Use ECC508 for entropy inject, if available

Author: sandeepmistry

src/BearSSLClient.cpp

@@ -1,5 +1,6 @@
 #include "ArduinoBearSSL.h"
 #include "BearSSLTrustAnchors.h"
+#include "utility/ECC508.h"
 
 #include "BearSSLClient.h"
 
@@ -155,13 +156,15 @@ int BearSSLClient::connectSSL(const char* host)
    */
   br_ssl_engine_set_buffer(&_sc.eng, _iobuf, sizeof(_iobuf), 1);
 
-  // inject (pseudo) entropy in engine
-  #warning "connectSSL: pseudo entropy injected!"
+  // inject entropy in engine
   unsigned char entropy[32];
 
-  for (size_t i = 0; i < sizeof(entropy); i++) {
-    entropy[i] = rand() % 256;
-  }  
+  if (!ECC508.begin() || !ECC508.random(entropy, sizeof(entropy))) {
+    // no ECC508 or random failed, fallback to pseudo random
+    for (size_t i = 0; i < sizeof(entropy); i++) {
+      entropy[i] = random(0, 255);
+    }
+  }
   br_ssl_engine_inject_entropy(&_sc.eng, entropy, sizeof(entropy));
 
   /*

src/utility/ECC508.cpp

@@ -0,0 +1,162 @@
+#include <Arduino.h>
+
+#include "ECC508.h"
+
+ECC508Class::ECC508Class(TwoWire& wire, uint8_t address) :
+  _wire(&wire),
+  _address(address)
+{
+}
+
+ECC508Class::~ECC508Class()
+{
+}
+
+int ECC508Class::begin()
+{
+  _wire->begin();
+  _wire->setClock(100000);
+
+  if (version() != 0x500000) {
+    return 0;
+  }
+
+  return 1;
+}
+
+void ECC508Class::end()
+{
+  _wire->end();
+}
+
+int ECC508Class::random(byte data[], size_t length)
+{
+  if (!wakeup()) {
+    return 0;
+  }
+
+  while (length) {
+    _wire->beginTransmission(_address);
+    _wire->write(0x03);
+    _wire->write(0x07);
+    _wire->write(0x1b);
+    _wire->write(0x00);
+    _wire->write(0x00);
+    _wire->write(0x00);
+    _wire->write(0x24);
+    _wire->write(0xcd);
+    _wire->endTransmission();
+
+    delay(23);
+
+    byte response[32];
+
+    if (!receiveResponse(response, sizeof(response))) {
+      return 0;
+    }
+
+    int copyLength = min(32, length);
+    memcpy(data, response, copyLength);
+
+    length -= copyLength;
+    data += copyLength;
+  }
+
+  delay(1);
+
+  idle();
+
+  return 1;
+}
+
+int ECC508Class::wakeup()
+{
+  _wire->beginTransmission(0x00);
+  _wire->endTransmission();
+
+  delayMicroseconds(800);
+
+  byte response;
+
+  if (!receiveResponse(&response, sizeof(response)) || response != 0x11) {
+    return 0;
+  }
+
+  return 1;
+}
+
+int ECC508Class::sleep()
+{
+  _wire->beginTransmission(_address);
+  _wire->write(0x01);
+
+  if (_wire->endTransmission() != 0) {
+    return 0;
+  }
+
+  return 1;
+}
+
+int ECC508Class::idle()
+{
+  _wire->beginTransmission(_address);
+  _wire->write(0x02);
+
+  if (_wire->endTransmission() != 0) {
+    return 0;
+  }
+
+  return 1;
+}
+
+int ECC508Class::version()
+{
+  uint32_t version = 0;
+
+  if (!wakeup()) {
+    return 0;
+  }
+
+  _wire->beginTransmission(_address);
+  _wire->write(0x03);
+  _wire->write(0x07);
+  _wire->write(0x30);
+  _wire->write(0x00);
+  _wire->write(0x00);
+  _wire->write(0x00);
+  _wire->write(0x03);
+  _wire->write(0x5d);
+  _wire->endTransmission();
+
+  delay(2);
+
+  if (!receiveResponse(&version, sizeof(version))) {
+    return 0;
+  }
+
+  delay(1);
+  idle();
+
+  return version;
+}
+
+int ECC508Class::receiveResponse(void* response, size_t length)
+{
+  int retries = 20;
+  int responseSize = length + 3; // 1 for length header, 2 for CRC
+  byte responseBuffer[responseSize];
+
+  while (_wire->requestFrom(_address, responseBuffer, responseSize) != responseSize && retries--);
+
+  if (responseBuffer[0] != responseSize) {
+    return 0;
+  }
+
+  // TODO: verify CRC
+  
+  memcpy(response, &responseBuffer[1], length);
+
+  return 1;
+}
+
+ECC508Class ECC508(Wire, 0x60);

src/utility/ECC508.h

@@ -0,0 +1,33 @@
+#ifndef _ECC508_H_
+#define _ECC508_H_
+
+#include <Wire.h>
+
+class ECC508Class
+{
+public:
+  ECC508Class(TwoWire& wire, uint8_t address);
+  virtual ~ECC508Class();
+
+  int begin();
+  void end();
+
+  int random(byte data[], size_t length);
+
+private:
+  int wakeup();
+  int sleep();
+  int idle();
+
+  int version();
+
+  int receiveResponse(void* response, size_t length);
+
+private:
+  TwoWire* _wire;
+  uint8_t _address;
+};
+
+extern ECC508Class ECC508;
+
+#endif