13 files changed, 17 insertions, 98 deletions
diff --git a/src/core/gnunet-service-core.c b/src/core/gnunet-service-core.c
index 2be833fa0..6e0dbc122 100644
--- a/src/core/gnunet-service-core.c
+++ b/src/core/gnunet-service-core.c
@@ -24,6 +24,7 @@
 * @author Christian Grothoff
 */
 #include "platform.h"
+#include <gcrypt.h>
 #include "gnunet_util_lib.h"
 #include "gnunet-service-core.h"
 #include "gnunet-service-core_clients.h"
diff --git a/src/include/gnunet_crypto_lib.h b/src/include/gnunet_crypto_lib.h
index fb299267b..99d4ac58f 100644
--- a/src/include/gnunet_crypto_lib.h
+++ b/src/include/gnunet_crypto_lib.h
@@ -1342,26 +1342,6 @@ GNUNET_CRYPTO_ecc_verify (uint32_t purpose,
                          *publicKey);
-/**
- * This function should only be called in testcases
- * where strong entropy gathering is not desired
- * (for example, for hostkey generation).
- */
-void
-GNUNET_CRYPTO_random_disable_entropy_gathering (void);
-/**
- * Check if we are using weak random number generation.
- *
- * @return GNUNET_YES if weak number generation is on
- *         (thus will return YES if 'GNUNET_CRYPTO_random_disable_entropy_gathering'
- *          was called previously).
- */
-int
-GNUNET_CRYPTO_random_is_weak (void);
 #if 0                           /* keep Emacsens' auto-indent happy */
 {
 #endif
diff --git a/src/util/configuration.c b/src/util/configuration.c
index 72fe0e7d0..c762e3b9c 100644
--- a/src/util/configuration.c
+++ b/src/util/configuration.c
@@ -1499,11 +1499,6 @@ GNUNET_CONFIGURATION_load (struct GNUNET_CONFIGURATION_Handle *cfg,
      (filename != NULL))
    GNUNET_CONFIGURATION_set_value_string (cfg, "PATHS", "DEFAULTCONFIG",
                                           filename);
-  if ((GNUNET_YES ==
-       GNUNET_CONFIGURATION_have_value (cfg, "TESTING", "WEAKRANDOM")) &&
-      (GNUNET_YES ==
-       GNUNET_CONFIGURATION_get_value_yesno (cfg, "TESTING", "WEAKRANDOM")))
-    GNUNET_CRYPTO_random_disable_entropy_gathering ();
  return GNUNET_OK;
 }
diff --git a/src/util/crypto_ecc.c b/src/util/crypto_ecc.c
index 97ba2a3b6..2e4ba6a9d 100644
--- a/src/util/crypto_ecc.c
+++ b/src/util/crypto_ecc.c
@@ -831,7 +831,6 @@ GNUNET_CRYPTO_ecc_key_create_start (const char *filename,
 {
  struct GNUNET_CRYPTO_EccKeyGenerationContext *gc;
  struct GNUNET_CRYPTO_EccPrivateKey *pk;
-  const char *weak_random;
  if (NULL != (pk = try_read_key (filename)))
  {
@@ -859,10 +858,6 @@ GNUNET_CRYPTO_ecc_key_create_start (const char *filename,
    GNUNET_free (gc);
    return NULL;
  }
-  weak_random = NULL;
-  if (GNUNET_YES ==
-      GNUNET_CRYPTO_random_is_weak ())
-    weak_random = "-w";
  gc->gnunet_ecc = GNUNET_OS_start_process (GNUNET_NO,
                                            GNUNET_OS_INHERIT_STD_ERR,
                                            NULL, 
@@ -870,7 +865,6 @@ GNUNET_CRYPTO_ecc_key_create_start (const char *filename,
                                            "gnunet-ecc",
                                            "gnunet-ecc",                                           
                                            gc->filename,
-                                            weak_random,
                                            NULL);
  if (NULL == gc->gnunet_ecc)
  {
diff --git a/src/util/crypto_random.c b/src/util/crypto_random.c
index b61d59613..8ba6641b9 100644
--- a/src/util/crypto_random.c
+++ b/src/util/crypto_random.c
@@ -35,13 +35,6 @@
 #define LOG_STRERROR(kind,syscall) GNUNET_log_from_strerror (kind, "util", syscall)
-/**
- * GNUNET_YES if we are using a 'weak' (low-entropy) PRNG.
