Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Main update jitter entropy ci test #2242

Draft
wants to merge 10 commits into
base: main
Choose a base branch
from
Draft
Show file tree
Hide file tree
Changes from all commits
Commits
File filter

Filter by extension

Filter by extension

Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
1 change: 1 addition & 0 deletions crypto/fipsmodule/ec/ec_key.c
Original file line number Diff line number Diff line change
Expand Up @@ -333,6 +333,7 @@ int EC_KEY_check_key(const EC_KEY *eckey) {
}

static int EVP_EC_KEY_check_fips(EC_KEY *key) {

uint8_t msg[16] = {0};
size_t msg_len = 16;
int ret = 0;
Expand Down
4 changes: 2 additions & 2 deletions crypto/fipsmodule/rand/cpu_jitter_test.cc
Original file line number Diff line number Diff line change
Expand Up @@ -6,7 +6,7 @@
#include <gtest/gtest.h>

#include "../../test/test_util.h"
#include "../../../third_party/jitterentropy/jitterentropy.h"
#include "../../../third_party/jitterentropy/jitterentropy-library/jitterentropy.h"

// Struct for Jitter entropy collector instance with constructor/desctructor.
struct JitterEC {
Expand Down Expand Up @@ -62,7 +62,7 @@ TEST(CPUJitterEntropyTest, Basic) {
(char*) data1, data_len), data_len);

// Verify that the Jitter library version is v3.4.0.
unsigned int jitter_version = 3040000;
unsigned int jitter_version = 3060100;
EXPECT_EQ(jitter_version, jent_version());
}

Expand Down
2 changes: 1 addition & 1 deletion crypto/fipsmodule/rand/rand.c
Original file line number Diff line number Diff line change
Expand Up @@ -26,7 +26,7 @@
#else
#include <io.h>
#endif
#include "../../../third_party/jitterentropy/jitterentropy.h"
#include "../../../third_party/jitterentropy/jitterentropy-library/jitterentropy.h"
#endif

#include <openssl/chacha.h>
Expand Down
42 changes: 30 additions & 12 deletions third_party/jitterentropy/CMakeLists.txt
Original file line number Diff line number Diff line change
Expand Up @@ -7,22 +7,40 @@
# the same as the source code.

set(JITTER_SOURCES
${AWSLC_SOURCE_DIR}/third_party/jitterentropy/jitterentropy-base.c
${AWSLC_SOURCE_DIR}/third_party/jitterentropy/jitterentropy-gcd.c
${AWSLC_SOURCE_DIR}/third_party/jitterentropy/jitterentropy-health.c
${AWSLC_SOURCE_DIR}/third_party/jitterentropy/jitterentropy-noise.c
${AWSLC_SOURCE_DIR}/third_party/jitterentropy/jitterentropy-sha3.c
${AWSLC_SOURCE_DIR}/third_party/jitterentropy/jitterentropy-timer.c)
${PROJECT_SOURCE_DIR}/third_party/jitterentropy/jitterentropy-library/src/jitterentropy-base.c
${PROJECT_SOURCE_DIR}/third_party/jitterentropy/jitterentropy-library/src/jitterentropy-gcd.c
${PROJECT_SOURCE_DIR}/third_party/jitterentropy/jitterentropy-library/src/jitterentropy-health.c
${PROJECT_SOURCE_DIR}/third_party/jitterentropy/jitterentropy-library/src/jitterentropy-noise.c
${PROJECT_SOURCE_DIR}/third_party/jitterentropy/jitterentropy-library/src/jitterentropy-sha3.c
${PROJECT_SOURCE_DIR}/third_party/jitterentropy/jitterentropy-library/src/jitterentropy-timer.c)

include_directories(${AWSLC_SOURCE_DIR}/include)
include_directories(${PROJECT_SOURCE_DIR}/include)

if(MSVC)
set(JITTER_COMPILE_FLAGS "/Od /W4 /DYNAMICBASE /DAWSLC")
if(WIN32)
if(MSVC)
set(JITTER_COMPILE_FLAGS "/Od /W4 /DYNAMICBASE /DAWSLC")
else()
set(JITTER_COMPILE_FLAGS "-DAWSLC -fwrapv --param ssp-buffer-size=4 -fvisibility=hidden -Wcast-align -Wmissing-field-initializers -Wshadow -Wswitch-enum -Wextra -Wall -pedantic -O0 -fwrapv -Wconversion")
endif()
else()
set(JITTER_COMPILE_FLAGS "-DAWSLC -fwrapv --param ssp-buffer-size=4 -fvisibility=hidden -fPIE -Wcast-align -Wmissing-field-initializers -Wshadow -Wswitch-enum -Wextra -Wall -pedantic -fPIC -O0 -fwrapv -Wconversion")
set(CMAKE_POSITION_INDEPENDENT_CODE true)
set(JITTER_COMPILE_FLAGS "-DAWSLC -fwrapv --param ssp-buffer-size=4 -fvisibility=hidden -Wcast-align -Wmissing-field-initializers -Wshadow -Wswitch-enum -Wextra -Wall -pedantic -O0 -fwrapv")
if ((NOT GCC) OR (GCC AND CMAKE_C_COMPILER_VERSION VERSION_GREATER "4.3"))
# -Wconversion was changed from GCC version 4.3. Prior it was meant as
# an aid in translating code from old C to modern C. It was not meant
# to help detect troublesome implicit conversions.
# https://gcc.gnu.org/wiki/NewWconversion.
set(JITTER_COMPILE_FLAGS "${JITTER_COMPILE_FLAGS} -Wconversion")
endif()
endif()

