diff options
| author | Tom Hughes <tomhughes@chromium.org> | 2019-07-24 12:58:02 -0700 |
|---|---|---|
| committer | Commit Bot <commit-bot@chromium.org> | 2019-08-06 01:00:15 +0000 |
| commit | 2cfd12facff02ead45addb10c4dd363402eb8898 (patch) | |
| tree | 6ded7048c91d9646232136787f8e760a725a31b6 /chip | |
| parent | 4e41a88f9e475631652986a116f07e85d848bf3b (diff) | |
| download | chrome-ec-2cfd12facff02ead45addb10c4dd363402eb8898.tar.gz | |
ectool/trng: Add "rand" host command for testing RNG
This host command and corresponding ectool command allows us to generate
random numbers with the MCU's RNG and process the resulting output with
tools to validate the statistical randomness, such as dieharder
(https://webhome.phy.duke.edu/~rgb/General/dieharder.php) and NIST SP
800-22
(https://csrc.nist.gov/publications/detail/sp/800-22/rev-1a/final).
BRANCH=none
BUG=b:124770147
TEST=ectool --name=cros_fp rand 1 > rand.bin; ls -la rand.bin
TEST=ectool --name=cros_fp rand 536 > rand.bin; ls -la rand.bin
TEST=ectool --name=cros_fp rand 537 > rand.bin; ls -la rand.bin
TEST=ectool --name=cros_fp rand 99999999999999999999999999
Change-Id: Ic0bda4deae79fc7465671dcacfe8bbc9a066b5e5
Signed-off-by: Tom Hughes <tomhughes@chromium.org>
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/ec/+/1726822
Reviewed-by: Aseda Aboagye <aaboagye@chromium.org>
Diffstat (limited to 'chip')
| -rw-r--r-- | chip/stm32/trng.c | 36 |
1 files changed, 34 insertions, 2 deletions
diff --git a/chip/stm32/trng.c b/chip/stm32/trng.c index 94cfab995e..a5087df666 100644 --- a/chip/stm32/trng.c +++ b/chip/stm32/trng.c @@ -7,8 +7,10 @@ #include "common.h" #include "console.h" +#include "host_command.h" #include "panic.h" #include "registers.h" +#include "system.h" #include "task.h" #include "trng.h" #include "util.h" @@ -95,7 +97,12 @@ test_mockable void exit_trng(void) #endif } -#ifdef CONFIG_CMD_RAND +#if defined(CONFIG_CMD_RAND) +/* + * We want to avoid accidentally exposing debug commands in RO since we can't + * update RO once in production. + */ +#if defined(SECTION_IS_RW) static int command_rand(int argc, char **argv) { uint8_t data[32]; @@ -110,4 +117,29 @@ static int command_rand(int argc, char **argv) } DECLARE_CONSOLE_COMMAND(rand, command_rand, NULL, "Output random bytes to console."); -#endif + +static int host_command_rand(struct host_cmd_handler_args *args) +{ + const struct ec_params_rand_num *p = args->params; + struct ec_response_rand_num *r = args->response; + uint16_t num_rand_bytes = p->num_rand_bytes; + + if (system_is_locked()) + return EC_RES_ACCESS_DENIED; + + if (num_rand_bytes > args->response_max) + return EC_RES_OVERFLOW; + + init_trng(); + rand_bytes(r->rand, num_rand_bytes); + exit_trng(); + + args->response_size = num_rand_bytes; + + return EC_SUCCESS; +} + +DECLARE_HOST_COMMAND(EC_CMD_RAND_NUM, host_command_rand, + EC_VER_MASK(EC_VER_RAND_NUM)); +#endif /* SECTION_IS_RW */ +#endif /* CONFIG_CMD_RAND */ |