NanoCrypto external entropy injection
This section describes three different ways to inject external entropy for the random number generator.
API usage with user-provided entropy source
Build flags
The following build flag must not be defined:
__DISABLE_MOCANA_ADD_ENTROPY__
Sample code
status = RANDOM_setEntropySource(ENTROPY_SRC_EXTERNAL); if (OK != status) goto err; status = MOCANA_initMocana(); if (OK != status) goto err; /* Repeat to add more entropy. User must add 48 full bytes of entropy before it is injected into the context via a reseed operation */ status = MOCANA_addEntropy32Bits(entropyBytes); if (OK != status) goto err; /* g_pRandomContext has been seeded with the External Entropy. This context is good for 2^48 requests before a reseed is needed. */
Use /dev/random
as the external entropy source in MOCANA_initMocana
The MOCANA_initMocana()
function internally invokes the Mocana_addExternalEntropy
method to use /dev/random
as the entropy source.
Build flags
The following build flags must be defined:
__MOCANA_FORCE_ENTROPY__
__RTOS_LINUX__
or__RTOS_VXWORKS__
The following build flag must not be defined:
__DISABLE_MOCANA_ADD_ENTROPY__
Provide external entropy material via user-defined function
The MOCANA_initMocana()
function internally invokes the user defined function MOCANA_CUSTOM_getEntropy()
. The function implementation must fill the provided buffer with adequate entropy material for a full re-seed. By default, 48 bytes of entropy are required for a re-seed. If less than 48 bytes are provided, a re-seed is not triggered.
The integrator must implement the MOCANA_CUSTOM_getEntropy()
function located in the source file mss/src/examples/custom_entropy.c
.
Build flags
The following build flags must be defined:
__ENABLE_MOCANA_CUSTOM_ENTROPY_INJECT__
__RTOS_LINUX__
or__RTOS_VXWORKS__
The following build flag must not be defined:
__DISABLE_MOCANA_ADD_ENTROPY__