Add native entropy for iOS

t-bast · t-bast · commit 5cabd281b182 · 2021-04-22T12:36:09.000+02:00
Collect some runtime statistics for iOS.
diff --git a/PhoenixCrypto/PhoenixCrypto.xcodeproj/project.pbxproj b/PhoenixCrypto/PhoenixCrypto.xcodeproj/project.pbxproj
@@ -7,6 +7,7 @@
 	objects = {
 
 /* Begin PBXBuildFile section */
+		DC35ED842630A381002E441D /* NativeWeakRandom.swift in Sources */ = {isa = PBXBuildFile; fileRef = DC35ED832630A381002E441D /* NativeWeakRandom.swift */; };
 		DC9B8EC625D6D41400E13818 /* PhoenixCrypto.m in Sources */ = {isa = PBXBuildFile; fileRef = DC9B8EC525D6D41400E13818 /* PhoenixCrypto.m */; };
 		DC9B8EC725D6D41400E13818 /* PhoenixCrypto.h in CopyFiles */ = {isa = PBXBuildFile; fileRef = DC9B8EC425D6D41400E13818 /* PhoenixCrypto.h */; };
 		DC9B8ED425D6D7A100E13818 /* NativeChaChaPoly.swift in Sources */ = {isa = PBXBuildFile; fileRef = DC9B8ED325D6D7A100E13818 /* NativeChaChaPoly.swift */; };
@@ -26,6 +27,7 @@
 /* End PBXCopyFilesBuildPhase section */
 
 /* Begin PBXFileReference section */
+		DC35ED832630A381002E441D /* NativeWeakRandom.swift */ = {isa = PBXFileReference; lastKnownFileType = sourcecode.swift; path = NativeWeakRandom.swift; sourceTree = "<group>"; };
 		DC9B8EC125D6D41400E13818 /* libPhoenixCrypto.a */ = {isa = PBXFileReference; explicitFileType = archive.ar; includeInIndex = 0; path = libPhoenixCrypto.a; sourceTree = BUILT_PRODUCTS_DIR; };
 		DC9B8EC425D6D41400E13818 /* PhoenixCrypto.h */ = {isa = PBXFileReference; lastKnownFileType = sourcecode.c.h; path = PhoenixCrypto.h; sourceTree = "<group>"; };
 		DC9B8EC525D6D41400E13818 /* PhoenixCrypto.m */ = {isa = PBXFileReference; lastKnownFileType = sourcecode.c.objc; path = PhoenixCrypto.m; sourceTree = "<group>"; };
@@ -74,6 +76,7 @@
 				DC9B8EC425D6D41400E13818 /* PhoenixCrypto.h */,
 				DC9B8EC525D6D41400E13818 /* PhoenixCrypto.m */,
 				DC9B8ED325D6D7A100E13818 /* NativeChaChaPoly.swift */,
+				DC35ED832630A381002E441D /* NativeWeakRandom.swift */,
 				DC9B8ED225D6D7A000E13818 /* PhoenixCrypto-Bridging-Header.h */,
 			);
 			path = Classes;
@@ -159,6 +162,7 @@
 			buildActionMask = 2147483647;
 			files = (
 				DC9B8ED425D6D7A100E13818 /* NativeChaChaPoly.swift in Sources */,
+				DC35ED842630A381002E441D /* NativeWeakRandom.swift in Sources */,
 				DC9B8EC625D6D41400E13818 /* PhoenixCrypto.m in Sources */,
 			);
 			runOnlyForDeploymentPostprocessing = 0;
diff --git a/PhoenixCrypto/PhoenixCrypto/Classes/NativeChaChaPoly.swift b/PhoenixCrypto/PhoenixCrypto/Classes/NativeChaChaPoly.swift
@@ -2,20 +2,16 @@ import Foundation
 import CryptoKit
 import os.log
 
-//#if DEBUG && true
 fileprivate var log = Logger(
 	subsystem: Bundle.main.bundleIdentifier!,
 	category: "NativeChaChaPoly"
 )
-//#else
-//fileprivate var log = Logger(OSLog.disabled)
-//#endif
 
 @objc
 public class NativeChaChaPoly: NSObject {
 	
 	@objc
-	public class func chachapoly_encrypt(
+	public class func encrypt(
 		key: Data,
 		nonce: Data,
 		authenticatedData: Data,
@@ -50,7 +46,7 @@ public class NativeChaChaPoly: NSObject {
 	}
 