- */ 
-static int weak_random;
 /* TODO: ndurner, move this to plibc? */
 /* The code is derived from glibc, obviously */
 #if MINGW
@@ -237,31 +230,6 @@ GNUNET_CRYPTO_random_u64 (enum GNUNET_CRYPTO_Quality mode, uint64_t max)
 /**
- * Check if we are using weak random number generation.
- *
- * @return GNUNET_YES if weak number generation is on
- */
-int
-GNUNET_CRYPTO_random_is_weak ()
-{
-  return weak_random;
-}
-/**
- * This function should only be called in testcases
- * where strong entropy gathering is not desired
- * (for example, for hostkey generation).
- */
-void
-GNUNET_CRYPTO_random_disable_entropy_gathering ()
-{
-  weak_random = GNUNET_YES;
-  gcry_control (GCRYCTL_ENABLE_QUICK_RANDOM, 0);
-}
-/**
 * Process ID of the "find" process that we use for
 * entropy gathering.
 */
@@ -332,10 +300,12 @@ killfind ()
 }
-void __attribute__ ((constructor)) GNUNET_CRYPTO_random_init ()
+void __attribute__ ((constructor)) 
+GNUNET_CRYPTO_random_init ()
 {
-  gcry_control (GCRYCTL_DISABLE_SECMEM, 0);
+  gcry_error_t rc;
-  if (!gcry_check_version (NEED_LIBGCRYPT_VERSION))
+  if (! gcry_check_version (NEED_LIBGCRYPT_VERSION))
  {
    FPRINTF (stderr,
             _
@@ -343,6 +313,15 @@ void __attribute__ ((constructor)) GNUNET_CRYPTO_random_init ()
             NEED_LIBGCRYPT_VERSION);
    GNUNET_abort ();
  }
+  if ((rc = gcry_control (GCRYCTL_DISABLE_SECMEM, 0)))
+    FPRINTF (stderr, "Failed to set libgcrypt option %s: %s\n", "DISABLE_SECMEM",
+             gcry_strerror (rc));
+  /* we only generate ephemeral keys in-process; for those,
+     we are fine with "just" using GCRY_STRONG_RANDOM */
+  if ((rc = gcry_control (GCRYCTL_ENABLE_QUICK_RANDOM, 0)))
+    FPRINTF (stderr,  "Failed to set libgcrypt option %s: %s\n", "ENABLE_QUICK_RANDOM",
+             gcry_strerror (rc));
+  
 #ifdef GCRYCTL_INITIALIZATION_FINISHED
  gcry_control (GCRYCTL_INITIALIZATION_FINISHED, 0);
 #endif
@@ -357,7 +336,8 @@ void __attribute__ ((constructor)) GNUNET_CRYPTO_random_init ()
 }
-void __attribute__ ((destructor)) GNUNET_CRYPTO_random_fini ()
+void __attribute__ ((destructor)) 
+GNUNET_CRYPTO_random_fini ()
 {
  gcry_set_progress_handler (NULL, NULL);
 }
diff --git a/src/util/crypto_rsa.c b/src/util/crypto_rsa.c
index cd9a33f61..6857a1221 100644
--- a/src/util/crypto_rsa.c
+++ b/src/util/crypto_rsa.c
@@ -998,7 +998,6 @@ GNUNET_CRYPTO_rsa_key_create_start (const char *filename,
 {
  struct GNUNET_CRYPTO_RsaKeyGenerationContext *gc;
  struct GNUNET_CRYPTO_RsaPrivateKey *pk;
-  const char *weak_random;
  if (NULL != (pk = try_read_key (filename)))
  {
@@ -1026,10 +1025,6 @@ GNUNET_CRYPTO_rsa_key_create_start (const char *filename,
    GNUNET_free (gc);
    return NULL;
  }
-  weak_random = NULL;
-  if (GNUNET_YES ==
-      GNUNET_CRYPTO_random_is_weak ())
-    weak_random = "-w";
  gc->gnunet_rsa = GNUNET_OS_start_process (GNUNET_NO,
                                            GNUNET_OS_INHERIT_STD_ERR,
                                            NULL, 
@@ -1037,7 +1032,6 @@ GNUNET_CRYPTO_rsa_key_create_start (const char *filename,
                                            "gnunet-rsa",
                                            "gnunet-rsa",                                           
                                            gc->filename,
-                                            weak_random,
                                            NULL);
  if (NULL == gc->gnunet_rsa)
  {
diff --git a/src/util/gnunet-ecc.c b/src/util/gnunet-ecc.c
index d7f1dd58d..a00ef0573 100644
--- a/src/util/gnunet-ecc.c
+++ b/src/util/gnunet-ecc.c
@@ -45,11 +45,6 @@ static int print_peer_identity;
 static int print_short_identity;
 /**
- * Use weak random number generator for key generation.
