Skip to content
This repository was archived by the owner on Jun 30, 2025. It is now read-only.

Fix insecure prng #3

Merged
merged 2 commits into from
Aug 7, 2022
Merged

Fix insecure prng #3

merged 2 commits into from
Aug 7, 2022

Conversation

@justalittlenoob
Copy link
Contributor

@justalittlenoob justalittlenoob commented Aug 5, 2022

No description provided.

@justalittlenoob justalittlenoob requested a review from a team as a code owner August 5, 2022 07:43
@justalittlenoob justalittlenoob requested a review from skmono August 5, 2022 07:45
fdiasmor
fdiasmor approved these changes Aug 5, 2022
View reviewed changes
Copy link
Contributor

@fdiasmor fdiasmor left a comment
edited
Loading

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Reviewed and verified compliance. These changes comply with internal discussions for the fix.

skmono
skmono reviewed Aug 7, 2022
View reviewed changes
skmono
skmono reviewed Aug 7, 2022
View reviewed changes
Copy link
Contributor

@skmono skmono left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Looks great

@skmono skmono merged commit c9ba00d into 2-insecure-prng-in-key-generation Aug 7, 2022
@skmono skmono deleted the zpf/fix-insecure-prng branch August 7, 2022 14:12
skmono pushed a commit that referenced this pull request Aug 30, 2022
@justalittlenoob
Improve RNG security (#9)
d65876c 
* Fix insecure prng (#3)
- Add RDSEED and RDRAND instruction check in compile time
- Prioritize RDSEED/RDRAND based RNG to produce random big number

* Add RNG support for non-RDRAND, non-RDSEED systems (#5)
- Use IPP-Crypto pseudo random number generator if none of those instructions are supported

* Removing seed setup and replacing rng function for PrimeGen_BN (#8)
- Remove seed setup for prime number generator
- Add support to TRNGen_RDSEED and PRNGen_RDRAND for prime number generator

Co-authored-by: Pengfei Zhao <pengfei.zhao@intel.com>
skmono pushed a commit that referenced this pull request Sep 16, 2022
@justalittlenoob
Update to 1.1.4 (#17)
ea6aa26 
* Improve RNG security (#9)
* Fix insecure prng (#3)
- Add RDSEED and RDRAND instruction check in compile time
- Prioritize RDSEED/RDRAND based RNG to produce random big number
* Add RNG support for non-RDRAND, non-RDSEED systems (#5)
- Use IPP-Crypto pseudo random number generator if none of those instructions are supported
* Removing seed setup and replacing rng function for PrimeGen_BN (#8)
- Remove seed setup for prime number generator
- Add support to TRNGen_RDSEED and PRNGen_RDRAND for prime number generator

Co-authored-by: Pengfei Zhao <pengfei.zhao@intel.com>

* Refactor apply obfuscator (#10)
- Refactor apply_obfuscator
- minor typo fix

* Update version for 1.1.4
* Update ipp-crypto version to use ippcp_2021.6 (#12)
- Minor update to use IPP-Crypto v2021.6

* 13 errors building installing questions about docs (#15)
* Minor fixes
- Fix gbenchmark build error on other platforms
- Fixed IPCLTargets typo
- Update version to 1.1.4

Co-authored-by: Pengfei Zhao <pengfei.zhao@intel.com>
@skmono skmono mentioned this pull request Sep 16, 2022
Merged
skmono pushed a commit that referenced this pull request Sep 16, 2022
@justalittlenoob
Update to 1.1.4 (#17) (#20)
b2bf11e 
* Improve RNG security (#9)
* Fix insecure prng (#3)
- Add RDSEED and RDRAND instruction check in compile time
- Prioritize RDSEED/RDRAND based RNG to produce random big number
* Add RNG support for non-RDRAND, non-RDSEED systems (#5)
- Use IPP-Crypto pseudo random number generator if none of those instructions are supported
* Removing seed setup and replacing rng function for PrimeGen_BN (#8)
- Remove seed setup for prime number generator
- Add support to TRNGen_RDSEED and PRNGen_RDRAND for prime number generator

* Refactor apply obfuscator (#10)
- Refactor apply_obfuscator
- minor typo fix

* Update version for 1.1.4
* Update ipp-crypto version to use ippcp_2021.6 (#12)
- Minor update to use IPP-Crypto v2021.6

* 13 errors building installing questions about docs (#15)
* Minor fixes
- Fix gbenchmark build error on other platforms
- Fixed IPCLTargets typo
- Update version to 1.1.4

