From bf82ff0209d06546ca968e2c9bbafadb90694e97 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Manuel=20P=C3=A9gouri=C3=A9-Gonnard?= Date: Fri, 19 Jun 2015 09:40:51 +0200 Subject: [PATCH] Fix entropy thresholds --- include/mbedtls/entropy.h | 6 +++--- include/mbedtls/entropy_poll.h | 8 ++++---- library/entropy.c | 11 +++++------ 3 files changed, 12 insertions(+), 13 deletions(-) diff --git a/include/mbedtls/entropy.h b/include/mbedtls/entropy.h index 039664b99..a99d20da0 100644 --- a/include/mbedtls/entropy.h +++ b/include/mbedtls/entropy.h @@ -107,8 +107,8 @@ typedef struct { mbedtls_entropy_f_source_ptr f_source; /**< The entropy source callback */ void * p_source; /**< The callback data pointer */ - size_t size; /**< Amount received */ - size_t threshold; /**< Minimum level required before release */ + size_t size; /**< Amount received in bytes */ + size_t threshold; /**< Minimum bytes required before release */ } mbedtls_entropy_source_state; @@ -155,7 +155,7 @@ void mbedtls_entropy_free( mbedtls_entropy_context *ctx ); * \param f_source Entropy function * \param p_source Function data * \param threshold Minimum required from source before entropy is released - * ( with mbedtls_entropy_func() ) + * ( with mbedtls_entropy_func() ) (in bytes) * * \return 0 if successful or MBEDTLS_ERR_ENTROPY_MAX_SOURCES */ diff --git a/include/mbedtls/entropy_poll.h b/include/mbedtls/entropy_poll.h index 34746f9d1..231042eee 100644 --- a/include/mbedtls/entropy_poll.h +++ b/include/mbedtls/entropy_poll.h @@ -37,11 +37,11 @@ extern "C" { #endif /* - * Default thresholds for built-in sources + * Default thresholds for built-in sources, in bytes */ -#define MBEDTLS_ENTROPY_MIN_PLATFORM 128 /**< Minimum for platform source */ -#define MBEDTLS_ENTROPY_MIN_HAVEGE 128 /**< Minimum for HAVEGE */ -#define MBEDTLS_ENTROPY_MIN_HARDCLOCK 32 /**< Minimum for mbedtls_timing_hardclock() */ +#define MBEDTLS_ENTROPY_MIN_PLATFORM 32 /**< Minimum for platform source */ +#define MBEDTLS_ENTROPY_MIN_HAVEGE 32 /**< Minimum for HAVEGE */ +#define MBEDTLS_ENTROPY_MIN_HARDCLOCK 4 /**< Minimum for mbedtls_timing_hardclock() */ #if !defined(MBEDTLS_NO_PLATFORM_ENTROPY) /** diff --git a/library/entropy.c b/library/entropy.c index 3626d3468..fa3dcde0a 100644 --- a/library/entropy.c +++ b/library/entropy.c @@ -250,7 +250,7 @@ int mbedtls_entropy_gather( mbedtls_entropy_context *ctx ) int mbedtls_entropy_func( void *data, unsigned char *output, size_t len ) { - int ret, count = 0, i, reached; + int ret, count = 0, i, done; mbedtls_entropy_context *ctx = (mbedtls_entropy_context *) data; unsigned char buf[MBEDTLS_ENTROPY_BLOCK_SIZE]; @@ -276,13 +276,12 @@ int mbedtls_entropy_func( void *data, unsigned char *output, size_t len ) if( ( ret = entropy_gather_internal( ctx ) ) != 0 ) goto exit; - reached = 0; - + done = 1; for( i = 0; i < ctx->source_count; i++ ) - if( ctx->source[i].size >= ctx->source[i].threshold ) - reached++; + if( ctx->source[i].size < ctx->source[i].threshold ) + done = 0; } - while( reached != ctx->source_count ); + while( ! done ); memset( buf, 0, MBEDTLS_ENTROPY_BLOCK_SIZE );