michaelh/zephyr
1
0
Fork 0
Code Releases Activity
zephyr/subsys/random/CMakeLists.txt
Jordan Yates fdeaa9103e random: deprecate XOROSHIRO_RANDOM_GENERATOR 
Deprecate the xoroshiro128+ PRNG algorithm in favour of xoshiro128++.
xoshiro128++ is a drop-in replacement which is invisible from the user
perspective.

xoroshiro128+ is unsuitable because it is explicitly a floating-point
PRNG, not a general-purpose PRNG. This means that the lower 4 bits of
the output are actually linear, not random (from the designers,
https://prng.di.unimi.it/). This means 1/8th of the generated data is
not random.

Additionally, xoroshiro128+ is not a 32bit algorithm, it operates on
64bit numbers. For the vast majority of Zephyr devices, this makes the
PRNG slower than it needs to be. The replacement (xoshiro128++) is
32bit, with no loss in state space (still 128 bit).

Signed-off-by: Jordan Yates <jordan.yates@data61.csiro.au>
2021-08-05 11:24:44 +02:00

31 lines
1.3 KiB
CMake
Raw Blame History

# SPDX-License-Identifier: Apache-2.0
if (CONFIG_ENTROPY_DEVICE_RANDOM_GENERATOR OR
CONFIG_TIMER_RANDOM_GENERATOR OR
CONFIG_XOSHIRO_RANDOM_GENERATOR)
zephyr_library()
zephyr_library_sources_ifdef(CONFIG_USERSPACE rand32_handlers.c)
endif()
if (CONFIG_TEST_RANDOM_GENERATOR)
message(WARNING "
Warning: CONFIG_TEST_RANDOM_GENERATOR is not a truly random generator.
This capability is not secure and it is provided for testing purposes only.
Use it carefully.")
endif()
# XOROSHIRO builds the XOSHIRO implementation because a Kconfig choice cannot
# select another choice as a means of deprecating the symbol. Swapping out the
# implementation lets out-of-tree users still build until the symbol is removed.
zephyr_library_sources_ifdef(CONFIG_TIMER_RANDOM_GENERATOR rand32_timer.c)
zephyr_library_sources_ifdef(CONFIG_XOROSHIRO_RANDOM_GENERATOR rand32_xoshiro128.c)
zephyr_library_sources_ifdef(CONFIG_XOSHIRO_RANDOM_GENERATOR rand32_xoshiro128.c)
zephyr_library_sources_ifdef(CONFIG_CTR_DRBG_CSPRNG_GENERATOR rand32_ctr_drbg.c)
if (CONFIG_ENTROPY_DEVICE_RANDOM_GENERATOR OR CONFIG_HARDWARE_DEVICE_CS_GENERATOR)
zephyr_library_sources(rand32_entropy_device.c)
endif()
if (CONFIG_CTR_DRBG_CSPRNG_GENERATOR)
zephyr_library_link_libraries_ifdef(CONFIG_MBEDTLS mbedTLS)
endif()
View git blame Copy permalink