Co-authored-by: Pengfei Zhao <pengfei.zhao@intel.com>
skmono pushed a commit that referenced this pull request Nov 15, 2022
Cleanup and unittest works (#3)
eaca07c 
* Cleanup and unittest works
- Removed benchmark features from unittests
- Added ISO/IEC 18033-6 compliance test in unittest
- Added support functions to public/private keys
- Rearranged OpenMP tests into cryptography and ops format similar to benchmark
- Now has one unittest binary instead of two, OpenMP testing enabled during compile time
- Updated flags and build targets accordingly
- Updated ci/cd to reflect unittest binary change
skmono pushed a commit that referenced this pull request Nov 15, 2022
@justalittlenoob
Apply IPCL v1.1.4 to internal development branch (#131)
a8acc9c 
* initial release

* Update CODEOWNERS (#1)

* Minor updates (#4)

* Minor updates
- Updated contributors
- Added code of conduct
- Updated CI/CD

* ModExp function: remove padding & code clean (#6)

- Remove padding operation in ippsModExp function
- Let ippsMBModExp function support modulus of different bit size(in one vector)
- Code clean

* ippsModExp & unittests: corner case fix (#7)

* Improve RNG security (#9)

* Fix insecure prng (#3)
- Add RDSEED and RDRAND instruction check in compile time
- Prioritize RDSEED/RDRAND based RNG to produce random big number

* Add RNG support for non-RDRAND, non-RDSEED systems (#5)
- Use IPP-Crypto pseudo random number generator if none of those instructions are supported

* Removing seed setup and replacing rng function for PrimeGen_BN (#8)
- Remove seed setup for prime number generator
- Add support to TRNGen_RDSEED and PRNGen_RDRAND for prime number generator

Co-authored-by: Pengfei Zhao <pengfei.zhao@intel.com>

* Refactor apply obfuscator (#10)

- Refactor apply_obfuscator
- minor typo fix

* Update ipp-crypto version to use ippcp_2021.6 (#12)

- Minor update to use IPP-Crypto v2021.6

* 13 errors building installing questions about docs (#15)

* Minor fixes
- Fix gbenchmark build error on other platforms
- Fixed IPCLTargets typo
- Update version to 1.1.4

* Update to 1.1.4 (#17) (#20)

* Improve RNG security (#9)
* Fix insecure prng (#3)
- Add RDSEED and RDRAND instruction check in compile time
- Prioritize RDSEED/RDRAND based RNG to produce random big number
* Add RNG support for non-RDRAND, non-RDSEED systems (#5)
- Use IPP-Crypto pseudo random number generator if none of those instructions are supported
* Removing seed setup and replacing rng function for PrimeGen_BN (#8)
- Remove seed setup for prime number generator
- Add support to TRNGen_RDSEED and PRNGen_RDRAND for prime number generator

* Refactor apply obfuscator (#10)
- Refactor apply_obfuscator
- minor typo fix

* Update version for 1.1.4
* Update ipp-crypto version to use ippcp_2021.6 (#12)
- Minor update to use IPP-Crypto v2021.6

* 13 errors building installing questions about docs (#15)
* Minor fixes
- Fix gbenchmark build error on other platforms
- Fixed IPCLTargets typo
- Update version to 1.1.4

Co-authored-by: Pengfei Zhao <pengfei.zhao@intel.com>

* Add ipcl.hpp public header & cleanup ipcl/CMakeLists.txt (#22)

* Cleanup ipcl/CMakeLists.txt
* Refactor header - rename keygen.hpp with ipcl.hpp, use it as public header
* Unit test & benchmark: replace header files with public header - ipcl.hpp

* Improve installation and support runtime IFMA detection (#23)

* Add option to determine AVX512IFMA during runtime (#18)
- Add CMake flag to enable runtime version (```IPCL_DETECT_IFMA_RUNTIME```)
- Add ```cpu_features``` dependency
- Add manual IFMA disabling with environment variable (```IPCL_DISABLE_AVX512IFMA=ON```)
- Updated README to include AVX512IFMA runtime detection option

* Fixed shared library build
- Refactor cmake configurations
- Added example code

* Added build and usage documentation
- Fixed minor typos and updated flag names to be more consistent
- Cleaned up example CMake file

* Added examples documentation
- Build and install instruction
- Linking and compiling instruction
- Usage examples

* Fixed typo in root README (#24)

Co-authored-by: Pengfei Zhao <pengfei.zhao@intel.com>
skmono pushed a commit that referenced this pull request Nov 16, 2022
@fdiasmor
Merge pull request #3 from intel-sandbox/fdiasmor/bn_modexp_perform_op
29761d9 
Impl of single-threaded synchronous blocking bnModExpPerformOp with batch support.
Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.

Reviewers

2 more reviewers

@skmono skmono skmono approved these changes

@fdiasmor fdiasmor fdiasmor approved these changes

Reviewers whose approvals may not affect merge requirements

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

4 participants

@justalittlenoob @skmono @fdiasmor