diff options
| author | Daniel Borkmann <dborkman@redhat.com> | 2013-06-04 13:22:56 +0200 | 
|---|---|---|
| committer | Daniel Borkmann <dborkman@redhat.com> | 2013-06-04 13:22:56 +0200 | 
| commit | 85726b6a6d53f6c3a2c18ba3412ee5b14ee4d6f3 (patch) | |
| tree | 4a76b6b0e85127135eaa30e6478cfdc18847702a | |
| parent | 26b173d328e36e423ff7765df5b3fc75abb6a1d9 (diff) | |
rnd: add gen_key_bytes to generate key from good entropy source
Make this a function and do not have this in curvetun hard coded.
Signed-off-by: Daniel Borkmann <dborkman@redhat.com>
| -rw-r--r-- | curvetun.c | 12 | ||||
| -rw-r--r-- | rnd.c | 37 | ||||
| -rw-r--r-- | rnd.h | 3 | 
3 files changed, 33 insertions, 19 deletions
| @@ -257,17 +257,7 @@ static void create_keypair(char *home)  	printf("Reading from %s (this may take a while) ...\n", HIG_ENTROPY_SOURCE); -	fd = open_or_die(HIG_ENTROPY_SOURCE, O_RDONLY); - -	ret = read_exact(fd, secretkey, sizeof(secretkey), 0); -	if (ret != sizeof(secretkey)) { -		err = EIO; -		errstr = "Cannot read from "HIG_ENTROPY_SOURCE"!\n"; -		goto out; -	} - -	close(fd); - +	gen_key_bytes(secretkey, sizeof(secretkey));  	crypto_scalarmult_curve25519_base(publickey, secretkey);  	memset(path, 0, sizeof(path)); @@ -4,17 +4,20 @@  #include <unistd.h>  #include "rnd.h" +#include "die.h" +#include "ioexact.h" +#include "ioops.h" -static int fd_rnd = -1; +static int fdw = -1; -static void randombytes(unsigned char *x, unsigned long long xlen) +static void randombytes_weak(unsigned char *x, unsigned long long xlen)  {  	int ret; -	if (fd_rnd == -1) { +	if (fdw == -1) {  		for (;;) { -			fd_rnd = open(LOW_ENTROPY_SOURCE, O_RDONLY); -			if (fd_rnd != -1) +			fdw = open(LOW_ENTROPY_SOURCE, O_RDONLY); +			if (fdw != -1)  				break;  			sleep(1);  		} @@ -26,7 +29,7 @@ static void randombytes(unsigned char *x, unsigned long long xlen)  		else  			ret = 1048576; -		ret = read(fd_rnd, x, ret); +		ret = read(fdw, x, ret);  		if (ret < 1) {  			sleep(1);  			continue; @@ -37,9 +40,29 @@ static void randombytes(unsigned char *x, unsigned long long xlen)  	}  } +static void randombytes_strong(unsigned char *x, unsigned long long xlen) +{ +	int fds, ret; + +	fds = open_or_die(HIG_ENTROPY_SOURCE, O_RDONLY); + +	ret = read_exact(fds, x, xlen, 0); +	if (ret != xlen) +		panic("Error reading from entropy source!\n"); + +	close(fds); +} +  int secrand(void)  {  	int ret; -	randombytes((void *) &ret, sizeof(ret)); + +	randombytes_weak((void *) &ret, sizeof(ret)); +  	return ret;  } + +void gen_key_bytes(unsigned char *area, size_t len) +{ +	randombytes_strong(area, len); +} @@ -4,10 +4,11 @@  #define HIG_ENTROPY_SOURCE	"/dev/random"  #define LOW_ENTROPY_SOURCE	"/dev/urandom" -/* Note: it's not really secure, but the name only suggests it's better to use +/* secrand is not really secure, but the name only suggests it's better to use   * than rand(3) when transferring bytes over the network in non-security   * critical structure members. secrand() is only used to fill up salts actually.   */  extern int secrand(void); +extern void gen_key_bytes(unsigned char *area, size_t len);  #endif /* RND_H */ | 
