diff options
author | Christian Grothoff <christian@grothoff.org> | 2011-10-11 09:43:04 +0000 |
---|---|---|
committer | Christian Grothoff <christian@grothoff.org> | 2011-10-11 09:43:04 +0000 |
commit | d9d94d0e53d26af75ec8241383d166544ebd79f3 (patch) | |
tree | 9080b73624389403a198257fe0547bb4634e64d2 /src/util/crypto_random.c | |
parent | 2d792ee2e9cc0c993b8907e2c8edb0c2b8465343 (diff) | |
download | gnunet-d9d94d0e53d26af75ec8241383d166544ebd79f3.tar.gz gnunet-d9d94d0e53d26af75ec8241383d166544ebd79f3.zip |
converting to GNUNET_LOG_from*
Diffstat (limited to 'src/util/crypto_random.c')
-rw-r--r-- | src/util/crypto_random.c | 203 |
1 files changed, 104 insertions, 99 deletions
diff --git a/src/util/crypto_random.c b/src/util/crypto_random.c index 445f99a62..7fb2d1428 100644 --- a/src/util/crypto_random.c +++ b/src/util/crypto_random.c | |||
@@ -30,6 +30,10 @@ | |||
30 | #include "gnunet_os_lib.h" | 30 | #include "gnunet_os_lib.h" |
31 | #include <gcrypt.h> | 31 | #include <gcrypt.h> |
32 | 32 | ||
33 | #define LOG(kind,...) GNUNET_log_from (kind, "util", __VA_ARGS__) | ||
34 | |||
35 | #define LOG_STRERROR(kind,syscall) GNUNET_log_from_strerror (kind, "util", syscall) | ||
36 | |||
33 | /** | 37 | /** |
34 | * Create a cryptographically weak pseudo-random number in the interval of 0 to 1. | 38 | * Create a cryptographically weak pseudo-random number in the interval of 0 to 1. |
35 | * | 39 | * |
@@ -61,37 +65,37 @@ GNUNET_CRYPTO_random_u32 (enum GNUNET_CRYPTO_Quality mode, uint32_t i) | |||
61 | GNUNET_assert (i > 0); | 65 | GNUNET_assert (i > 0); |
62 | 66 | ||
63 | switch (mode) | 67 | switch (mode) |
64 | { | 68 | { |
65 | case GNUNET_CRYPTO_QUALITY_STRONG: | 69 | case GNUNET_CRYPTO_QUALITY_STRONG: |
66 | /* see http://lists.gnupg.org/pipermail/gcrypt-devel/2004-May/000613.html */ | 70 | /* see http://lists.gnupg.org/pipermail/gcrypt-devel/2004-May/000613.html */ |
67 | #ifdef gcry_fast_random_poll | 71 | #ifdef gcry_fast_random_poll |
68 | if ((invokeCount++ % 256) == 0) | 72 | if ((invokeCount++ % 256) == 0) |
69 | gcry_fast_random_poll (); | 73 | gcry_fast_random_poll (); |
70 | #endif | 74 | #endif |
71 | ul = UINT32_MAX - (UINT32_MAX % i); | 75 | ul = UINT32_MAX - (UINT32_MAX % i); |
72 | do | 76 | do |
73 | { | 77 | { |
74 | gcry_randomize ((unsigned char *) &ret, sizeof (uint32_t), | 78 | gcry_randomize ((unsigned char *) &ret, sizeof (uint32_t), |
75 | GCRY_STRONG_RANDOM); | 79 | GCRY_STRONG_RANDOM); |
80 | } | ||
81 | while (ret >= ul); | ||
82 | return ret % i; | ||
83 | case GNUNET_CRYPTO_QUALITY_NONCE: | ||
84 | ul = UINT32_MAX - (UINT32_MAX % i); | ||
85 | do | ||
86 | { | ||
87 | gcry_create_nonce (&ret, sizeof (ret)); | ||
88 | } | ||
89 | while (ret >= ul); | ||
90 | return ret % i; | ||