set_source_files_properties(${JITTER_SOURCES} PROPERTIES COMPILE_FLAGS ${JITTER_COMPILE_FLAGS})
if(BORINGSSL_PREFIX)
set(JITTER_ENETROPY_PREFIX_INCLUDE "--include=${PROJECT_BINARY_DIR}/symbol_prefix_include/openssl/boringssl_prefix_symbols.h")
endif()

set(JITTER_COMPILE_FLAGS "${JITTER_COMPILE_FLAGS} ${JITTER_ENETROPY_PREFIX_INCLUDE}")

set_source_files_properties(${JITTER_SOURCES} PROPERTIES COMPILE_FLAGS "${JITTER_COMPILE_FLAGS}")
add_library(jitterentropy OBJECT ${JITTER_SOURCES})
add_dependencies(jitterentropy boringssl_prefix_symbols)
target_include_directories(jitterentropy BEFORE PRIVATE ${AWSLC_BINARY_DIR}/symbol_prefix_include)
target_include_directories(jitterentropy BEFORE PRIVATE ${PROJECT_SOURCE_DIR}/third_party/jitterentropy/jitterentropy-library)
5 changes: 5 additions & 0 deletions third_party/jitterentropy/META.yml
Original file line number Diff line number Diff line change
@@ -0,0 +1,5 @@
name: jitterentropy-library
source: smuellerDD/jitterentropy-library.git
commit: 2d814a4f9c00b6d12966f2b8781df6feeff9c6fc
target: master
imported-at: 2025-03-05T11:07:30-0800
68 changes: 68 additions & 0 deletions third_party/jitterentropy/import.sh
Original file line number Diff line number Diff line change
@@ -0,0 +1,68 @@
#!/bin/bash -xu

# Copyright Amazon.com, Inc. or its affiliates. All Rights Reserved.
# SPDX-License-Identifier: Apache-2.0 OR ISC

#
# https://github.com/smuellerDD/jitterentropy-library -> AWS-LC importer script
#
# This script imports a version of Jitter Entropy source into AWS-LC.
#
# Usage:
#
# ```
# rm -rf ./jitterentropy-library
# ./import.sh
# ```
#
# This imports Jitter Entroopy from https://github.com/smuellerDD/jitterentropy-library
# and leaves import meta data in META.yml.
#
# If you want to import a specific branch/tag or from a specific repository
# either GITHUB_TARGET or GITHUB_REPOSITORY as below:
#
# ```
# GITHUB_REPOSITORY=<repo owner>/<repo name> GITHUB_TARGET=<branch or tag> ./import.sh
# ```

GITHUB_SERVER_URL="https://github.com/"
GITHUB_REPOSITORY=${GITHUB_REPOSITORY:=smuellerDD/jitterentropy-library.git}
GITHUB_TARGET=${GITHUB_TARGET:=master}

SRC="jitterentropy-library"
TMP="TEMP_CAN_DELETE"

# Check if source directory already exists
if [ -d "${SRC}" ]; then
echo "Source directory or symlink ${SRC} does already exist -- please remove it before re-running the importer"
exit 1
fi

mkdir ${TMP}

echo "Fetching repository ..."
git clone ${GITHUB_SERVER_URL}/${GITHUB_REPOSITORY} ${TMP} --branch ${GITHUB_TARGET} --single-branch >/dev/null
GITHUB_COMMIT=$(cd ${TMP} >/dev/null; git rev-parse HEAD)

echo "Copy source code ..."
mkdir ${SRC}
cp -r ${TMP}/* ${SRC}

echo "Remove temporary artifacts ..."
rm -rf ${TMP}

# Remove upstream repo build scripts from being invoked.
rm "${SRC}/CMakeLists.txt"
rm "${SRC}/Makefile"

# submodule path might be cached
git rm --cached third_party/jitterentropy/jitterentropy-library/tests/raw-entropy/recording_userspace/jitterentrop | true

echo "Generating META.yml file ..."
cat <<EOF > META.yml
name: ${SRC}
source: ${GITHUB_REPOSITORY}
commit: ${GITHUB_COMMIT}
target: ${GITHUB_TARGET}
imported-at: $(date "+%Y-%m-%dT%H:%M:%S%z")
EOF
135 changes: 135 additions & 0 deletions third_party/jitterentropy/jitterentropy-library/CHANGES.md
Original file line number Diff line number Diff line change
@@ -0,0 +1,135 @@
3.6.2
* Fix RCT re-initialization in jent_read_entropy_safe (thanks to Joshua Hill for pointing this out)

