hello + 44, tls->session_id, sizeof(tls->session_id));
memmove(msg_client_hello + 94, x25519_pub, sizeof(x25519_pub));

View File

@ -1,3 +1,4 @@
#include "log.h"
#include "util.h"
// Not using memset for zeroing memory, cause it can be dropped by compiler
@ -10,22 +11,50 @@ void mg_bzero(volatile unsigned char *buf, size_t len) {
#if MG_ENABLE_CUSTOM_RANDOM
#else
void mg_random(void *buf, size_t len) {
bool done = false;
bool mg_random(void *buf, size_t len) {
bool success = false;
unsigned char *p = (unsigned char *) buf;
#if MG_ARCH == MG_ARCH_ESP32
while (len--) *p++ = (unsigned char) (esp_random() & 255);
done = true;
success = true;
#elif MG_ARCH == MG_ARCH_WIN32
static bool initialised = false;
#if defined(_MSC_VER) && _MSC_VER < 1700
static HCRYPTPROV hProv;
// CryptGenRandom() implementation earlier than 2008 is weak, see
// https://en.wikipedia.org/wiki/CryptGenRandom
if (initialised == false) {
initialised = CryptAcquireContext(&hProv, NULL, NULL, PROV_RSA_FULL,
CRYPT_VERIFYCONTEXT);
}
if (initialised == true) {
success = CryptGenRandom(hProv, len, p);
}
#else
// BCrypt is a "new generation" strong crypto API, so try it first
static BCRYPT_ALG_HANDLE hProv;
if (initialised == false &&
BCryptOpenAlgorithmProvider(&hProv, BCRYPT_RNG_ALGORITHM, NULL, 0) == 0) {
initialised = true;
}
if (initialised == true) {
success = BCryptGenRandom(hProv, p, (ULONG) len, 0) == 0;
}
#endif
#elif MG_ARCH == MG_ARCH_UNIX
FILE *fp = fopen("/dev/urandom", "rb");
if (fp != NULL) {
if (fread(buf, 1, len, fp) == len) done = true;
if (fread(buf, 1, len, fp) == len) success = true;
fclose(fp);
}
#endif
// If everything above did not work, fallback to a pseudo random generator
while (!done && len--) *p++ = (unsigned char) (rand() & 255);
if (success == false) {
MG_ERROR(("Weak RNG: using rand()"));
while (len--) *p++ = (unsigned char) (rand() & 255);
}
return success;
}
#endif

View File

@ -12,7 +12,7 @@
#endif
void mg_bzero(volatile unsigned char *buf, size_t len);
void mg_random(void *buf, size_t len);
bool mg_random(void *buf, size_t len);
char *mg_random_str(char *buf, size_t len);
uint16_t mg_ntohs(uint16_t net);
uint32_t mg_ntohl(uint32_t net);

