diff options
author | Daniel Borkmann <dborkman@redhat.com> | 2013-06-04 13:22:56 +0200 |
---|---|---|
committer | Daniel Borkmann <dborkman@redhat.com> | 2013-06-04 13:22:56 +0200 |
commit | 85726b6a6d53f6c3a2c18ba3412ee5b14ee4d6f3 (patch) | |
tree | 4a76b6b0e85127135eaa30e6478cfdc18847702a | |
parent | 26b173d328e36e423ff7765df5b3fc75abb6a1d9 (diff) |
rnd: add gen_key_bytes to generate key from good entropy source
Make this a function and do not have this in curvetun hard coded.
Signed-off-by: Daniel Borkmann <dborkman@redhat.com>
-rw-r--r-- | curvetun.c | 12 | ||||
-rw-r--r-- | rnd.c | 37 | ||||
-rw-r--r-- | rnd.h | 3 |
3 files changed, 33 insertions, 19 deletions
@@ -257,17 +257,7 @@ static void create_keypair(char *home) printf("Reading from %s (this may take a while) ...\n", HIG_ENTROPY_SOURCE); - fd = open_or_die(HIG_ENTROPY_SOURCE, O_RDONLY); - - ret = read_exact(fd, secretkey, sizeof(secretkey), 0); - if (ret != sizeof(secretkey)) { - err = EIO; - errstr = "Cannot read from "HIG_ENTROPY_SOURCE"!\n"; - goto out; - } - - close(fd); - + gen_key_bytes(secretkey, sizeof(secretkey)); crypto_scalarmult_curve25519_base(publickey, secretkey); memset(path, 0, sizeof(path)); @@ -4,17 +4,20 @@ #include <unistd.h> #include "rnd.h" +#include "die.h" +#include "ioexact.h" +#include "ioops.h" -static int fd_rnd = -1; +static int fdw = -1; -static void randombytes(unsigned char *x, unsigned long long xlen) +static void randombytes_weak(unsigned char *x, unsigned long long xlen) { int ret; - if (fd_rnd == -1) { + if (fdw == -1) { for (;;) { - fd_rnd = open(LOW_ENTROPY_SOURCE, O_RDONLY); - if (fd_rnd != -1) + fdw = open(LOW_ENTROPY_SOURCE, O_RDONLY); + if (fdw != -1) break; sleep(1); } @@ -26,7 +29,7 @@ static void randombytes(unsigned char *x, unsigned long long xlen) else ret = 1048576; - ret = read(fd_rnd, x, ret); + ret = read(fdw, x, ret); if (ret < 1) { sleep(1); continue; @@ -37,9 +40,29 @@ static void randombytes(unsigned char *x, unsigned long long xlen) } } +static void randombytes_strong(unsigned char *x, unsigned long long xlen) +{ + int fds, ret; + + fds = open_or_die(HIG_ENTROPY_SOURCE, O_RDONLY); + + ret = read_exact(fds, x, xlen, 0); + if (ret != xlen) + panic("Error reading from entropy source!\n"); + + close(fds); +} + int secrand(void) { int ret; - randombytes((void *) &ret, sizeof(ret)); + + randombytes_weak((void *) &ret, sizeof(ret)); + return ret; } + +void gen_key_bytes(unsigned char *area, size_t len) +{ + randombytes_strong(area, len); +} @@ -4,10 +4,11 @@ #define HIG_ENTROPY_SOURCE "/dev/random" #define LOW_ENTROPY_SOURCE "/dev/urandom" -/* Note: it's not really secure, but the name only suggests it's better to use +/* secrand is not really secure, but the name only suggests it's better to use * than rand(3) when transferring bytes over the network in non-security * critical structure members. secrand() is only used to fill up salts actually. */ extern int secrand(void); +extern void gen_key_bytes(unsigned char *area, size_t len); #endif /* RND_H */ |