- */
-static int weak_random;
-/**
 * Option set to create a bunch of keys at once.
 */
 static unsigned int make_keys;
@@ -143,8 +138,6 @@ run (void *cls, char *const *args, const char *cfgfile,
    fprintf (stderr, _("No hostkey file specified on command line\n"));
    return;
  }
-  if (0 != weak_random)    
-    GNUNET_CRYPTO_random_disable_entropy_gathering ();  
  if (make_keys > 0)
  {
    create_keys (args[0]);
@@ -208,9 +201,6 @@ main (int argc, char *const *argv)
    { 's', "print-short-identity", NULL,
      gettext_noop ("print the short hash of the public key in ASCII format"),
      0, &GNUNET_GETOPT_set_one, &print_short_identity },
-    { 'w', "weak-random", NULL,
-      gettext_noop ("use insecure, weak random number generator for key generation (for testing only)"),
-      0, &GNUNET_GETOPT_set_one, &weak_random },
    GNUNET_GETOPT_OPTION_END
  };
  int ret;
diff --git a/src/util/gnunet-rsa.c b/src/util/gnunet-rsa.c
index 1e7132d3f..ab4bf2cb0 100644
--- a/src/util/gnunet-rsa.c
+++ b/src/util/gnunet-rsa.c
@@ -43,11 +43,6 @@ static int print_peer_identity;
 */
 static int print_short_identity;
-/**
- * Use weak random number generator for key generation.
- */
-static int weak_random;
 /**
 * Main function that will be run by the scheduler.
@@ -70,8 +65,6 @@ run (void *cls, char *const *args, const char *cfgfile,
    fprintf (stderr, _("No hostkey file specified on command line\n"));
    return;
  }
-  if (0 != weak_random)    
-    GNUNET_CRYPTO_random_disable_entropy_gathering ();  
  pk = GNUNET_CRYPTO_rsa_key_create_from_file (args[0]);
  if (NULL == pk)
    return;
@@ -127,9 +120,6 @@ main (int argc, char *const*argv)
    { 's', "print-short-identity", NULL,
      gettext_noop ("print the short hash of the public key in ASCII format"),
      0, &GNUNET_GETOPT_set_one, &print_short_identity },
-    { 'w', "weak-random", NULL,
-      gettext_noop ("use insecure, weak random number generator for key generation (for testing only)"),
-      0, &GNUNET_GETOPT_set_one, &weak_random },
    GNUNET_GETOPT_OPTION_END
  };
  int ret;
diff --git a/src/util/test_crypto_aes.c b/src/util/test_crypto_aes.c
index 88b51188e..1c5897c1e 100644
--- a/src/util/test_crypto_aes.c
+++ b/src/util/test_crypto_aes.c
@@ -147,7 +147,6 @@ main (int argc, char *argv[])
  int failureCount = 0;
  GNUNET_log_setup ("test-crypto-aes", "WARNING", NULL);
-  GNUNET_CRYPTO_random_disable_entropy_gathering ();
  GNUNET_assert (strlen (INITVALUE) >
                 sizeof (struct GNUNET_CRYPTO_AesInitializationVector));
  failureCount += testSymcipher ();
diff --git a/src/util/test_crypto_aes_weak.c b/src/util/test_crypto_aes_weak.c
index 201bfeb5d..f2ddf2012 100644
--- a/src/util/test_crypto_aes_weak.c
+++ b/src/util/test_crypto_aes_weak.c
@@ -175,7 +175,6 @@ main (int argc, char *argv[])
  int weak_keys;
  GNUNET_log_setup ("test-crypto-aes-weak", "WARNING", NULL);
-  GNUNET_CRYPTO_random_disable_entropy_gathering ();