3.6.1
* Add more test code
* Add support for SunPRO compiler
* Fix compilation on OpenBSD by replacing sed with tr
* internal timer: Add support for Apple
* Various small fixes to compilation to imporve portability

3.6.0
* Remove bi-modal behavior of conditioning function
* Make jent_read_entropy_safe safer by retrying the health test
* Move the version information to make them available at compile time

3.5.0
* add distinction between intermittent and permanent health failure

* add compile time option to allow configuring a mask to reduce the size of
the time stamp used for the APT

3.4.1
* add FIPS 140 hints to man page
* simplify the test tool to search for optimal configurations
* fix: jent_loop_shuffle: re-add setting the time that was lost with 3.4.0
* enhancement: add ARM64 assembler code to read high-res timer

3.4.0
* enhancement: add API call jent_set_fips_failure_callback as requested by Daniel Ojalvo
* fix: Change the SHA-3 integration: The entropy pool is now a SHA-3 state.
It is filled with the time delta containing entropy and auxiliary data that does not contain entropy using a SHA update operation. The auxiliary data is calculated by a SHA-3 hashing of some varying state data. The time delta that contains entropy is measured about the SHA-3 hasing of the auxiliary data. This satisfies FIPS 140-3 IG D.K resolutions 4, 6, and 8.
* enhancement: add CMake support by Andrew Hopkins

3.3.1
* fix: bug fix in initialization logic by Vladis Dronov <vdronov@redhat.com>
* fix: use __asm__ instead of asm to suit the C11 standard

3.3.0
* add jent_get_cachesize if _SC_LEVEL1_DCACHE_SIZE is not defined
* limit the memory buffer size allocated and allow caller to provide
the means to provide a limit, too
* fix: update man page
* update README explaining how to handle entropy shortfall to make it consistent with the current code base

3.2.0
* fix: add API call jent_read_entropy_safe to header file
* enhancement: add jent_entropy_init_ex API call
* enhancement: call jent_entropy_init_ex automatically when jent_entropy_collector_alloc_internal detects that no self test has yet been performed
* test: provide jitterentropy-rng test tool allowing all options exported by the library to be invoked
* fix: re-add check of time_backwards in power-on test
* fix: silence static code analysis tool
* test: add test for GCD
* enhancement: add GCD selftest
* fix: simplify memory management for SHA-3
* enhancement: add random memory access (JENT_RANDOM_MEMACCESS)

3.1.0
* Add link call to pthreads library as suggested by Mikhail Novosyolov
* Add ENTROPY_SAFETY_FACTOR to apply consideration of asymptotically reaching
full entropy following SP800-90C suggested by Joshua Hill
* Add test for finiding more entropy by changing the memory buffer size
used for the memory access loop
* Increase the memory buffer size to 512 kBytes per default based on
measurements on systems with low entropy.
* Add jent_ncpu() detecting the number of existing CPUs. Only when more than
one CPU is in the system, the internal timer thread is started.
* add GCD testing and analysis suggested by Joshua Hill
* add fixes to APT suggested by Joshua Hill
* add lag predictor health test suggested by Joshua Hill
* add jent_read_entropy_safe API call
* break up jitterentropy-base.c into various smaller code files

3.0.2
* Small fixes suggested by Joshua Hill
* Update the invocation of SHA-3 invocation: each loop iteration defined by the loop shuffle is a self-contained SHA-3 operation. Therefore, the conditioning information is always *one* SHA-3 operation with different time duration.
* add JENT_CONF_DISABLE_LOOP_SHUFFLE config option allowing disabling of the shuffle operation
* Use -O0

3.0.1
* on older GCC versions use -fstack-protector as suggested by Warszawski,
Diego
* prevent creating the internal timer thread if a high-res hardware timer is
found as reported by Lonnie Abelbeck

3.0.0
* use RDTSC on x86 directly instead of clock_gettime
* use SHA-3 instead of LFSR
* add internal high-resolution timer support

2.2.0
* SP800-90B compliance: Add RCT runtime health test
* SP800-90B compliance: Add Chi-Squared runtime health test as a replacement
for the adaptive proportion test
* SP800-90B compliance: Increase initial entropy test to 1024 rounds
* SP800-90B compliance: Invoke runtime health tests during initialization
* remove FIPS 140-2 continuous self test (RCT covers the requirement as per
FIPS 140-2 IG 9.8)
* SP800-90B compliance: Do not mix stuck time deltas into entropy pool

2.1.2:
* Add static library compilation thanks to Neil Horman
* Initialize variable ec to satisfy valgrind as suggested by Steve Grubb
* Add cross-compilation support suggested by Lonnie Abelbeck

2.1.1:
* Fix implementation of mathematical properties.

