aboutsummaryrefslogtreecommitdiffhomepage
path: root/src/machine/machine_rp2040_rng.go
diff options
context:
space:
mode:
authorAyke van Laethem <[email protected]>2022-09-15 11:05:56 +0200
committerRon Evans <[email protected]>2022-09-16 14:48:41 +0200
commitd3863f337d7370ef73e9de7d214ff3b8357ecf10 (patch)
tree5e5e366fa8ab98dcc6d4b728cc784d26dda19ce4 /src/machine/machine_rp2040_rng.go
parent5551ec7a1ed9d59764cfdf5a73b23dc40365a6f8 (diff)
downloadtinygo-d3863f337d7370ef73e9de7d214ff3b8357ecf10.tar.gz
tinygo-d3863f337d7370ef73e9de7d214ff3b8357ecf10.zip
rp2040: do not use GetRNG in crypto/rand
The crypto/rand package is used for sensitive cryptographic operations. Do not use the rp2040 RNG for this purpose, because it's not strong enough for cryptography. I think it is _possible_ to make use of the RP2040 RNG to create cryptographically secure pseudo-random numbers, but it needs some entropy calculation and secure hashing (blake2s or so) to make them truly unpredictable.
Diffstat (limited to 'src/machine/machine_rp2040_rng.go')
-rw-r--r--src/machine/machine_rp2040_rng.go4
1 files changed, 4 insertions, 0 deletions
diff --git a/src/machine/machine_rp2040_rng.go b/src/machine/machine_rp2040_rng.go
index 246dadfa8..e300b1abc 100644
--- a/src/machine/machine_rp2040_rng.go
+++ b/src/machine/machine_rp2040_rng.go
@@ -13,6 +13,10 @@ import (
const numberOfCycles = 32
// GetRNG returns 32 bits of semi-random data based on ring oscillator.
+//
+// Unlike some other implementations of GetRNG, these random numbers are not
+// cryptographically secure and must not be used for cryptographic operations
+// (nonces, etc).
func GetRNG() (uint32, error) {
var val uint32
for i := 0; i < 4; i++ {