[review] generate random in chunks

Signed-off-by: Vesa Jääskeläinen <[email protected]>
OP-TEE · Feb 13, 2021 · 16dab17 · 16dab17
1 parent 8325017
commit 16dab17
Showing 1 changed file with 19 additions and 3 deletions.
diff --git a/ta/pkcs11/src/pkcs11_token.c b/ta/pkcs11/src/pkcs11_token.c
@@ -31,6 +31,9 @@
 #define TOKEN_COUNT		CFG_PKCS11_TA_TOKEN_COUNT
 #endif
 
+/* RNG chunk size used to split RNG generation to smaller sizes */
+#define RNG_CHUNK_SIZE		512
+
 /*
  * Structure tracking client applications
  *
@@ -1552,6 +1555,9 @@ enum pkcs11_rc entry_ck_generate_random(struct pkcs11_client *client,
 	struct serialargs ctrlargs = { };
 	struct pkcs11_session *session = NULL;
 	void *buffer = NULL;
+	size_t buffer_size = 0;
+	uint8_t *data = NULL;
+	size_t left = 0;
 
 	if (!client || ptypes != exp_pt)
 		return PKCS11_CKR_ARGUMENTS_BAD;
@@ -1571,13 +1577,23 @@ enum pkcs11_rc entry_ck_generate_random(struct pkcs11_client *client,
 	if (!out->memref.size)
 		return PKCS11_CKR_OK;
 
-	buffer = TEE_Malloc(out->memref.size, TEE_MALLOC_FILL_ZERO);
+	buffer_size = MIN(out->memref.size, RNG_CHUNK_SIZE);
+	buffer = TEE_Malloc(buffer_size, TEE_MALLOC_FILL_ZERO);
 	if (!buffer)
 		return PKCS11_CKR_DEVICE_MEMORY;
 
-	TEE_GenerateRandom(buffer, out->memref.size);
+	data = out->memref.buffer;
+	left = out->memref.size;
+
+	while (left) {
+		size_t count = MIN(left, buffer_size);
 
-	TEE_MemMove(out->memref.buffer, buffer, out->memref.size);
+		TEE_GenerateRandom(buffer, count);
+		TEE_MemMove(data, buffer, count);
+
+		data += count;
+		left -= count;
+	}
 
 	IMSG("PKCS11 session %"PRIu32": generate random", session->handle);