9. Entropy Source#
Each BSP must provide an implementation of the getentropy()
system
call. This system call was introduced by
OpenBSD
and is also available in
glibc since version 2.25.
This system call is used by the Newlib provided
ARC4RANDOM(3) functions, which in
turn are used by various cryptographic functions.
Warning
A good entropy source is critical for (nearly) all cryptographic applications. The default implementation based on the CPU counter is not suitable for such applications.
The getentropy()
implementation must fill the specified memory region
of the given size with random numbers and return 0 on success. A non-zero
return may cause the INTERNAL_ERROR_ARC4RANDOM_GETENTROPY_FAIL
internal error by one of the
ARC4RANDOM(3) functions.
In general, for embedded systems it is not easy to get some real entropy. Normally, that can only be reached with some extra hardware support. Some microcontrollers integrate a true random number generator or something similar for cryptographic applications. That is the preferred source of entropy for most BSPs. For example the atsam BSP uses the TRNG for its entropy source.
There is also a quite limited
default implementation based on the CPU counter.
Due to the fact that it is a time based source, the values provided by
getentropy()
are quite predictable. This implementation is not
appropriate for any cryptographic applications but it is good enough for some
basic tasks. Use it only if you do not have any strong requirements on the
entropy and if there is no better source.