From patchwork Fri Dec  9 00:18:23 2016
Content-Type: text/plain; charset="utf-8"
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
X-Patchwork-Submitter: Bill Fischofer <bill.fischofer@linaro.org>
X-Patchwork-Id: 87355
Delivered-To: patch@linaro.org
Received: by 10.140.20.101 with SMTP id 92csp49507qgi;
 Thu, 8 Dec 2016 16:18:40 -0800 (PST)
X-Received: by 10.55.5.65 with SMTP id 62mr66674073qkf.308.1481242719951;
 Thu, 08 Dec 2016 16:18:39 -0800 (PST)
Return-Path: <lng-odp-bounces@lists.linaro.org>
Received: from lists.linaro.org (lists.linaro.org. [54.225.227.206])
 by mx.google.com with ESMTP id
 e30si18616110qtd.47.2016.12.08.16.18.39; 
 Thu, 08 Dec 2016 16:18:39 -0800 (PST)
Received-SPF: pass (google.com: domain of lng-odp-bounces@lists.linaro.org
 designates 54.225.227.206 as permitted sender)
 client-ip=54.225.227.206; 
Authentication-Results: mx.google.com;
 spf=pass (google.com: domain of lng-odp-bounces@lists.linaro.org
 designates 54.225.227.206 as permitted sender)
 smtp.mailfrom=lng-odp-bounces@lists.linaro.org; 
 dmarc=pass (p=NONE dis=NONE) header.from=linaro.org
Received: by lists.linaro.org (Postfix, from userid 109)
 id 0613F6368E; Fri,  9 Dec 2016 00:18:38 +0000 (UTC)
X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on ip-10-142-244-252
X-Spam-Level: 
X-Spam-Status: No, score=-1.9 required=5.0 tests=BAYES_00, RCVD_IN_DNSWL_NONE, 
 RCVD_IN_MSPIKE_H3,
 RCVD_IN_MSPIKE_WL autolearn=disabled version=3.4.0
Received: from [127.0.0.1] (localhost [127.0.0.1])
 by lists.linaro.org (Postfix) with ESMTP id D6FAE63686;
 Fri,  9 Dec 2016 00:18:32 +0000 (UTC)
X-Original-To: lng-odp@lists.linaro.org
Delivered-To: lng-odp@lists.linaro.org
Received: by lists.linaro.org (Postfix, from userid 109)
 id 9169763682; Fri,  9 Dec 2016 00:18:29 +0000 (UTC)
Received: from mail-oi0-f53.google.com (mail-oi0-f53.google.com
 [209.85.218.53])
 by lists.linaro.org (Postfix) with ESMTPS id 4E85263682
 for <lng-odp@lists.linaro.org>; Fri,  9 Dec 2016 00:18:28 +0000 (UTC)
Received: by mail-oi0-f53.google.com with SMTP id v84so2714698oie.3
 for <lng-odp@lists.linaro.org>; Thu, 08 Dec 2016 16:18:28 -0800 (PST)
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
 d=1e100.net; s=20130820;
 h=x-gm-message-state:from:to:cc:subject:date:message-id;
 bh=H9jJucmcwQ2oyUJnpq5XZWZJwgL/S6h5EBQZNKr07wc=;
 b=muLkYSQCBMDMaNNBDRAfn6YjVs164/WSj0y+wyrrmPb+62JWhFFLAf1UZysN6hwuM2
 f+au1ncBLUAASpANqbOVTu1PalP2m0lXQKRgvRr9pWh7+W2v/XN3NVXnzJhlPh5wt4Sq
 ZWFTyUBjav7UKp4h81+pwbeINYx32zKJT4+XcODWU6Nz9ZENX/c6Tj4qEbX7jfMsE//S
 EBXgd2jV/Zezp8DMSaV5fSmM1YvbP5lUDDkf8Orc5fpPk2bIx/8RyLgsYG0ZJD8VLu7b
 Vym7eIC88Rbio4RKDp6r5Ehxcdf1VndvKL5Fir9Y5EBL1viCBFR0OOnU59w3G+TX6Qht
 DPzg==
X-Gm-Message-State: AKaTC036DVmV9+/xAr7fLFyi5dI6C5FIpW8r4SXyJTfaJQR5snOcf26aBjdD9w2j9+ZKkBQr8hA=
X-Received: by 10.157.60.168 with SMTP id z37mr41042992otc.129.1481242707550; 
 Thu, 08 Dec 2016 16:18:27 -0800 (PST)
Received: from localhost.localdomain (cpe-70-121-83-241.austin.res.rr.com.
 [70.121.83.241]) by smtp.gmail.com with ESMTPSA id
 j71sm11832201oib.15.2016.12.08.16.18.26
 (version=TLS1_2 cipher=ECDHE-RSA-AES128-SHA bits=128/128);
 Thu, 08 Dec 2016 16:18:26 -0800 (PST)
From: Bill Fischofer <bill.fischofer@linaro.org>
To: lng-odp@lists.linaro.org
Date: Thu,  8 Dec 2016 18:18:23 -0600
Message-Id: <1481242705-3205-1-git-send-email-bill.fischofer@linaro.org>
X-Mailer: git-send-email 2.7.4
Subject: [lng-odp] [API-NEXT PATCHv8 1/3] api: random: add explicit controls
 over random data
X-BeenThere: lng-odp@lists.linaro.org
X-Mailman-Version: 2.1.16
Precedence: list
List-Id: "The OpenDataPlane \(ODP\) List" <lng-odp.lists.linaro.org>
List-Unsubscribe: <https://lists.linaro.org/mailman/options/lng-odp>,
 <mailto:lng-odp-request@lists.linaro.org?subject=unsubscribe>
List-Archive: <http://lists.linaro.org/pipermail/lng-odp/>
List-Post: <mailto:lng-odp@lists.linaro.org>
List-Help: <mailto:lng-odp-request@lists.linaro.org?subject=help>
List-Subscribe: <https://lists.linaro.org/mailman/listinfo/lng-odp>,
 <mailto:lng-odp-request@lists.linaro.org?subject=subscribe>
Errors-To: lng-odp-bounces@lists.linaro.org
Sender: "lng-odp" <lng-odp-bounces@lists.linaro.org>

