New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Is the ESPIDF implementation actually correct? #397
Comments
I also think that we should consider adding support for the |
This issue has more information about
I would expect to at least get an error code in this case. Also, I couldn't find whether they use proper whitening of entropy received from hardware. We probably should work with ESP IDF people to clarify exact guarantees and if necessary maybe ask them to add a separate function for cryptographically secure randomness. |
Looking at espressif/esp-idf#8725 and the ESP-IDF RNG docs, it seems like the only thing we are missing API-wise is a function to check if we are in the "secure configuration" or not, which would basically check that either:
My reading of the docs is that if one of those conditions is true, ESP-IDF guarantees For now we should probably try to convince Espressif to add an Until such a function exists, we should probably just add a warning in the docs that you have to be running ESP-IDF in the secure configuration mentioned above to get cryptographically secure random numbers. Disabling support entirely seems counterproductive as it's not like there's anything better ESP-IDF users can do right now. |
When reviewing the corresponding change to ring, briansmith/ring#1944, I noticed that the implementation in
getrandom
for ESPIDF seems really questionable. The ESPIDF documentation is quite vague on what promises its PRNG is making, especially when the OS isn't fully configured. It also encourages people to use a userspace CSPRNG; it isn't clear if this suggestion is intended to just address performance or security or both.In particular, should the ESPIDF random API considered more of an entropy source, but not a full CSPRNG?
In ring we've taken the approach, temporarily, of using
getrandom
on this OS only if the user opts in with a feature flag that draws attention to this concern.The text was updated successfully, but these errors were encountered: