Windows: Use Hardware RNG based on CPU timing jitter "Jitterentropy" by Stephan Mueller as a good alternative to RDRAND (http://www.chronox.de/jent.html, smueller@chronox.de)

author: Mounir IDRASSI <mounir.idrassi@idrix.fr> 2019-02-12 18:49:12 +0100
committer: Mounir IDRASSI <mounir.idrassi@idrix.fr> 2019-02-12 19:06:14 +0100
commit: 86f0fde6e7914f055c5872bf7f2f565cc09977fc (patch)
tree: fea427f46509ccaa1cb77ec233cb2ab41157576e /src/Driver
parent: a5943c07fbc2754e0785cfa3d4645e96ae87b405 (diff)
download: VeraCrypt-86f0fde6e7914f055c5872bf7f2f565cc09977fc.tar.gz
VeraCrypt-86f0fde6e7914f055c5872bf7f2f565cc09977fc.zip
3 files changed, 19 insertions, 1 deletions
diff --git a/src/Driver/Driver.vcxproj b/src/Driver/Driver.vcxproj
index 7104be84..5744934b 100644
--- a/src/Driver/Driver.vcxproj
+++ b/src/Driver/Driver.vcxproj
@@ -196,6 +196,7 @@ BuildDriver.cmd -rebuild -debug -x64 "$(SolutionDir)\Common" "$(SolutionDir)\Cry
     <ClCompile Include="..\Crypto\chacha-xmm.c" />
     <ClCompile Include="..\Crypto\chacha256.c" />
     <ClCompile Include="..\Crypto\chachaRng.c" />
+    <ClCompile Include="..\Crypto\jitterentropy-base.c" />
     <ClCompile Include="..\Crypto\rdrand.c" />
     <ClCompile Include="..\Crypto\SerpentFast.c" />
     <ClCompile Include="..\Crypto\SerpentFast_simd.cpp" />
diff --git a/src/Driver/Driver.vcxproj.filters b/src/Driver/Driver.vcxproj.filters
index 20227b48..a6f5da3c 100644
--- a/src/Driver/Driver.vcxproj.filters
+++ b/src/Driver/Driver.vcxproj.filters
@@ -123,6 +123,9 @@
     <ClCompile Include="..\Crypto\Streebog.c">
       <Filter>Source Files\Crypto</Filter>
     </ClCompile>
+    <ClCompile Include="..\Crypto\jitterentropy-base.c">
+      <Filter>Source Files\Crypto</Filter>
+    </ClCompile>
   </ItemGroup>
   <ItemGroup>
     <None Include="..\Crypto\Aes_hw_cpu.asm">
diff --git a/src/Driver/Ntdriver.c b/src/Driver/Ntdriver.c
index 9719c91b..ba2de477 100644
--- a/src/Driver/Ntdriver.c
+++ b/src/Driver/Ntdriver.c
@@ -32,6 +32,7 @@
 #include "VolumeFilter.h"
 #include "cpu.h"
 #include "rdrand.h"
+#include "jitterentropy.h"
 
 #include <tchar.h>
 #include <initguid.h>
@@ -162,7 +163,7 @@ void GetDriverRandomSeed (unsigned char* pbRandSeed, size_t cbRandSeed)
 	while (cbRandSeed)
 	{	
 		WHIRLPOOL_init (&tctx);
-		// we hash current content of digest buffer which is initialized the first time
+		// we hash current content of digest buffer which is uninitialized the first time
 		WHIRLPOOL_add (digest, WHIRLPOOL_DIGESTSIZE, &tctx);
 
 		// we use various time information as source of entropy
@@ -174,6 +175,19 @@ void GetDriverRandomSeed (unsigned char* pbRandSeed, size_t cbRandSeed)
 		iSeed.QuadPart = KeQueryInterruptTime ();
 		WHIRLPOOL_add ((unsigned char *) &(iSeed.QuadPart), sizeof(iSeed.QuadPart), &tctx);
 
+		/* use JitterEntropy library to get good quality random bytes based on CPU timing jitter */
+		if (0 == jent_entropy_init ())
+		{
+			struct rand_data *ec = jent_entropy_collector_alloc (1, 0);
+			if (ec)
+			{
+				ssize_t rndLen = jent_read_entropy (ec, (char*) digest, sizeof (digest));
+				if (rndLen > 0)
+					WHIRLPOOL_add (digest, (unsigned int) rndLen, &tctx);
+				jent_entropy_collector_free (ec);
+			}
+		}
+
 		// use RDSEED or RDRAND from CPU as source of entropy if enabled
 		if (	IsCpuRngEnabled() && 
 			(	(HasRDSEED() && RDSEED_getBytes (digest, sizeof (digest)))
author	Mounir IDRASSI <mounir.idrassi@idrix.fr>	2019-02-12 18:49:12 +0100
committer	Mounir IDRASSI <mounir.idrassi@idrix.fr>	2019-02-12 19:06:14 +0100
commit	86f0fde6e7914f055c5872bf7f2f565cc09977fc (patch)
tree	fea427f46509ccaa1cb77ec233cb2ab41157576e /src/Driver
parent	a5943c07fbc2754e0785cfa3d4645e96ae87b405 (diff)
download	VeraCrypt-86f0fde6e7914f055c5872bf7f2f565cc09977fc.tar.gz VeraCrypt-86f0fde6e7914f055c5872bf7f2f565cc09977fc.zip