From 85726b6a6d53f6c3a2c18ba3412ee5b14ee4d6f3 Mon Sep 17 00:00:00 2001 From: Daniel Borkmann Date: Tue, 4 Jun 2013 13:22:56 +0200 Subject: rnd: add gen_key_bytes to generate key from good entropy source Make this a function and do not have this in curvetun hard coded. Signed-off-by: Daniel Borkmann --- curvetun.c | 12 +----------- rnd.c | 37 ++++++++++++++++++++++++++++++------- rnd.h | 3 ++- 3 files changed, 33 insertions(+), 19 deletions(-) diff --git a/curvetun.c b/curvetun.c index 1b69b2d..ffb6314 100644 --- a/curvetun.c +++ b/curvetun.c @@ -257,17 +257,7 @@ static void create_keypair(char *home) printf("Reading from %s (this may take a while) ...\n", HIG_ENTROPY_SOURCE); - fd = open_or_die(HIG_ENTROPY_SOURCE, O_RDONLY); - - ret = read_exact(fd, secretkey, sizeof(secretkey), 0); - if (ret != sizeof(secretkey)) { - err = EIO; - errstr = "Cannot read from "HIG_ENTROPY_SOURCE"!\n"; - goto out; - } - - close(fd); - + gen_key_bytes(secretkey, sizeof(secretkey)); crypto_scalarmult_curve25519_base(publickey, secretkey); memset(path, 0, sizeof(path)); diff --git a/rnd.c b/rnd.c index 3a7481d..7dd36a3 100644 --- a/rnd.c +++ b/rnd.c @@ -4,17 +4,20 @@ #include #include "rnd.h" +#include "die.h" +#include "ioexact.h" +#include "ioops.h" -static int fd_rnd = -1; +static int fdw = -1; -static void randombytes(unsigned char *x, unsigned long long xlen) +static void randombytes_weak(unsigned char *x, unsigned long long xlen) { int ret; - if (fd_rnd == -1) { + if (fdw == -1) { for (;;) { - fd_rnd = open(LOW_ENTROPY_SOURCE, O_RDONLY); - if (fd_rnd != -1) + fdw = open(LOW_ENTROPY_SOURCE, O_RDONLY); + if (fdw != -1) break; sleep(1); } @@ -26,7 +29,7 @@ static void randombytes(unsigned char *x, unsigned long long xlen) else ret = 1048576; - ret = read(fd_rnd, x, ret); + ret = read(fdw, x, ret); if (ret < 1) { sleep(1); continue; @@ -37,9 +40,29 @@ static void randombytes(unsigned char *x, unsigned long long xlen) } } +static void randombytes_strong(unsigned char *x, unsigned long long xlen) +{ + int fds, ret; + + fds = open_or_die(HIG_ENTROPY_SOURCE, O_RDONLY); + + ret = read_exact(fds, x, xlen, 0); + if (ret != xlen) + panic("Error reading from entropy source!\n"); + + close(fds); +} + int secrand(void) { int ret; - randombytes((void *) &ret, sizeof(ret)); + + randombytes_weak((void *) &ret, sizeof(ret)); + return ret; } + +void gen_key_bytes(unsigned char *area, size_t len) +{ + randombytes_strong(area, len); +} diff --git a/rnd.h b/rnd.h index dd128a1..154fccf 100644 --- a/rnd.h +++ b/rnd.h @@ -4,10 +4,11 @@ #define HIG_ENTROPY_SOURCE "/dev/random" #define LOW_ENTROPY_SOURCE "/dev/urandom" -/* Note: it's not really secure, but the name only suggests it's better to use +/* secrand is not really secure, but the name only suggests it's better to use * than rand(3) when transferring bytes over the network in non-security * critical structure members. secrand() is only used to fill up salts actually. */ extern int secrand(void); +extern void gen_key_bytes(unsigned char *area, size_t len); #endif /* RND_H */ -- cgit v1.2.3-54-g00ecf