From 4118afa259c1d1dd8a3430603f63ba0604a9fd1c Mon Sep 17 00:00:00 2001 From: cyliangtw Date: Wed, 8 Nov 2017 14:23:05 +0800 Subject: [PATCH 1/5] [M487/NUC472] TRN_Get support 32 bytes unalignment --- targets/TARGET_NUVOTON/TARGET_M480/trng_api.c | 9 +++++++-- targets/TARGET_NUVOTON/TARGET_NUC472/trng_api.c | 11 ++++++++--- 2 files changed, 15 insertions(+), 5 deletions(-) diff --git a/targets/TARGET_NUVOTON/TARGET_M480/trng_api.c b/targets/TARGET_NUVOTON/TARGET_M480/trng_api.c index 4f3c6efd52c..e2b459de2eb 100644 --- a/targets/TARGET_NUVOTON/TARGET_M480/trng_api.c +++ b/targets/TARGET_NUVOTON/TARGET_M480/trng_api.c @@ -77,10 +77,10 @@ void trng_free(trng_t *obj) int trng_get_bytes(trng_t *obj, uint8_t *output, size_t length, size_t *output_length) { (void)obj; - + unsigned char tmpBuff[32]; + *output_length = 0; if (length < 32) { - unsigned char tmpBuff[32]; trng_get(tmpBuff); memcpy(output, &tmpBuff, length); *output_length = length; @@ -89,6 +89,11 @@ int trng_get_bytes(trng_t *obj, uint8_t *output, size_t length, size_t *output_l trng_get(output); *output_length += 32; output += 32; + } + if( length > *output_length ) { + trng_get(tmpBuff); + memcpy(output, &tmpBuff, (length - *output_length)); + *output_length = length; } } diff --git a/targets/TARGET_NUVOTON/TARGET_NUC472/trng_api.c b/targets/TARGET_NUVOTON/TARGET_NUC472/trng_api.c index 6fab1b43063..765b05d6aa9 100644 --- a/targets/TARGET_NUVOTON/TARGET_NUC472/trng_api.c +++ b/targets/TARGET_NUVOTON/TARGET_NUC472/trng_api.c @@ -82,18 +82,23 @@ void trng_free(trng_t *obj) int trng_get_bytes(trng_t *obj, uint8_t *output, size_t length, size_t *output_length) { (void)obj; - + unsigned char tmpBuff[32]; + *output_length = 0; if (length < 32) { - unsigned char tmpBuff[32]; trng_get(tmpBuff); memcpy(output, &tmpBuff, length); *output_length = length; } else { - for (int i = 0; i < (length/32); i++) { + for (unsigned i = 0; i < (length/32); i++) { trng_get(output); *output_length += 32; output += 32; + } + if( length > *output_length ) { + trng_get(tmpBuff); + memcpy(output, &tmpBuff, (length - *output_length)); + *output_length = length; } } From 76c2c1985393bb094122128bc270df14c0b46fe4 Mon Sep 17 00:00:00 2001 From: cyliangtw Date: Wed, 8 Nov 2017 19:56:12 +0800 Subject: [PATCH 2/5] [M487/NUC472] Unified code-path for remaining bytes of TRNG_Get --- targets/TARGET_NUVOTON/TARGET_M480/trng_api.c | 29 ++++++++++--------- .../TARGET_NUVOTON/TARGET_NUC472/trng_api.c | 27 ++++++++--------- 2 files changed, 29 insertions(+), 27 deletions(-) diff --git a/targets/TARGET_NUVOTON/TARGET_M480/trng_api.c b/targets/TARGET_NUVOTON/TARGET_M480/trng_api.c index e2b459de2eb..82e5227d46c 100644 --- a/targets/TARGET_NUVOTON/TARGET_M480/trng_api.c +++ b/targets/TARGET_NUVOTON/TARGET_M480/trng_api.c @@ -28,6 +28,11 @@ static volatile int g_PRNG_done; volatile int g_AES_done; +/* Implementation that should never be optimized out by