91 | case GNUNET_CRYPTO_QUALITY_WEAK: | ||
92 | ret = i * weak_random (); | ||
93 | if (ret >= i) | ||
94 | ret = i - 1; | ||
95 | return ret; | ||
96 | default: | ||
97 | GNUNET_assert (0); | ||
76 | } | 98 | } |
77 | while (ret >= ul); | ||
78 | return ret % i; | ||
79 | case GNUNET_CRYPTO_QUALITY_NONCE: | ||
80 | ul = UINT32_MAX - (UINT32_MAX % i); | ||
81 | do | ||
82 | { | ||
83 | gcry_create_nonce (&ret, sizeof (ret)); | ||
84 | } | ||
85 | while (ret >= ul); | ||
86 | return ret % i; | ||
87 | case GNUNET_CRYPTO_QUALITY_WEAK: | ||
88 | ret = i * weak_random (); | ||
89 | if (ret >= i) | ||
90 | ret = i - 1; | ||
91 | return ret; | ||
92 | default: | ||
93 | GNUNET_assert (0); | ||
94 | } | ||
95 | return 0; | 99 | return 0; |
96 | } | 100 | } |
97 | 101 | ||
@@ -117,12 +121,12 @@ GNUNET_CRYPTO_random_permute (enum GNUNET_CRYPTO_Quality mode, unsigned int n) | |||
117 | for (i = 0; i < n; i++) | 121 | for (i = 0; i < n; i++) |
118 | ret[i] = i; | 122 | ret[i] = i; |
119 | for (i = n - 1; i > 0; i--) | 123 | for (i = n - 1; i > 0; i--) |
120 | { | 124 | { |
121 | x = GNUNET_CRYPTO_random_u32 (mode, i + 1); | 125 | x = GNUNET_CRYPTO_random_u32 (mode, i + 1); |
122 | tmp = ret[x]; | 126 | tmp = ret[x]; |
123 | ret[x] = ret[i]; | 127 | ret[x] = ret[i]; |
124 | ret[i] = tmp; | 128 | ret[i] = tmp; |
125 | } | 129 | } |
126 | return ret; | 130 | return ret; |
127 | } | 131 | } |
128 | 132 | ||
@@ -142,33 +146,33 @@ GNUNET_CRYPTO_random_u64 (enum GNUNET_CRYPTO_Quality mode, uint64_t max) | |||
142 | 146 | ||
143 | GNUNET_assert (max > 0); | 147 | GNUNET_assert (max > 0); |
144 | switch (mode) | 148 | switch (mode) |
145 | { | ||
146 | case GNUNET_CRYPTO_QUALITY_STRONG: | ||
147 | ul = UINT64_MAX - (UINT64_MAX % max); | ||
148 | do | ||
149 | { | ||
150 | gcry_randomize ((unsigned char *) &ret, sizeof (uint64_t), | ||
151 | GCRY_STRONG_RANDOM); | ||
152 | } | ||
153 | while (ret >= ul); | ||
154 | return ret % max; | ||
155 | case GNUNET_CRYPTO_QUALITY_NONCE: | ||
156 | ul = UINT64_MAX - (UINT64_MAX % max); | ||
157 | do | ||
158 | { | 149 | { |
159 | gcry_create_nonce (&ret, sizeof (ret)); | 150 | case GNUNET_CRYPTO_QUALITY_STRONG: |
151 | ul = UINT64_MAX - (UINT64_MAX % max); | ||
152 | do | ||
153 | { | ||
154 | gcry_randomize ((unsigned char *) &ret, sizeof (uint64_t), | ||
155 | GCRY_STRONG_RANDOM); | ||
156 | } | ||
157 | while (ret >= ul); | ||
158 | return ret % max; | ||
159 | case GNUNET_CRYPTO_QUALITY_NONCE: | ||
160 | ul = UINT64_MAX - (UINT64_MAX % max); | ||
161 | do | ||
162 | { | ||
163 | gcry_create_nonce (&ret, sizeof (ret)); | ||
164 | } | ||
165 | while (ret >= ul); | ||
166 | |||
167 | return ret % max; | ||
168 | case GNUNET_CRYPTO_QUALITY_WEAK: | ||
169 | ret = max * weak_random (); | ||
170 | if (ret >= max) | ||
