diff options
author | Christian Grothoff <christian@grothoff.org> | 2013-02-11 23:04:43 +0000 |
---|---|---|
committer | Christian Grothoff <christian@grothoff.org> | 2013-02-11 23:04:43 +0000 |
commit | 81e30a126c1a7be76b87acab0b16933d2a5b4064 (patch) | |
tree | 0ef72d3c402f557bff35cce46fff40320e1096c7 /src/util/crypto_random.c | |
parent | aab5ab384bc5d5fbd2dab0ecc640b07db0710be7 (diff) | |
download | gnunet-81e30a126c1a7be76b87acab0b16933d2a5b4064.tar.gz gnunet-81e30a126c1a7be76b87acab0b16933d2a5b4064.zip |
-trying to address #2791
Diffstat (limited to 'src/util/crypto_random.c')
-rw-r--r-- | src/util/crypto_random.c | 52 |
1 files changed, 16 insertions, 36 deletions
diff --git a/src/util/crypto_random.c b/src/util/crypto_random.c index b61d59613..8ba6641b9 100644 --- a/src/util/crypto_random.c +++ b/src/util/crypto_random.c | |||
@@ -35,13 +35,6 @@ | |||
35 | #define LOG_STRERROR(kind,syscall) GNUNET_log_from_strerror (kind, "util", syscall) | 35 | #define LOG_STRERROR(kind,syscall) GNUNET_log_from_strerror (kind, "util", syscall) |
36 | 36 | ||
37 | 37 | ||
38 | /** | ||
39 | * GNUNET_YES if we are using a 'weak' (low-entropy) PRNG. | ||
40 | */ | ||
41 | static int weak_random; | ||
42 | |||
43 | |||
44 | |||
45 | /* TODO: ndurner, move this to plibc? */ | 38 | /* TODO: ndurner, move this to plibc? */ |
46 | /* The code is derived from glibc, obviously */ | 39 | /* The code is derived from glibc, obviously */ |
47 | #if MINGW | 40 | #if MINGW |
@@ -237,31 +230,6 @@ GNUNET_CRYPTO_random_u64 (enum GNUNET_CRYPTO_Quality mode, uint64_t max) | |||
237 | 230 | ||
238 | 231 | ||
239 | /** | 232 | /** |
240 | * Check if we are using weak random number generation. | ||
241 | * | ||
242 | * @return GNUNET_YES if weak number generation is on | ||
243 | */ | ||
244 | int | ||
245 | GNUNET_CRYPTO_random_is_weak () | ||
246 | { | ||
247 | return weak_random; | ||
248 | } | ||
249 | |||
250 | |||
251 | /** | ||
252 | * This function should only be called in testcases | ||
253 | * where strong entropy gathering is not desired | ||
254 | * (for example, for hostkey generation). | ||
255 | */ | ||
256 | void | ||
257 | GNUNET_CRYPTO_random_disable_entropy_gathering () | ||
258 | { | ||
259 | weak_random = GNUNET_YES; | ||
260 | gcry_control (GCRYCTL_ENABLE_QUICK_RANDOM, 0); | ||
261 | } | ||
262 | |||
263 | |||
264 | /** | ||
265 | * Process ID of the "find" process that we use for | 233 | * Process ID of the "find" process that we use for |
266 | * entropy gathering. | 234 | * entropy gathering. |
267 | */ | 235 | */ |
@@ -332,10 +300,12 @@ killfind () | |||
332 | } | 300 | } |
333 | 301 | ||
334 | 302 | ||
335 | void __attribute__ ((constructor)) GNUNET_CRYPTO_random_init () | 303 | void __attribute__ ((constructor)) |
304 | GNUNET_CRYPTO_random_init () | ||
336 | { | 305 | { |
337 | gcry_control (GCRYCTL_DISABLE_SECMEM, 0); | 306 | gcry_error_t rc; |
338 | if (!gcry_check_version (NEED_LIBGCRYPT_VERSION)) | 307 | |
308 | if (! gcry_check_version (NEED_LIBGCRYPT_VERSION)) | ||
339 | { | 309 | { |
340 | FPRINTF (stderr, | 310 | FPRINTF (stderr, |
341 | _ | 311 | _ |
@@ -343,6 +313,15 @@ void __attribute__ ((constructor)) GNUNET_CRYPTO_random_init () | |||
343 | NEED_LIBGCRYPT_VERSION); | 313 | NEED_LIBGCRYPT_VERSION); |
344 | GNUNET_abort (); | 314 | GNUNET_abort (); |
345 | } | 315 | } |
316 | if ((rc = gcry_control (GCRYCTL_DISABLE_SECMEM, 0))) | ||
317 | FPRINTF (stderr, "Failed to set libgcrypt option %s: %s\n", "DISABLE_SECMEM", | ||
318 | gcry_strerror (rc)); | ||
319 | /* we only generate ephemeral keys in-process; for those, | ||
320 | we are fine with "just" using GCRY_STRONG_RANDOM */ | ||
321 | if ((rc = gcry_control (GCRYCTL_ENABLE_QUICK_RANDOM, 0))) | ||
322 | FPRINTF (stderr, "Failed to set libgcrypt option %s: %s\n", "ENABLE_QUICK_RANDOM", | ||
323 | gcry_strerror (rc)); | ||
324 | |||
346 | #ifdef GCRYCTL_INITIALIZATION_FINISHED | 325 | #ifdef GCRYCTL_INITIALIZATION_FINISHED |
347 | gcry_control (GCRYCTL_INITIALIZATION_FINISHED, 0); | 326 | gcry_control (GCRYCTL_INITIALIZATION_FINISHED, 0); |
348 | #endif | 327 | #endif |
@@ -357,7 +336,8 @@ void __attribute__ ((constructor)) GNUNET_CRYPTO_random_init () | |||
357 | } | 336 | } |
358 | 337 | ||
359 | 338 | ||
360 | void __attribute__ ((destructor)) GNUNET_CRYPTO_random_fini () | 339 | void __attribute__ ((destructor)) |
340 | GNUNET_CRYPTO_random_fini () | ||
361 | { | 341 | { |
362 | gcry_set_progress_handler (NULL, NULL); | 342 | gcry_set_progress_handler (NULL, NULL); |
363 | } | 343 | } |