  if (GENERATE_WEAK_KEYS)
  {
    weak_keys = getWeakKeys ();
diff --git a/src/util/test_crypto_ecc.c b/src/util/test_crypto_ecc.c
index 6dac1763f..1adb41888 100644
--- a/src/util/test_crypto_ecc.c
+++ b/src/util/test_crypto_ecc.c
@@ -216,7 +216,6 @@ main (int argc, char *argv[])
    return 0;
  }
  GNUNET_log_setup ("test-crypto-ecc", "WARNING", NULL);
-  GNUNET_CRYPTO_random_disable_entropy_gathering ();
  if (GNUNET_OK != testCreateFromFile ())
    failureCount++;
  GNUNET_SCHEDULER_run (&test_async_creation, NULL);
diff --git a/src/util/test_crypto_rsa.c b/src/util/test_crypto_rsa.c
index ee673786d..6574cc970 100644
--- a/src/util/test_crypto_rsa.c
+++ b/src/util/test_crypto_rsa.c
@@ -325,7 +325,6 @@ main (int argc, char *argv[])
  int failureCount = 0;
  GNUNET_log_setup ("test-crypto-rsa", "WARNING", NULL);
-  GNUNET_CRYPTO_random_disable_entropy_gathering ();
  if (GNUNET_OK != testCreateFromFile ())
    failureCount++;
  GNUNET_SCHEDULER_run (&test_async_creation, NULL);
diff --git a/src/util/test_pseudonym.c b/src/util/test_pseudonym.c
index 9b5085b25..56159be1c 100644
--- a/src/util/test_pseudonym.c
+++ b/src/util/test_pseudonym.c
@@ -112,7 +112,6 @@ main (int argc, char *argv[])
  GNUNET_log_setup ("test-pseudonym", "WARNING", NULL);
  ok = GNUNET_YES;
-  GNUNET_CRYPTO_random_disable_entropy_gathering ();
  (void) GNUNET_DISK_directory_remove ("/tmp/gnunet-pseudonym-test");
  cfg = GNUNET_CONFIGURATION_create ();
  if (-1 == GNUNET_CONFIGURATION_parse (cfg, "test_pseudonym_data.conf"))

diff --git a/src/core/gnunet-service-core.c b/src/core/gnunet-service-core.c index 2be833fa0..6e0dbc122 100644 --- a/src/core/gnunet-service-core.c +++ b/src/core/gnunet-service-core.c
@@ -24,6 +24,7 @@
24	* @author Christian Grothoff	24	* @author Christian Grothoff
25	*/	25	*/
26	#include "platform.h"	26	#include "platform.h"
		27	#include <gcrypt.h>
27	#include "gnunet_util_lib.h"	28	#include "gnunet_util_lib.h"
28	#include "gnunet-service-core.h"	29	#include "gnunet-service-core.h"
29	#include "gnunet-service-core_clients.h"	30	#include "gnunet-service-core_clients.h"


diff --git a/src/include/gnunet_crypto_lib.h b/src/include/gnunet_crypto_lib.h index fb299267b..99d4ac58f 100644 --- a/src/include/gnunet_crypto_lib.h +++ b/src/include/gnunet_crypto_lib.h
@@ -1342,26 +1342,6 @@ GNUNET_CRYPTO_ecc_verify (uint32_t purpose,
1342	*publicKey);	1342	*publicKey);
1343		1343
1344		1344
1345	/**
1346	* This function should only be called in testcases
1347	* where strong entropy gathering is not desired
1348	* (for example, for hostkey generation).
1349	*/
1350	void
1351	GNUNET_CRYPTO_random_disable_entropy_gathering (void);
1352
1353
1354	/**
1355	* Check if we are using weak random number generation.
1356	*
1357	* @return GNUNET_YES if weak number generation is on
1358	* (thus will return YES if 'GNUNET_CRYPTO_random_disable_entropy_gathering'
1359	* was called previously).
