From 9467c8951a01f58e1d50e163fbedc85370786981 Mon Sep 17 00:00:00 2001 From: UnknownShadow200 Date: Tue, 17 Dec 2024 19:50:39 +1100 Subject: [PATCH] WIP on implementing entropy generation --- src/Platform_3DS.c | 5 +++++ src/Platform_Posix.c | 8 +++++++- src/SSL.c | 17 +++-------------- src/_PlatformConsole.h | 2 ++ 4 files changed, 17 insertions(+), 15 deletions(-) diff --git a/src/Platform_3DS.c b/src/Platform_3DS.c index d0d50ba91..c9f422336 100644 --- a/src/Platform_3DS.c +++ b/src/Platform_3DS.c @@ -459,4 +459,9 @@ static cc_result GetMachineID(cc_uint32* key) { Mem_Copy(key, MACHINE_KEY, sizeof(MACHINE_KEY) - 1); return 0; } + +cc_result Platform_GetEntropy(void* data, int len) { + return PS_GenerateRandomBytes(data, len); + // NOTE: PS_GenerateRandomBytes isn't implemented in Citra +} #endif diff --git a/src/Platform_Posix.c b/src/Platform_Posix.c index cfd0e0c39..177422fb7 100644 --- a/src/Platform_Posix.c +++ b/src/Platform_Posix.c @@ -1605,7 +1605,13 @@ cc_result Platform_Decrypt(const void* data, int len, cc_string* dst) { } cc_result Platform_GetEntropy(void* data, int len) { - return ERR_NOT_SUPPORTED; + int fd = open("/dev/urandom", O_RDONLY); + if (fd < 0) return ERR_NOT_SUPPORTED; + + // TODO: check return code? and partial reads? + read(fd, data, len); + close(fd); + return 0; } diff --git a/src/SSL.c b/src/SSL.c index 12369d574..77cf9b3ac 100644 --- a/src/SSL.c +++ b/src/SSL.c @@ -446,24 +446,13 @@ cc_bool SSLBackend_DescribeError(cc_result res, cc_string* dst) { return false; // TODO: error codes } -#if defined CC_BUILD_3DS -#include <3ds.h> static void InjectEntropy(SSLContext* ctx) { char buf[32]; - PS_GenerateRandomBytes(buf, 32); - // NOTE: PS_GenerateRandomBytes isn't implemented in Citra - + cc_result res = Platform_GetEntropy(buf, 32); + if (res) Platform_LogConst("SSL: Using insecure uninitialised stack data for entropy"); + br_ssl_engine_inject_entropy(&ctx->sc.eng, buf, 32); } -#else -#warning "Using uninitialised stack data for entropy. This should be replaced with actual cryptographic RNG data" -static void InjectEntropy(SSLContext* ctx) { - char buf[32]; - // TODO: Use actual APIs to retrieve random data - - br_ssl_engine_inject_entropy(&ctx->sc.eng, buf, 32); -} -#endif static void SetCurrentTime(SSLContext* ctx) { cc_uint64 cur = DateTime_CurrentUTC(); diff --git a/src/_PlatformConsole.h b/src/_PlatformConsole.h index 634e2f97f..e42c52e84 100644 --- a/src/_PlatformConsole.h +++ b/src/_PlatformConsole.h @@ -196,6 +196,8 @@ cc_result Platform_Decrypt(const void* data, int len, cc_string* dst) { return 0; } +#ifndef CC_BUILD_3DS cc_result Platform_GetEntropy(void* data, int len) { return ERR_NOT_SUPPORTED; } +#endif