171 | ret = max - 1; | ||
172 | return ret; | ||
173 | default: | ||
174 | GNUNET_assert (0); | ||
160 | } | 175 | } |
161 | while (ret >= ul); | ||
162 | |||
163 | return ret % max; | ||
164 | case GNUNET_CRYPTO_QUALITY_WEAK: | ||
165 | ret = max * weak_random (); | ||
166 | if (ret >= max) | ||
167 | ret = max - 1; | ||
168 | return ret; | ||
169 | default: | ||
170 | GNUNET_assert (0); | ||
171 | } | ||
172 | return 0; | 176 | return 0; |
173 | } | 177 | } |
174 | 178 | ||
@@ -196,7 +200,7 @@ static struct GNUNET_OS_Process *genproc; | |||
196 | */ | 200 | */ |
197 | static void | 201 | static void |
198 | entropy_generator (void *cls, const char *what, int printchar, int current, | 202 | entropy_generator (void *cls, const char *what, int printchar, int current, |
199 | int total) | 203 | int total) |
200 | { | 204 | { |
201 | unsigned long code; | 205 | unsigned long code; |
202 | enum GNUNET_OS_ProcessStatusType type; | 206 | enum GNUNET_OS_ProcessStatusType type; |
@@ -205,39 +209,39 @@ entropy_generator (void *cls, const char *what, int printchar, int current, | |||
205 | if (0 != strcmp (what, "need_entropy")) | 209 | if (0 != strcmp (what, "need_entropy")) |
206 | return; | 210 | return; |
207 | if (current == total) | 211 | if (current == total) |
208 | { | ||
209 | if (genproc != NULL) | ||
210 | { | 212 | { |
213 | if (genproc != NULL) | ||
214 | { | ||
215 | if (0 != GNUNET_OS_process_kill (genproc, SIGTERM)) | ||
216 | LOG_STRERROR (GNUNET_ERROR_TYPE_ERROR, "kill"); | ||
217 | GNUNET_break (GNUNET_OK == GNUNET_OS_process_wait (genproc)); | ||
218 | GNUNET_OS_process_close (genproc); | ||
219 | genproc = NULL; | ||
220 | } | ||
221 | return; | ||
222 | } | ||
223 | if (genproc != NULL) | ||
224 | { | ||
225 | ret = GNUNET_OS_process_status (genproc, &type, &code); | ||
226 | if (ret == GNUNET_NO) | ||
227 | return; /* still running */ | ||
228 | if (ret == GNUNET_SYSERR) | ||
229 | { | ||
230 | GNUNET_break (0); | ||
231 | return; | ||
232 | } | ||
211 | if (0 != GNUNET_OS_process_kill (genproc, SIGTERM)) | 233 | if (0 != GNUNET_OS_process_kill (genproc, SIGTERM)) |
212 | GNUNET_log_strerror (GNUNET_ERROR_TYPE_ERROR, "kill"); | 234 | LOG_STRERROR (GNUNET_ERROR_TYPE_ERROR, "kill"); |
213 | GNUNET_break (GNUNET_OK == GNUNET_OS_process_wait (genproc)); | 235 | GNUNET_break (GNUNET_OK == GNUNET_OS_process_wait (genproc)); |
214 | GNUNET_OS_process_close (genproc); | 236 | GNUNET_OS_process_close (genproc); |
215 | genproc = NULL; | 237 | genproc = NULL; |
216 | } | 238 | } |
217 | return; | 239 | LOG (GNUNET_ERROR_TYPE_INFO, |
218 | } | 240 | _("Starting `%s' process to generate entropy\n"), "find"); |
219 | if (genproc != NULL) | ||
220 | { | ||
221 | ret = GNUNET_OS_process_status (genproc, &type, &code); | ||