View File

@ -6,9 +6,10 @@ OPTS ?= -O3 -g3
INCS ?= -Isrc -I.
SSL ?=
CWD ?= $(realpath $(CURDIR))
ROOT_DIR = $(realpath $(CWD)/..)
ENV ?= -e Tmp=. -e WINEDEBUG=-all
DOCKER_BIN ?= docker
DOCKER ?= $(DOCKER_BIN) run --platform linux/amd64 --rm $(ENV) -v $(CWD)/..:$(CWD)/.. -w $(CWD)
DOCKER ?= $(DOCKER_BIN) run --platform linux/amd64 --rm $(ENV) -v $(ROOT_DIR):$(ROOT_DIR) -w $(CWD)
VCFLAGS = /nologo /W3 /O2 /MD /I. $(DEFS) $(TFLAGS)
IPV6 ?= 1
ASAN ?= -fsanitize=address,undefined,alignment -fno-sanitize-recover=all -fno-omit-frame-pointer -fno-common
@ -166,23 +167,23 @@ riscv: mongoose.h $(SRCS)
$(DOCKER) mdashnet/riscv riscv-none-elf-gcc -march=rv32imc -mabi=ilp32 $(SRCS) $(OPTS) $(WARN) $(INCS) $(DEFS) $(TFLAGS) -o unit_test
vc98: Makefile mongoose.h $(SRCS)
$(DOCKER) mdashnet/vc98 wine cl $(SRCS) $(VCFLAGS) ws2_32.lib /Fe$@.exe
$(DOCKER) mdashnet/vc98 wine cl $(SRCS) $(VCFLAGS) /Fe$@.exe
$(DOCKER) mdashnet/vc98 wine $@.exe
vc17: Makefile mongoose.h $(SRCS)
$(DOCKER) mdashnet/vc17 wine64 cl $(SRCS) $(VCFLAGS) ws2_32.lib /Fe$@.exe
$(DOCKER) mdashnet/vc17 wine64 cl $(SRCS) $(VCFLAGS) /Fe$@.exe
$(DOCKER) mdashnet/vc17 wine64 $@.exe
vc22: Makefile mongoose.h $(SRCS)
$(DOCKER) mdashnet/vc22 wine64 cl $(SRCS) $(VCFLAGS) ws2_32.lib /Fe$@.exe
$(DOCKER) mdashnet/vc22 wine64 cl $(SRCS) $(VCFLAGS) /Fe$@.exe
$(DOCKER) mdashnet/vc22 wine64 $@.exe
mingw: Makefile mongoose.h $(SRCS)
$(DOCKER) mdashnet/mingw x86_64-w64-mingw32-gcc $(SRCS) -W -Wall -Werror -I. $(DEFS) -lwsock32 -o $@.exe
$(DOCKER) mdashnet/mingw x86_64-w64-mingw32-gcc $(SRCS) -W -Wall -Werror -I. $(DEFS) -lwsock32 -lbcrypt -o $@.exe
$(DOCKER) mdashnet/mingw wine64 $@.exe
mingw++: Makefile mongoose.h $(SRCS)
$(DOCKER) mdashnet/mingw x86_64-w64-mingw32-g++ $(SRCS) -W -Wall -Werror -I. $(DEFS) -lwsock32 -o $@.exe
$(DOCKER) mdashnet/mingw x86_64-w64-mingw32-g++ $(SRCS) -W -Wall -Werror -I. $(DEFS) -lwsock32 -lbcrypt -o $@.exe
linux-libs: CFLAGS += -fPIC
linux-libs: LDFLAGS += -Wl,-soname,libmongoose.so.$(VERSION)

View File

@ -3,7 +3,7 @@ DELETE = rm -rf # Command to remove files
OUT ?= -o $(PROG) # Compiler argument for output file
SOURCES = main.c mongoose.c # Source code files
CFLAGS = -W -Wall -Wextra -g -I. # Build options
CFLAGS += -fsanitize=address,undefined,alignment
#CFLAGS += -fsanitize=address,undefined,alignment
# Mongoose build options. See https://mongoose.ws/documentation/#build-options
CFLAGS_MONGOOSE += -DMG_HTTP_DIRLIST_TIME_FMT="%Y/%m/%d %H:%M:%S"
@ -13,7 +13,7 @@ CFLAGS_MONGOOSE += -DMG_TLS=MG_TLS_BUILTIN
ifeq ($(OS),Windows_NT) # Windows settings. Assume MinGW compiler. To use VC: make CC=cl CFLAGS=/MD OUT=/Feprog.exe
PROG ?= example.exe # Use .exe suffix for the binary
CC = gcc # Use MinGW gcc compiler
CFLAGS += -lws2_32 # Link against Winsock library
CFLAGS += -lws2_32 -lbcrypt # Link against Winsock library
DELETE = cmd /C del /Q /F /S # Command prompt command to delete files
OUT ?= -o $(PROG) # Build output
endif
@ -24,5 +24,8 @@ all: $(PROG) # Default target. Build and run program
$(PROG): $(SOURCES) # Build program from sources
$(CC) $(SOURCES) $(CFLAGS) $(CFLAGS_MONGOOSE) $(CFLAGS_EXTRA) $(OUT)
vc98:
cl $(SOURCES) -DMG_ENABLE_SSI=1 -DMG_TLS=MG_TLS_BUILTIN
clean: # Cleanup. Delete built program and all build artifacts
$(DELETE) $(PROG) *.o *.obj *.exe *.dSYM