diff options
author | Ayke van Laethem <[email protected]> | 2022-09-15 11:05:56 +0200 |
---|---|---|
committer | Ron Evans <[email protected]> | 2022-09-16 14:48:41 +0200 |
commit | d3863f337d7370ef73e9de7d214ff3b8357ecf10 (patch) | |
tree | 5e5e366fa8ab98dcc6d4b728cc784d26dda19ce4 /src/machine/machine_rp2040_rng.go | |
parent | 5551ec7a1ed9d59764cfdf5a73b23dc40365a6f8 (diff) | |
download | tinygo-d3863f337d7370ef73e9de7d214ff3b8357ecf10.tar.gz tinygo-d3863f337d7370ef73e9de7d214ff3b8357ecf10.zip |
rp2040: do not use GetRNG in crypto/rand
The crypto/rand package is used for sensitive cryptographic operations.
Do not use the rp2040 RNG for this purpose, because it's not strong
enough for cryptography.
I think it is _possible_ to make use of the RP2040 RNG to create
cryptographically secure pseudo-random numbers, but it needs some
entropy calculation and secure hashing (blake2s or so) to make them
truly unpredictable.
Diffstat (limited to 'src/machine/machine_rp2040_rng.go')
-rw-r--r-- | src/machine/machine_rp2040_rng.go | 4 |
1 files changed, 4 insertions, 0 deletions
diff --git a/src/machine/machine_rp2040_rng.go b/src/machine/machine_rp2040_rng.go index 246dadfa8..e300b1abc 100644 --- a/src/machine/machine_rp2040_rng.go +++ b/src/machine/machine_rp2040_rng.go @@ -13,6 +13,10 @@ import ( const numberOfCycles = 32 // GetRNG returns 32 bits of semi-random data based on ring oscillator. +// +// Unlike some other implementations of GetRNG, these random numbers are not +// cryptographically secure and must not be used for cryptographic operations +// (nonces, etc). func GetRNG() (uint32, error) { var val uint32 for i := 0; i < 4; i++ { |