222 | if (ret == GNUNET_NO) | ||
223 | return; /* still running */ | ||
224 | if (ret == GNUNET_SYSERR) | ||
225 | { | ||
226 | GNUNET_break (0); | ||
227 | return; | ||
228 | } | ||
229 | if (0 != GNUNET_OS_process_kill (genproc, SIGTERM)) | ||
230 | GNUNET_log_strerror (GNUNET_ERROR_TYPE_ERROR, "kill"); | ||
231 | GNUNET_break (GNUNET_OK == GNUNET_OS_process_wait (genproc)); | ||
232 | GNUNET_OS_process_close (genproc); | ||
233 | genproc = NULL; | ||
234 | } | ||
235 | GNUNET_log (GNUNET_ERROR_TYPE_INFO, | ||
236 | _("Starting `%s' process to generate entropy\n"), "find"); | ||
237 | genproc = | 241 | genproc = |
238 | GNUNET_OS_start_process (NULL, NULL, "sh", "sh", "-c", | 242 | GNUNET_OS_start_process (NULL, NULL, "sh", "sh", "-c", |
239 | "exec find / -mount -type f -exec cp {} /dev/null \\; 2>/dev/null", | 243 | "exec find / -mount -type f -exec cp {} /dev/null \\; 2>/dev/null", |
240 | NULL); | 244 | NULL); |
241 | } | 245 | } |
242 | 246 | ||
243 | 247 | ||
@@ -245,11 +249,11 @@ static void | |||
245 | killfind () | 249 | killfind () |
246 | { | 250 | { |
247 | if (genproc != NULL) | 251 | if (genproc != NULL) |
248 | { | 252 | { |
249 | GNUNET_OS_process_kill (genproc, SIGKILL); | 253 | GNUNET_OS_process_kill (genproc, SIGKILL); |
250 | GNUNET_OS_process_close (genproc); | 254 | GNUNET_OS_process_close (genproc); |
251 | genproc = NULL; | 255 | genproc = NULL; |
252 | } | 256 | } |
253 | } | 257 | } |
254 | 258 | ||
255 | 259 | ||
@@ -257,20 +261,21 @@ void __attribute__ ((constructor)) GNUNET_CRYPTO_random_init () | |||
257 | { | 261 | { |
258 | gcry_control (GCRYCTL_DISABLE_SECMEM, 0); | 262 | gcry_control (GCRYCTL_DISABLE_SECMEM, 0); |
259 | if (!gcry_check_version (GCRYPT_VERSION)) | 263 | if (!gcry_check_version (GCRYPT_VERSION)) |
260 | { | 264 | { |
261 | fprintf (stderr, | 265 | fprintf (stderr, |
262 | _ | 266 | _ |
263 | ("libgcrypt has not the expected version (version %s is required).\n"), | 267 | ("libgcrypt has not the expected version (version %s is required).\n"), |
264 | GCRYPT_VERSION); | 268 | GCRYPT_VERSION); |
265 | abort (); | 269 | abort (); |
266 | } | 270 | } |
267 | #ifdef gcry_fast_random_poll | 271 | #ifdef gcry_fast_random_poll |
268 | gcry_fast_random_poll (); | 272 | gcry_fast_random_poll (); |
269 | #endif | 273 | #endif |
270 | gcry_set_progress_handler (&entropy_generator, NULL); | 274 | gcry_set_progress_handler (&entropy_generator, NULL); |
271 | atexit (&killfind); | 275 | atexit (&killfind); |
272 | SRANDOM (time (NULL) ^ | 276 | SRANDOM (time (NULL) ^ |
273 | GNUNET_CRYPTO_random_u32 (GNUNET_CRYPTO_QUALITY_NONCE, UINT32_MAX)); | 277 | GNUNET_CRYPTO_random_u32 (GNUNET_CRYPTO_QUALITY_NONCE, |
278 | UINT32_MAX)); | ||
274 | } | 279 | } |
275 | 280 | ||
276 | 281 | ||