1360	*/
1361	int
1362	GNUNET_CRYPTO_random_is_weak (void);
1363
1364
1365	#if 0 /* keep Emacsens' auto-indent happy */	1345	#if 0 /* keep Emacsens' auto-indent happy */
1366	{	1346	{
1367	#endif	1347	#endif


diff --git a/src/util/configuration.c b/src/util/configuration.c index 72fe0e7d0..c762e3b9c 100644 --- a/src/util/configuration.c +++ b/src/util/configuration.c
@@ -1499,11 +1499,6 @@ GNUNET_CONFIGURATION_load (struct GNUNET_CONFIGURATION_Handle *cfg,
1499	(filename != NULL))	1499	(filename != NULL))
1500	GNUNET_CONFIGURATION_set_value_string (cfg, "PATHS", "DEFAULTCONFIG",	1500	GNUNET_CONFIGURATION_set_value_string (cfg, "PATHS", "DEFAULTCONFIG",
1501	filename);	1501	filename);
1502	if ((GNUNET_YES ==
1503	GNUNET_CONFIGURATION_have_value (cfg, "TESTING", "WEAKRANDOM")) &&
1504	(GNUNET_YES ==
1505	GNUNET_CONFIGURATION_get_value_yesno (cfg, "TESTING", "WEAKRANDOM")))
1506	GNUNET_CRYPTO_random_disable_entropy_gathering ();
1507	return GNUNET_OK;	1502	return GNUNET_OK;
1508	}	1503	}
1509		1504


diff --git a/src/util/crypto_ecc.c b/src/util/crypto_ecc.c index 97ba2a3b6..2e4ba6a9d 100644 --- a/src/util/crypto_ecc.c +++ b/src/util/crypto_ecc.c
@@ -831,7 +831,6 @@ GNUNET_CRYPTO_ecc_key_create_start (const char *filename,
831	{	831	{
832	struct GNUNET_CRYPTO_EccKeyGenerationContext *gc;	832	struct GNUNET_CRYPTO_EccKeyGenerationContext *gc;
833	struct GNUNET_CRYPTO_EccPrivateKey *pk;	833	struct GNUNET_CRYPTO_EccPrivateKey *pk;
834	const char *weak_random;
835		834
836	if (NULL != (pk = try_read_key (filename)))	835	if (NULL != (pk = try_read_key (filename)))
837	{	836	{
@@ -859,10 +858,6 @@ GNUNET_CRYPTO_ecc_key_create_start (const char *filename,
859	GNUNET_free (gc);	858	GNUNET_free (gc);
860	return NULL;	859	return NULL;
861	}	860	}
862	weak_random = NULL;
863	if (GNUNET_YES ==
864	GNUNET_CRYPTO_random_is_weak ())
865	weak_random = "-w";
866	gc->gnunet_ecc = GNUNET_OS_start_process (GNUNET_NO,	861	gc->gnunet_ecc = GNUNET_OS_start_process (GNUNET_NO,
867	GNUNET_OS_INHERIT_STD_ERR,	862	GNUNET_OS_INHERIT_STD_ERR,
868	NULL,	863	NULL,
@@ -870,7 +865,6 @@ GNUNET_CRYPTO_ecc_key_create_start (const char *filename,
870	"gnunet-ecc",	865	"gnunet-ecc",
871	"gnunet-ecc",	866	"gnunet-ecc",
872	gc->filename,	867	gc->filename,
873	weak_random,
874	NULL);	868	NULL);
875	if (NULL == gc->gnunet_ecc)	869	if (NULL == gc->gnunet_ecc)
876	{	870	{


diff --git a/src/util/crypto_random.c b/src/util/crypto_random.c index b61d59613..8ba6641b9 100644 --- a/src/util/crypto_random.c +++ b/src/util/crypto_random.c
@@ -35,13 +35,6 @@
35	#define LOG_STRERROR(kind,syscall) GNUNET_log_from_strerror (kind, "util", syscall)	35	#define LOG_STRERROR(kind,syscall) GNUNET_log_from_strerror (kind, "util", syscall)
36		36
37		37
38	/**
39	* GNUNET_YES if we are using a 'weak' (low-entropy) PRNG.
40	*/
41	static int weak_random;
42
43
44
45	/* TODO: ndurner, move this to plibc? */	38	/* TODO: ndurner, move this to plibc? */
46	/* The code is derived from glibc, obviously */	39	/* The code is derived from glibc, obviously */
47	#if MINGW	40	#if MINGW
@@ -237,31 +230,6 @@ GNUNET_CRYPTO_random_u64 (enum GNUNET_CRYPTO_Quality mode, uint64_t max)
237		230
238		231
239	/**	232	/**
240	* Check if we are using weak random number generation.
