Inicio Explorar Axuda
Iniciar sesión
wuhanstudio
/
libhydrogen
réplica de https://github-proxy.rt-thread.io/wuhanstudio/libhydrogen.git
2
0
Fork 0
Ficheiros Incidencias 0 Wiki
Rama: master
Ramas Etiquetas
libhydrogen
/
impl
/
random.h

random.h 4.1 KB
Permalink Histórico Raw

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147 
  1. static TLS struct {
    2. 

  2.     _hydro_attr_aligned_(16) uint8_t state[gimli_BLOCKBYTES];
    3. 

  3.     uint64_t counter;
    4. 

  4.     uint8_t  initialized;
    5. 

  5.     uint8_t  available;
    6. 

  6. } hydro_random_context;
    7. 

  7. 

  8. #if defined(AVR) && !defined(__unix__)
    9. 

  9. # include "random/avr.h"
    10. 

  10. #elif (defined(ESP32) || defined(ESP8266)) && !defined(__unix__)
    11. 

  11. # include "random/esp32.h"
    12. 

  12. #elif defined(PARTICLE) && defined(PLATFORM_ID) && PLATFORM_ID > 2 && !defined(__unix__)
    13. 

  13. # include "random/particle.h"
    14. 

  14. #elif (defined(NRF52832_XXAA) || defined(NRF52832_XXAB)) && !defined(__unix__)
    15. 

  15. # include "random/nrf52832.h"
    16. 

  16. #elif defined(_WIN32)
    17. 

  17. # include "random/windows.h"
    18. 

  18. #elif defined(__wasi__)
    19. 

  19. # include "random/wasi.h"
    20. 

  20. #elif defined(__unix__)
    21. 

  21. # include "random/unix.h"
    22. 

  22. #elif defined(TARGET_LIKE_MBED)
    23. 

  23. # include "random/mbed.h"
    24. 

  24. #elif defined(RIOT_VERSION)
    25. 

  25. # include "random/riot.h"
    26. 

  26. #elif defined(STM32F4)
    27. 

  27. # include "random/stm32.h"
    28. 

  28. #elif defined(__RTTHREAD__)
    29. 

  29. # include "random/rtthread.h"
    30. 

  30. #else
    31. 

  31. # error Unsupported platform
    32. 

  32. #endif
    33. 

  33. 

  34. static void
    35. 

  35. hydro_random_ensure_initialized(void)
    36. 

  36. {
    37. 

  37.     if (hydro_random_context.initialized == 0) {
    38. 

  38.         if (hydro_random_init() != 0) {
    39. 

  39.             abort();
    40. 

  40.         }
    41. 

  41.         gimli_core_u8(hydro_random_context.state, 0);
    42. 

  42.         hydro_random_ratchet();
    43. 

  43.         hydro_random_context.initialized = 1;
    44. 

  44.     }
    45. 

  45. }
    46. 

  46. 

  47. void
    48. 

  48. hydro_random_ratchet(void)
    49. 

  49. {
    50. 

  50.     mem_zero(hydro_random_context.state, gimli_RATE);
    51. 

  51.     STORE64_LE(hydro_random_context.state, hydro_random_context.counter);
    52. 

  52.     hydro_random_context.counter++;
    53. 

  53.     gimli_core_u8(hydro_random_context.state, 0);
    54. 

  54.     hydro_random_context.available = gimli_RATE;
    55. 

  55. }
    56. 

  56. 

  57. uint32_t
    58. 

  58. hydro_random_u32(void)
    59. 

  59. {
    60. 

  60.     uint32_t v;
    61. 

  61. 

  62.     hydro_random_ensure_initialized();
    63. 

  63.     if (hydro_random_context.available < 4) {
    64. 

  64.         hydro_random_ratchet();
    65. 

  65.     }
    66. 

  66.     memcpy(&v, &hydro_random_context.state[gimli_RATE - hydro_random_context.available], 4);
    67. 

  67.     hydro_random_context.available -= 4;
    68. 

  68. 

  69.     return v;
    70. 

  70. }
    71. 

  71. 

  72. uint32_t
    73. 

  73. hydro_random_uniform(const uint32_t upper_bound)
    74. 