Rework the odp_random_data() API to replace the use_entropy with an
explicit odp_random_kind parameter that controls the type of random
desired. Two new APIs are also introduced:

- odp_random_max_kind() returns the maximum kind of random data available

- odp_random_test_data() permits applications to generate repeatable
  random sequences for testing purposes

Signed-off-by: Bill Fischofer <bill.fischofer@linaro.org>
---
Changes in v8:
- Clarify random kind hierarchy more explicitly
- Rename odp_random_repeatable_data() to odp_random_test_data()

Changes in v7:
- Clarify hierarchy of random kinds
- Expand on intended use of odp_random_repeatable_data()

Changes in v6:
- Add odp_random_max_kind() API instead of adding this to the
  odp_crypto_capability() API.
- Rename odp_random_seeded_data() to odp_random_repeatable_data()
- Merge API defs, implementation, and validation to preserve bisectability

Changes in v5:
- Change return type from int to int32_t for random APIs

Changes in v4:
- Normalize random API signatures with other ODP APIs
- Add new odp_random_seeded_data() API for repeatable random data generation
- Add additional tests for new odp_random_seeded_data() API
- Break out crypto section of User Guide to its own sub-document
- Add User Guide docuemntation for ODP random data API.

Changes in v3:
- Address commments by Petri
- Rename ODP_RAND_NORMAL to ODP_RANDOM_BASIC to avoid confusion with the
mathematical term "normal"

 include/odp/api/spec/random.h                   | 76 +++++++++++++++++++++++--
 platform/linux-generic/odp_crypto.c             | 50 ++++++++++++++--
 test/common_plat/validation/api/random/random.c | 54 +++++++++++++++++-
 test/common_plat/validation/api/random/random.h |  2 +
 4 files changed, 172 insertions(+), 10 deletions(-)

-- 
2.7.4

diff --git a/include/odp/api/spec/random.h b/include/odp/api/spec/random.h
index 00fa15b..bf1ca4a 100644
--- a/include/odp/api/spec/random.h
+++ b/include/odp/api/spec/random.h
@@ -24,18 +24,86 @@ extern "C" {
  */
 