241	*
242	* @return GNUNET_YES if weak number generation is on
243	*/
244	int
245	GNUNET_CRYPTO_random_is_weak ()
246	{
247	return weak_random;
248	}
249
250
251	/**
252	* This function should only be called in testcases
253	* where strong entropy gathering is not desired
254	* (for example, for hostkey generation).
255	*/
256	void
257	GNUNET_CRYPTO_random_disable_entropy_gathering ()
258	{
259	weak_random = GNUNET_YES;
260	gcry_control (GCRYCTL_ENABLE_QUICK_RANDOM, 0);
261	}
262
263
264	/**
265	* Process ID of the "find" process that we use for	233	* Process ID of the "find" process that we use for
266	* entropy gathering.	234	* entropy gathering.
267	*/	235	*/
@@ -332,10 +300,12 @@ killfind ()
332	}	300	}
333		301
334		302
335	void __attribute__ ((constructor)) GNUNET_CRYPTO_random_init ()	303	void __attribute__ ((constructor))
		304	GNUNET_CRYPTO_random_init ()
336	{	305	{
337	gcry_control (GCRYCTL_DISABLE_SECMEM, 0);	306	gcry_error_t rc;
338	if (!gcry_check_version (NEED_LIBGCRYPT_VERSION))	307
		308	if (! gcry_check_version (NEED_LIBGCRYPT_VERSION))
339	{	309	{
340	FPRINTF (stderr,	310	FPRINTF (stderr,
341	_	311	_
@@ -343,6 +313,15 @@ void __attribute__ ((constructor)) GNUNET_CRYPTO_random_init ()
343	NEED_LIBGCRYPT_VERSION);	313	NEED_LIBGCRYPT_VERSION);
344	GNUNET_abort ();	314	GNUNET_abort ();
345	}	315	}
		316	if ((rc = gcry_control (GCRYCTL_DISABLE_SECMEM, 0)))
		317	FPRINTF (stderr, "Failed to set libgcrypt option %s: %s\n", "DISABLE_SECMEM",
		318	gcry_strerror (rc));
		319	/* we only generate ephemeral keys in-process; for those,
		320	we are fine with "just" using GCRY_STRONG_RANDOM */
		321	if ((rc = gcry_control (GCRYCTL_ENABLE_QUICK_RANDOM, 0)))
		322	FPRINTF (stderr, "Failed to set libgcrypt option %s: %s\n", "ENABLE_QUICK_RANDOM",
		323	gcry_strerror (rc));
		324
346	#ifdef GCRYCTL_INITIALIZATION_FINISHED	325	#ifdef GCRYCTL_INITIALIZATION_FINISHED
347	gcry_control (GCRYCTL_INITIALIZATION_FINISHED, 0);	326	gcry_control (GCRYCTL_INITIALIZATION_FINISHED, 0);
348	#endif	327	#endif
@@ -357,7 +336,8 @@ void __attribute__ ((constructor)) GNUNET_CRYPTO_random_init ()
357	}	336	}
358		337
359		338
360	void __attribute__ ((destructor)) GNUNET_CRYPTO_random_fini ()	339	void __attribute__ ((destructor))
		340	GNUNET_CRYPTO_random_fini ()
361	{	341	{
362	gcry_set_progress_handler (NULL, NULL);	342	gcry_set_progress_handler (NULL, NULL);
363	}	343	}


diff --git a/src/util/crypto_rsa.c b/src/util/crypto_rsa.c index cd9a33f61..6857a1221 100644 --- a/src/util/crypto_rsa.c +++ b/src/util/crypto_rsa.c
@@ -998,7 +998,6 @@ GNUNET_CRYPTO_rsa_key_create_start (const char *filename,
998	{	998	{
999	struct GNUNET_CRYPTO_RsaKeyGenerationContext *gc;	999	struct GNUNET_CRYPTO_RsaKeyGenerationContext *gc;
1000	struct GNUNET_CRYPTO_RsaPrivateKey *pk;	1000	struct GNUNET_CRYPTO_RsaPrivateKey *pk;
1001	const char *weak_random;
1002		1001
1003	if (NULL != (pk = try_read_key (filename)))	1002	if (NULL != (pk = try_read_key (filename)))
1004	{	1003	{
@@ -1026,10 +1025,6 @@ GNUNET_CRYPTO_rsa_key_create_start (const char *filename,
