security/manager/boot/src/nsEntropyCollector.cpp@b8a032363ba2
security/manager/boot/src/nsEntropyCollector.cpp
Thu, 22 Jan 2015 13:21:57 +0100
- author
- Michael Schloh von Bennewitz <michael@schloh.com>
- date
- Thu, 22 Jan 2015 13:21:57 +0100
- branch
- TOR_BUG_9701
- changeset 15
- b8a032363ba2
- permissions
- -rw-r--r--
Incorporate requested changes from Mozilla in review:
https://bugzilla.mozilla.org/show_bug.cgi?id=1123480#c6
1 /* -*- Mode: C++; tab-width: 2; indent-tabs-mode: nil; c-basic-offset: 2 -*- */
2 /* This Source Code Form is subject to the terms of the Mozilla Public
3 * License, v. 2.0. If a copy of the MPL was not distributed with this
4 * file, You can obtain one at http://mozilla.org/MPL/2.0/. */
6 #include "prlog.h"
7 #include "nsEntropyCollector.h"
8 #include "nsAlgorithm.h"
9 #include <algorithm>
11 nsEntropyCollector::nsEntropyCollector()
12 :mBytesCollected(0), mWritePointer(mEntropyCache)
13 {
14 // We could use the uninitialized memory in mEntropyCache as initial
15 // random data, but that means (if any entropy is collected before NSS
16 // initialization and then forwarded) that we'll get warnings from
17 // tools like valgrind for every later operation that depends on the
18 // entropy.
19 memset(mEntropyCache, 0, sizeof(mEntropyCache));
20 }
22 nsEntropyCollector::~nsEntropyCollector()
23 {
24 }
26 NS_IMPL_ISUPPORTS(nsEntropyCollector,
27 nsIEntropyCollector,
28 nsIBufEntropyCollector)
30 NS_IMETHODIMP
31 nsEntropyCollector::RandomUpdate(void *new_entropy, int32_t bufLen)
32 {
33 if (bufLen > 0) {
34 if (mForwardTarget) {
35 return mForwardTarget->RandomUpdate(new_entropy, bufLen);
36 }
37 else {
38 const unsigned char *InputPointer = (const unsigned char *)new_entropy;
39 const unsigned char *PastEndPointer = mEntropyCache + entropy_buffer_size;
41 // if the input is large, we only take as much as we can store
42 int32_t bytes_wanted = std::min(bufLen, int32_t(entropy_buffer_size));
44 // remember the number of bytes we will have after storing new_entropy
45 mBytesCollected = std::min(int32_t(entropy_buffer_size),
46 mBytesCollected + bytes_wanted);
48 // as the above statements limit bytes_wanted to the entropy_buffer_size,
49 // this loop will iterate at most twice.
50 while (bytes_wanted > 0) {
52 // how many bytes to end of cyclic buffer?
53 const int32_t space_to_end = PastEndPointer - mWritePointer;
55 // how many bytes can we copy, not reaching the end of the buffer?
56 const int32_t this_time = std::min(space_to_end, bytes_wanted);
58 // copy at most to the end of the cyclic buffer
59 for (int32_t i = 0; i < this_time; ++i) {
61 unsigned int old = *mWritePointer;
63 // combine new and old value already stored in buffer
64 // this logic comes from PSM 1
65 *mWritePointer++ = ((old << 1) | (old >> 7)) ^ *InputPointer++;
66 }
68 PR_ASSERT(mWritePointer <= PastEndPointer);
69 PR_ASSERT(mWritePointer >= mEntropyCache);
71 // have we arrived at the end of the buffer?
72 if (PastEndPointer == mWritePointer) {
73 // reset write pointer back to begining of our buffer
74 mWritePointer = mEntropyCache;
75 }
77 // subtract the number of bytes we have already copied
78 bytes_wanted -= this_time;
79 }
80 }
81 }
83 return NS_OK;
84 }
86 NS_IMETHODIMP
87 nsEntropyCollector::ForwardTo(nsIEntropyCollector *aCollector)
88 {
89 NS_PRECONDITION(!mForwardTarget, "|ForwardTo| should only be called once.");
91 mForwardTarget = aCollector;
92 mForwardTarget->RandomUpdate(mEntropyCache, mBytesCollected);
93 mBytesCollected = 0;
95 return NS_OK;
96 }
98 NS_IMETHODIMP
99 nsEntropyCollector::DontForward()
100 {
101 mForwardTarget = nullptr;
102 return NS_OK;
103 }