the compiler */ +static void trng_zeroize( void *v, size_t n ) { + volatile unsigned char *p = (unsigned char*)v; while( n-- ) *p++ = 0; +} + void CRYPTO_IRQHandler() { if (PRNG_GET_INT_FLAG()) { @@ -78,23 +83,19 @@ int trng_get_bytes(trng_t *obj, uint8_t *output, size_t length, size_t *output_l { (void)obj; unsigned char tmpBuff[32]; - + *output_length = 0; - if (length < 32) { + + for (unsigned i = 0; i < (length/32); i++) { + trng_get(output); + *output_length += 32; + output += 32; + } + if( length > *output_length ) { + trng_zeroize(tmpBuff, sizeof(tmpBuff)); trng_get(tmpBuff); - memcpy(output, &tmpBuff, length); + memcpy(output, &tmpBuff, (length - *output_length)); *output_length = length; - } else { - for (unsigned i = 0; i < (length/32); i++) { - trng_get(output); - *output_length += 32; - output += 32; - } - if( length > *output_length ) { - trng_get(tmpBuff); - memcpy(output, &tmpBuff, (length - *output_length)); - *output_length = length; - } } return 0; diff --git a/targets/TARGET_NUVOTON/TARGET_NUC472/trng_api.c b/targets/TARGET_NUVOTON/TARGET_NUC472/trng_api.c index 765b05d6aa9..a8a9498284d 100644 --- a/targets/TARGET_NUVOTON/TARGET_NUC472/trng_api.c +++ b/targets/TARGET_NUVOTON/TARGET_NUC472/trng_api.c @@ -33,6 +33,11 @@ static volatile int g_PRNG_done; volatile int g_AES_done; +/* Implementation that should never be optimized out by the compiler */ +static void trng_zeroize( void *v, size_t n ) { + volatile unsigned char *p = (unsigned char*)v; while( n-- ) *p++ = 0; +} + void CRYPTO_IRQHandler() { if (PRNG_GET_INT_FLAG()) { @@ -85,21 +90,17 @@ int trng_get_bytes(trng_t *obj, uint8_t *output, size_t length, size_t *output_l unsigned char tmpBuff[32]; *output_length = 0; - if (length < 32) { + + for (unsigned i = 0; i < (length/32); i++) { + trng_get(output); + *output_length += 32; + output += 32; + } + if( length > *output_length ) { + trng_zeroize(tmpBuff, sizeof(tmpBuff)); trng_get(tmpBuff); - memcpy(output, &tmpBuff, length); + memcpy(output, &tmpBuff, (length - *output_length)); *output_length = length; - } else { - for (unsigned i = 0; i < (length/32); i++) { - trng_get(output); - *output_length += 32; - output += 32; - } - if( length > *output_length ) { - trng_get(tmpBuff); - memcpy(output, &tmpBuff, (length - *output_length)); - *output_length = length; - } } return 0; From e252b1014880b1a49f5fd85b8932e204e324f1fd Mon Sep 17 00:00:00 2001 From: cyliangtw Date: Thu, 9 Nov 2017 16:01:14 +0800 Subject: [PATCH 3/5] [M487/NUC472] zeroize random data on the stack memory --- targets/TARGET_NUVOTON/TARGET_M480/trng_api.c | 2 +- targets/TARGET_NUVOTON/TARGET_NUC472/trng_api.c | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/targets/TARGET_NUVOTON/TARGET_M480/trng_api.c b/targets/TARGET_NUVOTON/TARGET_M480/trng_api.c index 82e5227d46c..87f124801ba 100644 --- a/targets/TARGET_NUVOTON/TARGET_M480/trng_api.c +++ b/targets/TARGET_NUVOTON/TARGET_M480/trng_api.c @@ -92,10 +92,10 @@ int trng_get_bytes(trng_t *obj, uint8_t *output, size_t length, size_t *output_l output += 32; } if( length > *output_length ) { - trng_zeroize(tmpBuff, sizeof(tmpBuff)); trng_get(tmpBuff); memcpy(output, &tmpBuff, (length - *output_length)); *output_length = length; + trng_zeroize(tmpBuff, sizeof(tmpBuff)); } return 0; diff --git a/targets/TARGET_NUVOTON/TARGET_NUC472/trng_api.c b/targets/TARGET_NUVOTON/TARGET_NUC472/trng_api.c index a8a9498284d..a4210e29106 100644 --- a/targets/TARGET_NUVOTON/TARGET_NUC472/trng_api.c +++ b/targets/TARGET_NUVOTON/TARGET_NUC472/trng_api.c @@ -97,10 +97,10 @@ int trng_get_bytes(trng_t *obj, uint8_t *output, size_t length, size_t *output_l output += 32; } if( length > *output_length ) { - trng_zeroize(tmpBuff, sizeof(tmpBuff)); trng_get(tmpBuff); memcpy(output, &tmpBuff, (length - *output_length)); *output_length = length; + trng_zeroize(tmpBuff, sizeof(tmpBuff)); } return 0; From 2ee058be538812197a69791397d1598096c5ff99 Mon Sep 17 00:00:00 2001 From: cyliangtw Date: Fri, 10 Nov 2017 16:22:35 +0800 Subject: [PATCH 4/5] [M487/NUC472] Refine for correctness control --- targets/TARGET_NUVOTON/TARGET_M480/trng_api.c | 13 ++++++------- targets/TARGET_NUVOTON/TARGET_NUC472/trng_api.c | 13 ++++++------- 2 files changed, 12 insertions(+), 14 deletions(-) diff --git a/targets/TARGET_NUVOTON/TARGET_M480/trng_api.c b/targets/TARGET_NUVOTON/TARGET_M480/trng_api.c index 87f124801ba..bbe5327de81 100644 --- a/targets/TARGET_NUVOTON/TARGET_M480/trng_api.c +++ b/targets/TARGET_NUVOTON/TARGET_M480/trng_api.c @@ -83,21 +83,20 @@ int trng_get_bytes(trng_t *obj, uint8_t *output, size_t length, size_t *output_l { (void)obj; unsigned char tmpBuff[32]; - - *output_length = 0; + size_t cur_length = 0; for (unsigned i = 0; i < (length/32); i++) { trng_get(output); - *output_length += 32; + cur_length += 32; output += 32; } - if( length > *output_length ) { + if( length > cur_length ) { trng_get(tmpBuff); - memcpy(output, &tmpBuff, (length - *output_length)); - *output_length = length; + memcpy(output, &tmpBuff, (length - cur_length)); + cur_length = length; trng_zeroize(tmpBuff, sizeof(tmpBuff)); } - + *output_length = cur_length; return 0; } diff --git a/targets/TARGET_NUVOTON/TARGET_NUC472/trng_api.c b/targets/TARGET_NUVOTON/TARGET_NUC472/trng_api.c index a4210e29106..5acd8f2599e 100644 --- a/targets/TARGET_NUVOTON/TARGET_NUC472/trng_api.c +++ b/targets/TARGET_NUVOTON/TARGET_NUC472/trng_api.c @@ -88,21 +88,20 @@ int trng_get_bytes(trng_t *obj, uint8_t *output, size_t length, size_t *output_l { (void)obj; unsigned char tmpBuff[32]; - - *output_length = 0; + size_t cur_length = 0; for (unsigned i = 0; i < (length/32); i++) { trng_get(output); - *output_length += 32; + cur_length += 32; output += 32; } - if( length > *output_length ) { + if( length > cur_length ) { trng_get(tmpBuff); - memcpy(output, &tmpBuff, (length - *output_length)); - *output_length = length; + memcpy(output, &tmpBuff, (length - cur_length)); + cur_length = length; trng_zeroize(tmpBuff, sizeof(tmpBuff)); } - + *output_length = cur_length; return 0; } From d8a9e35a0c048b5929b861c578eea69a46216402 Mon Sep 17 00:00:00 2001 From: cyliangtw Date: Mon, 13 Nov 2017 12:11:08 +0800 Subject: [PATCH 5/5] [M487/NUC472] Refine trng_get_bytes for consistency and readability --- targets/TARGET_NUVOTON/TARGET_M480/trng_api.c | 20 +++++++++++-------- .../TARGET_NUVOTON/TARGET_NUC472/trng_api.c | 20 +++++++++++-------- 2 files changed, 24 insertions(+), 16 deletions(-) diff --git a/targets/TARGET_NUVOTON/TARGET_M480/trng_api.c b/targets/TARGET_NUVOTON/TARGET_M480/trng_api.c index bbe5327de81..24d15537e44 100644 --- a/targets/TARGET_NUVOTON/TARGET_M480/trng_api.c +++ b/targets/TARGET_NUVOTON/TARGET_M480/trng_api.c @@ -25,6 +25,9 @@ /* * Get Random number generator. */ + +#define PRNG_KEY_SIZE (0x20UL) + static volatile int g_PRNG_done; volatile int g_AES_done; @@ -82,18 +85,19 @@ void trng_free(trng_t *obj) int trng_get_bytes(trng_t *obj, uint8_t *output, size_t length, size_t *output_length) { (void)obj; - unsigned char tmpBuff[32]; + unsigned char tmpBuff[PRNG_KEY_SIZE]; size_t cur_length = 0; - for (unsigned i = 0; i < (length/32); i++) { + while (length >= sizeof(tmpBuff)) { trng_get(output); - cur_length += 32; - output += 32; - } - if( length > cur_length ) { + output += sizeof(tmpBuff); + cur_length += sizeof(tmpBuff); + length -= sizeof(tmpBuff); + } + if (length > 0) { trng_get(tmpBuff); - memcpy(output, &tmpBuff, (length - cur_length)); - cur_length = length; + memcpy(output, tmpBuff, length); + cur_length += length; trng_zeroize(tmpBuff, sizeof(tmpBuff)); } *output_length = cur_length; diff --git a/targets/TARGET_NUVOTON/TARGET_NUC472/trng_api.c b/targets/TARGET_NUVOTON/TARGET_NUC472/trng_api.c index 5acd8f2599e..a1f55b48f6a 100644 --- a/targets/TARGET_NUVOTON/TARGET_NUC472/trng_api.c +++ b/targets/TARGET_NUVOTON/TARGET_NUC472/trng_api.c @@ -30,6 +30,9 @@ /* * Get Random number generator. */ + +#define PRNG_KEY_SIZE (0x20UL) + static volatile int g_PRNG_done; volatile int g_AES_done; @@ -87,18 +90,19 @@ void trng_free(trng_t *obj) int trng_get_bytes(trng_t *obj, uint8_t *output, size_t length, size_t *output_length) { (void)obj; - unsigned char tmpBuff[32]; + unsigned char tmpBuff[PRNG_KEY_SIZE]; size_t cur_length = 0; - for (unsigned i = 0; i < (length/32); i++) { + while (length >= sizeof(tmpBuff)) { trng_get(output); - cur_length += 32; - output += 32; - } - if( length > cur_length ) { + output += sizeof(tmpBuff); + cur_length += sizeof(tmpBuff); + length -= sizeof(tmpBuff); + } + if (length > 0) { trng_get(tmpBuff); - memcpy(output, &tmpBuff, (length - cur_length)); - cur_length = length; + memcpy(output, tmpBuff, length); + cur_length += length; trng_zeroize(tmpBuff, sizeof(tmpBuff)); } *output_length = cur_length;