Fail hard if no random bytes available for encryption (#3067)

This commit is contained in:
Oxan van Leeuwen 2022-01-18 02:29:57 +01:00 committed by GitHub
parent db21731b14
commit 737188ae50
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
3 changed files with 11 additions and 6 deletions

View File

@ -1,6 +1,7 @@
#include "api_frame_helper.h"
#include "esphome/core/log.h"
#include "esphome/core/hal.h"
#include "esphome/core/helpers.h"
#include "proto.h"
#include <cstring>
@ -721,7 +722,12 @@ APIError APINoiseFrameHelper::shutdown(int how) {
}
extern "C" {
// declare how noise generates random bytes (here with a good HWRNG based on the RF system)
void noise_rand_bytes(void *output, size_t len) { esphome::random_bytes(reinterpret_cast<uint8_t *>(output), len); }
void noise_rand_bytes(void *output, size_t len) {
if (!esphome::random_bytes(reinterpret_cast<uint8_t *>(output), len)) {
ESP_LOGE(TAG, "Failed to acquire random bytes, rebooting!");
arch_restart();
}
}
}
#endif // USE_API_NOISE

View File

@ -287,13 +287,12 @@ uint32_t random_uint32() {
#endif
}
float random_float() { return static_cast<float>(random_uint32()) / static_cast<float>(UINT32_MAX); }
void random_bytes(uint8_t *data, size_t len) {
bool random_bytes(uint8_t *data, size_t len) {
#ifdef USE_ESP32
esp_fill_random(data, len);
return true;
#elif defined(USE_ESP8266)
if (os_get_random(data, len) != 0) {
ESP_LOGE(TAG, "Failed to generate random bytes!");
}
return os_get_random(data, len) == 0;
#else
#error "No random source available for this configuration."
#endif

View File

@ -311,7 +311,7 @@ uint32_t random_uint32();
/// Return a random float between 0 and 1.
float random_float();
/// Generate \p len number of random bytes.
void random_bytes(uint8_t *data, size_t len);
bool random_bytes(uint8_t *data, size_t len);
///@}