 /**
+ * Random kind selector
+ *
+ * The kind of random denotes the statistical quality of the random data
+ * returned. Basic random simply appears uniformly distributed, Cryptographic
+ * random is statistically random and suitable for use by cryptographic
+ * functions. True random is generated from a hardware entropy source rather
+ * than an algorithm and is thus completely unpredictable. These form a
+ * hierarchy where higher quality data is presumably more costly to generate
+ * than lower quality data.
+ */
+typedef enum {
+	/** Basic random, presumably pseudo-random generated by SW. This
+	 *  is the lowest kind of random */
+	ODP_RANDOM_BASIC,
+	/** Cryptographic quality random */
+	ODP_RANDOM_CRYPTO,
+	/** True random, generated from a HW entropy source. This is the
+	 *  highest kind of random */
+	ODP_RANDOM_TRUE,
+} odp_random_kind_t;
+
+/**
+ * Query random max kind
+ *
+ * Implementations support the returned max kind and all kinds weaker than it.
+ *
+ * @return kind The maximum odp_random_kind_t supported by this implementation
+ */
+odp_random_kind_t odp_random_max_kind(void);
+
+/**
  * Generate random byte data
  *
+ * The intent in supporting different kinds of random data is to allow
+ * tradeoffs between performance and the quality of random data needed. The
+ * assumption is that basic random is cheap while true random is relatively
+ * expensive in terms of time to generate, with cryptographic random being
+ * something in between. Implementations that support highly efficient true
+ * random are free to use this for all requested kinds. So it is always
+ * permissible to "upgrade" a random data request, but never to "downgrade"
+ * such requests.
+ *
  * @param[out]    buf   Output buffer
- * @param         size  Size of output buffer
- * @param use_entropy   Use entropy
+ * @param         len   Length of output buffer in bytes
+ * @param         kind  Specifies the type of random data required. Request
+ *                      is expected to fail if the implementation is unable to
+ *                      provide the requested type.
+ *
+ * @return Number of bytes written
+ * @retval <0 on failure
+ */
+int32_t odp_random_data(uint8_t *buf, uint32_t len, odp_random_kind_t kind);
+
+/**
+ * Generate repeatable random data for testing purposes
+ *
+ * For testing purposes it is often useful to generate "random" sequences that
+ * are repeatable. This is accomplished by supplying a seed value that is used
+ * for pseudo-random data generation. The caller-provided seed value is
+ * updated for each call to continue the sequence. Restarting a series of
+ * calls with the same initial seed value will generate the same sequence of
+ * random test data.
+ *
+ * This function should be used only for testing purposes. Use
+ * odp_random_data() for production.
  *
- * @todo Define the implication of the use_entropy parameter
+ * @param[out]    buf  Output buffer
+ * @param         len  Length of output buffer in bytes
+ * @param         kind Specifies the type of random data required. Request
+ *                     will fail if the implementation is unable to provide
+ *                     repeatable random of the requested type. This is
+ *                     always true for true random and may be true for
+ *                     cryptographic random.
+ * @param[in,out] seed Seed value to use
  *
  * @return Number of bytes written
  * @retval <0 on failure
  */
-int32_t odp_random_data(uint8_t *buf, int32_t size, odp_bool_t use_entropy);
+int32_t odp_random_test_data(uint8_t *buf, uint32_t len,
+			     odp_random_kind_t kind, uint32_t *seed);
 
 /**
  * @}
diff --git a/platform/linux-generic/odp_crypto.c b/platform/linux-generic/odp_crypto.c
index 7e686ff..b4a5939 100644
--- a/platform/linux-generic/odp_crypto.c
+++ b/platform/linux-generic/odp_crypto.c
@@ -4,6 +4,7 @@
  * SPDX-License-Identifier:     BSD-3-Clause
  */
 
+#include <odp_posix_extensions.h>
 #include <odp/api/crypto.h>
 #include <odp_internal.h>
 #include <odp/api/atomic.h>
@@ -19,6 +20,7 @@
 #include <odp_packet_internal.h>
 
 #include <string.h>
+#include <stdlib.h>
 
 #include <openssl/des.h>
 #include <openssl/rand.h>
@@ -877,12 +879,50 @@ int odp_crypto_term_global(void)
 	return rc;
 }
 
