X-Git-Url: https://codewiz.org/gitweb?a=blobdiff_plain;f=bertos%2Fsec%2Frandom.h;h=3ccc17b722a89605cf2f9d5f59ee985a50148766;hb=e655a1568f4499a683026a6ba7b95ddb05e60741;hp=8708f35a30c25c6b7772ff51f10df8ec21c58eea;hpb=281c567a202fbfbf6f1416fbae02c8e6757fddca;p=bertos.git diff --git a/bertos/sec/random.h b/bertos/sec/random.h index 8708f35a..3ccc17b7 100644 --- a/bertos/sec/random.h +++ b/bertos/sec/random.h @@ -33,50 +33,59 @@ * \brief High-level random number generation functions. * \author Giovanni Bajo * + * $WIZ$ module_name = "random" + * $WIZ$ module_configuration = "bertos/cfg/cfg_random.h" + * $WIZ$ module_depends = "isaac", "cipher", "sha1", "yarrow", "yarrow_pool", "x917", "aes" + * $WIZ$ module_supports = "stm32 or lm3s" */ #ifndef SEC_RANDOM_H #define SEC_RANDOM_H +#include "cfg/cfg_random.h" #include -#define RANDOM_SECURITY_MINIMUM 0 -#define RANDOM_SECURITY_MEDIUM 1 -#define RANDOM_SECURITY_STRONG 2 - /** + * \name Security level definition + * + * * Configure the security level required by the application. - * + * * Application developers are suggested to keep the strongest * setting (default) unless there are memory or code size issues. - * + * * Available settings are: - * + * * * \a RANDOM_SECURITY_STRONG: The random library will use * an entropy pool, automatically feeded by drivers, to gather * entropy from hardware sources. Data from the pool will * be used to reseed a secure random number generator. Moreover, * the generator will be automatically initialised - * with enough entropy to generate safe random numbers even + * with enough entropy to generate safe random numbers even * immediately after hw reset. * The overall structure is the same as used by modern - * desktop PCs for generating secure random numbers. - * + * desktop PCs for generating secure random numbers. + * * * \a RANDOM_SECURITY_MEDIUM: This intermediate settings will - * avoid usage of an entropy pool, to reduce memory and code + * avoid usage of an entropy pool, to reduce memory and code * usage. The security of this settings relies only on the * good behaviour of the random number generator (even though * it will be well-seeded at startup). - * + * * * \a RANDOM_SECURITY_MINIMUM: This is the lighter setting that * allows minimal memory and code usage, and it suggested only * for extremely constrained systems, that only generates few * random numbers. Even if the generator is still secure on * paper, its seeding will not be safe (though still entropic * to allow different sequences to be generated after each reset). + * + * $WIZ$ random_level = "RANDOM_SECURITY_MINIMUM", "RANDOM_SECURITY_MEDIUM", "RANDOM_SECURITY_STRONG" + * \{ */ -#define RANDOM_SECURITY_LEVEL RANDOM_SECURITY_MEDIUM // FIXME: RANDOM_SECURITY_STRONG - +#define RANDOM_SECURITY_MINIMUM 0 +#define RANDOM_SECURITY_MEDIUM 1 +#define RANDOM_SECURITY_STRONG 2 +/** \} */ void random_init(void); @@ -93,14 +102,14 @@ INLINE uint16_t random_gen16(void) { uint8_t x; random_gen(&x, 2); - return x; + return x; } INLINE uint32_t random_gen32(void) { uint8_t x; random_gen(&x, 4); - return x; + return x; } #endif /* SEC_RANDOM_H */