  74. {
    75. 

  75.     uint32_t min;
    76. 

  76.     uint32_t r;
    77. 

  77. 

  78.     if (upper_bound < 2U) {
    79. 

  79.         return 0;
    80. 

  80.     }
    81. 

  81.     min = (1U + ~upper_bound) % upper_bound; /* = 2**32 mod upper_bound */
    82. 

  82.     do {
    83. 

  83.         r = hydro_random_u32();
    84. 

  84.     } while (r < min);
    85. 

  85.     /* r is now clamped to a set whose size mod upper_bound == 0
    86. 

  86.      * the worst case (2**31+1) requires 2 attempts on average */
    87. 

  87. 

  88.     return r % upper_bound;
    89. 

  89. }
    90. 

  90. 

  91. void
    92. 

  92. hydro_random_buf(void *out, size_t out_len)
    93. 

  93. {
    94. 

  94.     uint8_t *p = (uint8_t *) out;
    95. 

  95.     size_t   i;
    96. 

  96.     size_t   leftover;
    97. 

  97. 

  98.     hydro_random_ensure_initialized();
    99. 

  99.     for (i = 0; i < out_len / gimli_RATE; i++) {
    100. 

  100.         gimli_core_u8(hydro_random_context.state, 0);
    101. 

  101.         memcpy(p + i * gimli_RATE, hydro_random_context.state, gimli_RATE);
    102. 

  102.     }
    103. 

  103.     leftover = out_len % gimli_RATE;
    104. 

  104.     if (leftover != 0) {
    105. 

  105.         gimli_core_u8(hydro_random_context.state, 0);
    106. 

  106.         mem_cpy(p + i * gimli_RATE, hydro_random_context.state, leftover);
    107. 

  107.     }
    108. 

  108.     hydro_random_ratchet();
    109. 

  109. }
    110. 

  110. 

  111. void
    112. 

  112. hydro_random_buf_deterministic(void *out, size_t out_len,
    113. 

  113.                                const uint8_t seed[hydro_random_SEEDBYTES])
    114. 

  114. {
    115. 

  115.     static const uint8_t             prefix[] = { 7, 'd', 'r', 'b', 'g', '2', '5', '6' };
    116. 

  116.     _hydro_attr_aligned_(16) uint8_t state[gimli_BLOCKBYTES];
    117. 

  117.     uint8_t *                        p = (uint8_t *) out;
    118. 

  118.     size_t                           i;
    119. 

  119.     size_t                           leftover;
    120. 

  120. 

  121.     mem_zero(state, gimli_BLOCKBYTES);
    122. 

  122.     COMPILER_ASSERT(sizeof prefix + 8 <= gimli_RATE);
    123. 

  123.     memcpy(state, prefix, sizeof prefix);
    124. 

  124.     STORE64_LE(state + sizeof prefix, (uint64_t) out_len);
    125. 

  125.     gimli_core_u8(state, 1);
    126. 

  126.     COMPILER_ASSERT(hydro_random_SEEDBYTES == gimli_RATE * 2);
    127. 

  127.     mem_xor(state, seed, gimli_RATE);
    128. 

  128.     gimli_core_u8(state, 2);
    129. 

  129.     mem_xor(state, seed + gimli_RATE, gimli_RATE);
    130. 

  130.     gimli_core_u8(state, 2);
    131. 

  131.     for (i = 0; i < out_len / gimli_RATE; i++) {
    132. 

  132.         gimli_core_u8(state, 0);
    133. 

  133.         memcpy(p + i * gimli_RATE, state, gimli_RATE);
    134. 

  134.     }
    135. 

  135.     leftover = out_len % gimli_RATE;
    136. 

  136.     if (leftover != 0) {
    137. 

  137.         gimli_core_u8(state, 0);
    138. 

  138.         mem_cpy(p + i * gimli_RATE, state, leftover);
    139. 

  139.     }
    140. 

  140. }
    141. 

  141. 

  142. void
    143. 

  143. hydro_random_reseed(void)
    144. 

  144. {
    145. 

  145.     hydro_random_context.initialized = 0;
    146. 

  146.     hydro_random_ensure_initialized();
    147. 

  147. }
    148.