-int32_t
-odp_random_data(uint8_t *buf, int32_t len, odp_bool_t use_entropy ODP_UNUSED)
+odp_random_kind_t odp_random_max_kind(void)
 {
-	int32_t rc;
-	rc = RAND_bytes(buf, len);
-	return (1 == rc) ? len /*success*/: -1 /*failure*/;
+	return ODP_RANDOM_CRYPTO;
+}
+
+int32_t odp_random_data(uint8_t *buf, uint32_t len, odp_random_kind_t kind)
+{
+	int rc;
+
+	switch (kind) {
+	case ODP_RANDOM_BASIC:
+		RAND_pseudo_bytes(buf, len);
+		return len;
+
+	case ODP_RANDOM_CRYPTO:
+		rc = RAND_bytes(buf, len);
+		return (1 == rc) ? (int)len /*success*/: -1 /*failure*/;
+
+	case ODP_RANDOM_TRUE:
+	default:
+		return -1;
+	}
+}
+
+int32_t odp_random_test_data(uint8_t *buf, uint32_t len,
+			     odp_random_kind_t kind, uint32_t *seed)
+{
+	union {
+		uint32_t rand_word;
+		uint8_t rand_byte[4];
+	} u;
+	uint32_t i = 0, j;
+
+	if (kind != ODP_RANDOM_BASIC)
+		return -1;
+
+	while (i < len) {
+		u.rand_word = rand_r(seed);
+
+		for (j = 0; j < 4 && i < len; j++, i++)
+			*buf++ = u.rand_byte[j];
+	}
+
+	return len;
 }
 
 odp_crypto_compl_t odp_crypto_compl_from_event(odp_event_t ev)
diff --git a/test/common_plat/validation/api/random/random.c b/test/common_plat/validation/api/random/random.c
index 7572366..6c3989f 100644
--- a/test/common_plat/validation/api/random/random.c
+++ b/test/common_plat/validation/api/random/random.c
@@ -13,12 +13,64 @@ void random_test_get_size(void)
 	int32_t ret;
 	uint8_t buf[32];
 
-	ret = odp_random_data(buf, sizeof(buf), false);
+	ret = odp_random_data(buf, sizeof(buf), ODP_RANDOM_BASIC);
 	CU_ASSERT(ret == sizeof(buf));
 }
 
+void random_test_kind(void)
+{
+	int32_t rc;
+	uint8_t buf[4096];
+	uint32_t buf_size = sizeof(buf);
+	odp_random_kind_t max_kind = odp_random_max_kind();
+
+	rc = odp_random_data(buf, buf_size, max_kind);
+	CU_ASSERT(rc > 0);
+
+	switch (max_kind) {
+	case ODP_RANDOM_BASIC:
+		rc = odp_random_data(buf, 4, ODP_RANDOM_CRYPTO);
+		CU_ASSERT(rc < 0);
+		/* Fall through */
+
+	case ODP_RANDOM_CRYPTO:
+		rc = odp_random_data(buf, 4, ODP_RANDOM_TRUE);
+		CU_ASSERT(rc < 0);
+		break;
+
+	default:
+		break;
+	}
+}
+
+void random_test_repeat(void)
+{
+	uint8_t buf1[1024];
+	uint8_t buf2[1024];
+	int32_t rc;
+	uint32_t seed1 = 12345897;
+	uint32_t seed2 = seed1;
+
+	rc = odp_random_test_data(buf1, sizeof(buf1),
+				  ODP_RANDOM_BASIC, &seed1);
+	CU_ASSERT(rc == sizeof(buf1));
+
+	rc = odp_random_test_data(buf2, sizeof(buf2),
+				  ODP_RANDOM_BASIC, &seed2);
+
+	CU_ASSERT(rc == sizeof(buf2));
+	CU_ASSERT(seed1 == seed2);
+	CU_ASSERT(memcmp(buf1, buf2, sizeof(buf1)) == 0);
+
+	rc = odp_random_test_data(buf1, sizeof(buf1),
+				  ODP_RANDOM_TRUE, &seed1);
+	CU_ASSERT(rc < 0);
+}
+
 odp_testinfo_t random_suite[] = {
 	ODP_TEST_INFO(random_test_get_size),
+	ODP_TEST_INFO(random_test_kind),
+	ODP_TEST_INFO(random_test_repeat),
 	ODP_TEST_INFO_NULL,
 };
 
diff --git a/test/common_plat/validation/api/random/random.h b/test/common_plat/validation/api/random/random.h
index 26202cc..c4bca78 100644
--- a/test/common_plat/validation/api/random/random.h
+++ b/test/common_plat/validation/api/random/random.h
@@ -11,6 +11,8 @@
 
 /* test functions: */
 void random_test_get_size(void);
+void random_test_kind(void);
+void random_test_repeat(void);
 
 /* test arrays: */
 extern odp_testinfo_t random_suite[];