2.1.0:
* Convert all __[u|s][32|64] into [uint|int][32|64]_t
* Remove all code protected by #if defined(__KERNEL__) && !defined(MODULE)
* Add JENT_PRIVATE_COMPILE: Enable flag during compile when
compiling a private copy of the Jitter RNG
* Remove unused statistical test code
* Add FIPS 140-2 continuous self test code
* threshold for init-time stuck test configurable with JENT_STUCK_INIT_THRES
during compile time

2.0.1:
* Invcation of stuck test during initalization

2.0.0:
* Replace the XOR folding of a time delta with an LFSR -- the use of an
LFSR is mathematically more sound for the argument to maintain entropy

1.2.0:
* Use constant time operation of jent_stir_pool to prevent leaking
timing information about RNG.
* Make it compile on 32 bit archtectures

1.1.0:
* start new numbering schema
* update processing of bit that is deemed holding no entropy by heuristic:
XOR it into pool without LSFR and bit rotation (reported and suggested
by Kevin Fowler <kevpfowler@gmail.com>)

Original file line number Diff line number Diff line change
@@ -1,4 +1,4 @@
Copyright (C) 2017 - 2022, Stephan Mueller <smueller@chronox.de>
Copyright (C) 2017 - 2024, Stephan Mueller <smueller@chronox.de>

Redistribution and use in source and binary forms, with or without
modification, are permitted provided that the following conditions
Expand Down
Original file line number Diff line number Diff line change
@@ -1,16 +1,3 @@
NOTE
=======================================

The source code in this directory is taken from CPU Jitter RNG library
version v3.4.0, available at:
https://github.com/smuellerDD/jitterentropy-library.

The following changes were made to the original source code to integrate
the library with AWS-LC:
* `asm volatile` was changed to `__asm__volatile`

The original README.md file starts below.

Hardware RNG based on CPU timing jitter
=======================================

Expand All @@ -23,7 +10,7 @@ The implementation of the Jitter RNG is independent of any operating system.
As such, it could even run on baremetal without any operating system.

The design of the RNG is given in the documentation found in at
http://www.chronox.de/jent.html . This documentation also covers the full
http://www.chronox.de/jent . This documentation also covers the full
assessment of the SP800-90B compliance as well as all required test code.

API
Expand Down
21 changes: 21 additions & 0 deletions third_party/jitterentropy/jitterentropy-library/SECURITY.md
Original file line number Diff line number Diff line change
@@ -0,0 +1,21 @@
# Security Issues

The following list tries to enumerate all security issues on a best-effort
basis.

# Reporting Of Issues

If you detect any new security issues, please file a bug report or send
a private email to <smueller@chronox.de>.

## 2024-12-30

The API call `jent_read_entropy_safe` contains the logic to transparently handle
intermittent health test errors by reallocating a new Jitter RNG entropy
collector handle and increasing the OSR as well as the memory usage. During that
reallocation, the currently observed APT and RCT counter values are copied info
the new handle. That copy operation contains an failure for the RCT which
effectively disabled the RCT for all newly allocated entropy collector
instances - the other health tests as well as the Jitter RNG itself operates
still as expected with the newly allocated entropy collector instances. Thanks
to Joshua Hill for pointing this issue out.
Original file line number Diff line number Diff line change
@@ -0,0 +1,34 @@
# Copyright (C) 2009 The Android Open Source Project
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# You may obtain a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS,
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.
#
LOCAL_PATH := $(call my-dir)

include $(CLEAR_VARS)

LOCAL_MODULE := jitterentropy
LOCAL_CFLAGS := -O0 -DCRYPTO_CPU_JITTERENTROPY_STAT
LOCAL_SRC_FILES := jitterentropy-base.c jitterentropy-stat.c jitterentropy-foldtime.c

# compile into a shared library that can be pulled into an APK
LOCAL_STATIC_LIBRARIES := android_native_app_glue
include $(BUILD_SHARED_LIBRARY)
$(call import-module,android/native_app_glue)

# compilation of a standalone-binary that must be manually moved to
# Android /data partition for execution.
#include $(BUILD_EXECUTABLE)

# compilation of the CPU Jitter RNG app
#LOCAL_SRC_FILES := jitterentropy-base.c jitterentropy-main-user.c

Loading
Loading