esp-idf/components/esp32/hw_random.c
Angus Gratton 63e9806d85 esp_random: XOR the RNG register value several times before returning it
Probably unnecessary, but avoids returning internal RNG state as-is.
2017-01-04 17:07:12 +11:00

48 lines
1.7 KiB
C

// Copyright 2016 Espressif Systems (Shanghai) PTE LTD
//
// Licensed under the Apache License, Version 2.0 (the "License");
// you may not use this file except in compliance with the License.
// You may obtain a copy of the License at
//
// http://www.apache.org/licenses/LICENSE-2.0
//
// Unless required by applicable law or agreed to in writing, software
// distributed under the License is distributed on an "AS IS" BASIS,
// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
// See the License for the specific language governing permissions and
// limitations under the License.
#include <stdint.h>
#include <stddef.h>
#include <string.h>
#include "esp_attr.h"
#include "soc/wdev_reg.h"
#include "freertos/FreeRTOSConfig.h"
#include "xtensa/core-macros.h"
uint32_t IRAM_ATTR esp_random(void)
{
/* The PRNG which implements WDEV_RANDOM register gets 2 bits
* of extra entropy from a hardware randomness source every APB clock cycle.
* To make sure entropy is not drained faster than it is added,
* this function needs to wait for at least 16 APB clock cycles after reading
* previous word. This implementation may actually wait a bit longer
* due to extra time spent in arithmetic and branch statements.
*
* As a (probably unncessary) precaution to avoid returning the
* RNG state as-is, the result is XORed with additional
* WDEV_RND_REG reads while waiting.
*/
static uint32_t last_ccount = 0;
uint32_t ccount;
uint32_t result = 0;
do {
ccount = XTHAL_GET_CCOUNT();
result ^= REG_READ(WDEV_RND_REG);
} while (ccount - last_ccount < XT_CLOCK_FREQ / APB_CLK_FREQ * 16);
last_ccount = ccount;
return result ^ REG_READ(WDEV_RND_REG);
}