 	@objc
-	public class func chachapoly_decrypt(
+	public class func decrypt(
 		key: Data,
 		nonce: Data,
 		authenticatedData: Data,
diff --git a/PhoenixCrypto/PhoenixCrypto/Classes/NativeWeakRandom.swift b/PhoenixCrypto/PhoenixCrypto/Classes/NativeWeakRandom.swift
@@ -0,0 +1,70 @@
+import Foundation
+import CryptoKit
+import os.log
+
+fileprivate var log = Logger(
+	subsystem: Bundle.main.bundleIdentifier!,
+	category: "NativeWeakRandom"
+)
+
+@objc
+public class NativeWeakRandom: NSObject {
+
+    @objc
+    private class func toByteArr(i: UInt64) -> [UInt8] {
+        let count = MemoryLayout<UInt64>.size
+        var _i = i
+        let bytePtr = withUnsafePointer(to: &_i) {
+            $0.withMemoryRebound(to: UInt8.self, capacity: count) {
+                UnsafeBufferPointer(start: $0, count: count)
+            }
+        }
+        return [UInt8](bytePtr)
+    }
+
+	@objc
+	public class func sample() -> Data {
+
+	    // Sample some entropy from the running process metrics.
+		let pid = UInt64(getpid())
+		let usage = rusage_info_current()
+		var entropy : [UInt8] = toByteArr(i: pid)
+		entropy += toByteArr(i: usage.ri_user_time)
+		entropy += toByteArr(i: usage.ri_system_time)
+		entropy += toByteArr(i: usage.ri_pkg_idle_wkups)
+		entropy += toByteArr(i: usage.ri_interrupt_wkups)
+		entropy += toByteArr(i: usage.ri_pageins)
+		entropy += toByteArr(i: usage.ri_wired_size)
+		entropy += toByteArr(i: usage.ri_resident_size)
+		entropy += toByteArr(i: usage.ri_phys_footprint)
+		entropy += toByteArr(i: usage.ri_proc_start_abstime)
+		entropy += toByteArr(i: usage.ri_proc_exit_abstime)
+		entropy += toByteArr(i: usage.ri_child_user_time)
+		entropy += toByteArr(i: usage.ri_child_system_time)
+		entropy += toByteArr(i: usage.ri_child_pkg_idle_wkups)
+		entropy += toByteArr(i: usage.ri_child_interrupt_wkups)
+		entropy += toByteArr(i: usage.ri_child_pageins)
+		entropy += toByteArr(i: usage.ri_child_elapsed_abstime)
+		entropy += toByteArr(i: usage.ri_diskio_bytesread)
+		entropy += toByteArr(i: usage.ri_diskio_byteswritten)
+		entropy += toByteArr(i: usage.ri_cpu_time_qos_default)
+		entropy += toByteArr(i: usage.ri_cpu_time_qos_maintenance)
+		entropy += toByteArr(i: usage.ri_cpu_time_qos_background)
+		entropy += toByteArr(i: usage.ri_cpu_time_qos_utility)
+		entropy += toByteArr(i: usage.ri_cpu_time_qos_legacy)
+		entropy += toByteArr(i: usage.ri_cpu_time_qos_user_initiated)
+		entropy += toByteArr(i: usage.ri_cpu_time_qos_user_interactive)
+		entropy += toByteArr(i: usage.ri_billed_system_time)
+		entropy += toByteArr(i: usage.ri_serviced_system_time)
+		entropy += toByteArr(i: usage.ri_logical_writes)
+		entropy += toByteArr(i: usage.ri_lifetime_max_phys_footprint)
+		entropy += toByteArr(i: usage.ri_instructions)
+		entropy += toByteArr(i: usage.ri_cycles)
+		entropy += toByteArr(i: usage.ri_billed_energy)
+		entropy += toByteArr(i: usage.ri_serviced_energy)
+		entropy += toByteArr(i: usage.ri_interval_max_phys_footprint)
+		entropy += toByteArr(i: usage.ri_runnable_time)
+
+		return Data(entropy)
+	}
+}
diff --git a/PhoenixCrypto/PhoenixCrypto/Classes/PhoenixCrypto.h b/PhoenixCrypto/PhoenixCrypto/Classes/PhoenixCrypto.h
@@ -1,10 +1,3 @@
-//
-//  PhoenixCrypto.h
-//  PhoenixCrypto
-//
-//  Created by Robbie Hanson on 2/12/21.
-//
-
 #import <Foundation/Foundation.h>
 #import "PhoenixCrypto-Swift.h"
 
diff --git a/PhoenixCrypto/PhoenixCrypto/Classes/PhoenixCrypto.m b/PhoenixCrypto/PhoenixCrypto/Classes/PhoenixCrypto.m
@@ -1,10 +1,3 @@
-//
-//  PhoenixCrypto.m
-//  PhoenixCrypto
-//
-//  Created by Robbie Hanson on 2/12/21.
-//
-
 #import "PhoenixCrypto.h"
 
 @implementation PhoenixCrypto
diff --git a/src/iosMain/kotlin/fr/acinq/lightning/crypto/noise/Chacha20Poly1305CipherFunctions.kt b/src/iosMain/kotlin/fr/acinq/lightning/crypto/noise/Chacha20Poly1305CipherFunctions.kt
@@ -1,36 +1,10 @@
 package fr.acinq.lightning.crypto.noise
 
 import swift.phoenix_crypto.*
+import fr.acinq.lightning.utils.toByteArray
+import fr.acinq.lightning.utils.toNSData
 import fr.acinq.lightning.crypto.ChaCha20Poly1305
-import kotlinx.cinterop.addressOf
 import kotlinx.cinterop.autoreleasepool
-import kotlinx.cinterop.pin
-import kotlinx.cinterop.usePinned
-import platform.Foundation.create
-import platform.Foundation.NSData
-import platform.posix.memcpy
-
-fun NSData.toByteArray(): ByteArray {
-    val data = this
-    return ByteArray(data.length.toInt()).apply {
-        if (data.length > 0uL) {
-            usePinned { pinned ->
-                memcpy(pinned.addressOf(0), data.bytes, data.length)
-            }
-        }
-    }
-}
-
-fun ByteArray.toNSData(): NSData {
-    if (isEmpty()) return NSData()
-    val pinned = pin()
-    return NSData.create(
-        bytesNoCopy = pinned.addressOf(0),
-        length = size.toULong(),
-        deallocator = { _, _ -> pinned.unpin() }
-    )
-}
-
 
 actual object Chacha20Poly1305CipherFunctions : CipherFunctions {
     override fun name() = "ChaChaPoly"
@@ -41,7 +15,7 @@ actual object Chacha20Poly1305CipherFunctions : CipherFunctions {
     // Encrypts plaintext using the cipher key k of 32 bytes and an 8-byte unsigned integer nonce n which must be unique.
     override fun encrypt(k: ByteArray, n: Long, ad: ByteArray, plaintext: ByteArray): ByteArray {
         autoreleasepool {
-            val ciphertextAndMac = NativeChaChaPoly.chachapoly_encryptWithKey(
+            val ciphertextAndMac = NativeChaChaPoly.encryptWithKey(
                 key = k.toNSData(),
                 nonce = nonce(n).toNSData(),
                 authenticatedData = ad.toNSData(),
@@ -55,7 +29,7 @@ actual object Chacha20Poly1305CipherFunctions : CipherFunctions {
     @Suppress("PARAMETER_NAME_CHANGED_ON_OVERRIDE")
     override fun decrypt(k: ByteArray, n: Long, ad: ByteArray, ciphertextAndMac: ByteArray): ByteArray {
         autoreleasepool {
-            val plaintext = NativeChaChaPoly.chachapoly_decryptWithKey(
+            val plaintext = NativeChaChaPoly.decryptWithKey(
                 key = k.toNSData(),
                 nonce = nonce(n).toNSData(),
                 authenticatedData = ad.toNSData(),
diff --git a/src/iosMain/kotlin/fr/acinq/lightning/utils/IosBridgeUtils.kt b/src/iosMain/kotlin/fr/acinq/lightning/utils/IosBridgeUtils.kt
@@ -0,0 +1,29 @@
+package fr.acinq.lightning.utils
+
+import kotlinx.cinterop.addressOf
+import kotlinx.cinterop.pin
+import kotlinx.cinterop.usePinned
+import platform.Foundation.create
+import platform.Foundation.NSData
+import platform.posix.memcpy
+
+fun NSData.toByteArray(): ByteArray {
+    val data = this
+    return ByteArray(data.length.toInt()).apply {
+        if (data.length > 0uL) {
+            usePinned { pinned ->
+                memcpy(pinned.addressOf(0), data.bytes, data.length)
+            }
+        }
+    }
+}
+
+fun ByteArray.toNSData(): NSData {
+    if (isEmpty()) return NSData()
+    val pinned = pin()
+    return NSData.create(
+        bytesNoCopy = pinned.addressOf(0),
+        length = size.toULong(),
+        deallocator = { _, _ -> pinned.unpin() }
+    )
+}
diff --git a/src/iosMain/kotlin/fr/acinq/lightning/utils/SecureRandom.kt b/src/iosMain/kotlin/fr/acinq/lightning/utils/SecureRandom.kt
@@ -0,0 +1,11 @@
+package fr.acinq.lightning.utils
+
+import swift.phoenix_crypto.*
+import kotlinx.cinterop.autoreleasepool
+
+actual fun runtimeEntropy(): ByteArray {
+    autoreleasepool {
+        val result = NativeWeakRandom.sample()
+        return result.toByteArray()
+    }
+}
diff --git a/src/linuxMain/kotlin/fr/acinq/lightning/utils/SecureRandom.kt b/src/linuxMain/kotlin/fr/acinq/lightning/utils/SecureRandom.kt
@@ -0,0 +1,5 @@
+package fr.acinq.lightning.utils
+
+actual fun runtimeEntropy(): ByteArray {
+    return ByteArray(32)
+}
diff --git a/src/nativeMain/kotlin/fr/acinq/lightning/utils/SecureRandomPosix.kt b/src/nativeMain/kotlin/fr/acinq/lightning/utils/SecureRandomPosix.kt
@@ -47,7 +47,3 @@ object SecureRandomPosix : Random() {
 }
 
 actual fun Random.Default.secure(): Random = SecureRandomPosix
-
-actual fun runtimeEntropy(): ByteArray {
-    return ByteArray(32)
-}

Original file line number	Diff line number	Diff line change
`@@ -47,7 +47,3 @@ object SecureRandomPosix : Random() {`
`47`	`47`	`}`
`48`	`48`
`49`	`49`	`actual fun Random.Default.secure(): Random = SecureRandomPosix`
`50`		`-`
`51`		`-actual fun runtimeEntropy(): ByteArray {`
`52`		`- return ByteArray(32)`
`53`		`-}`