1026	GNUNET_free (gc);	1025	GNUNET_free (gc);
1027	return NULL;	1026	return NULL;
1028	}	1027	}
1029	weak_random = NULL;
1030	if (GNUNET_YES ==
1031	GNUNET_CRYPTO_random_is_weak ())
1032	weak_random = "-w";
1033	gc->gnunet_rsa = GNUNET_OS_start_process (GNUNET_NO,	1028	gc->gnunet_rsa = GNUNET_OS_start_process (GNUNET_NO,
1034	GNUNET_OS_INHERIT_STD_ERR,	1029	GNUNET_OS_INHERIT_STD_ERR,
1035	NULL,	1030	NULL,
@@ -1037,7 +1032,6 @@ GNUNET_CRYPTO_rsa_key_create_start (const char *filename,
1037	"gnunet-rsa",	1032	"gnunet-rsa",
1038	"gnunet-rsa",	1033	"gnunet-rsa",
1039	gc->filename,	1034	gc->filename,
1040	weak_random,
1041	NULL);	1035	NULL);
1042	if (NULL == gc->gnunet_rsa)	1036	if (NULL == gc->gnunet_rsa)
1043	{	1037	{


diff --git a/src/util/gnunet-ecc.c b/src/util/gnunet-ecc.c index d7f1dd58d..a00ef0573 100644 --- a/src/util/gnunet-ecc.c +++ b/src/util/gnunet-ecc.c
@@ -45,11 +45,6 @@ static int print_peer_identity;
45	static int print_short_identity;	45	static int print_short_identity;
46		46
47	/**	47	/**
48	* Use weak random number generator for key generation.
49	*/
50	static int weak_random;
51
52	/**
53	* Option set to create a bunch of keys at once.	48	* Option set to create a bunch of keys at once.
54	*/	49	*/
55	static unsigned int make_keys;	50	static unsigned int make_keys;
@@ -143,8 +138,6 @@ run (void cls, char const args, const char cfgfile,
143	fprintf (stderr, _("No hostkey file specified on command line\n"));	138	fprintf (stderr, _("No hostkey file specified on command line\n"));
144	return;	139	return;
145	}	140	}
146	if (0 != weak_random)
147	GNUNET_CRYPTO_random_disable_entropy_gathering ();
148	if (make_keys > 0)	141	if (make_keys > 0)
149	{	142	{
150	create_keys (args[0]);	143	create_keys (args[0]);
@@ -208,9 +201,6 @@ main (int argc, char const argv)
208	{ 's', "print-short-identity", NULL,	201	{ 's', "print-short-identity", NULL,
209	gettext_noop ("print the short hash of the public key in ASCII format"),	202	gettext_noop ("print the short hash of the public key in ASCII format"),
210	0, &GNUNET_GETOPT_set_one, &print_short_identity },	203	0, &GNUNET_GETOPT_set_one, &print_short_identity },
211	{ 'w', "weak-random", NULL,
212	gettext_noop ("use insecure, weak random number generator for key generation (for testing only)"),
213	0, &GNUNET_GETOPT_set_one, &weak_random },
214	GNUNET_GETOPT_OPTION_END	204	GNUNET_GETOPT_OPTION_END
215	};	205	};
216	int ret;	206	int ret;


diff --git a/src/util/gnunet-rsa.c b/src/util/gnunet-rsa.c index 1e7132d3f..ab4bf2cb0 100644 --- a/src/util/gnunet-rsa.c +++ b/src/util/gnunet-rsa.c
@@ -43,11 +43,6 @@ static int print_peer_identity;
43	*/	43	*/
44	static int print_short_identity;	44	static int print_short_identity;
45		45
46	/**
47	* Use weak random number generator for key generation.
48	*/
49	static int weak_random;
50
51		46
52	/**	47	/**
53	* Main function that will be run by the scheduler.	48	* Main function that will be run by the scheduler.
@@ -70,8 +65,6 @@ run (void cls, char const args, const char cfgfile,
70	fprintf (stderr, _("No hostkey file specified on command line\n"));	65	fprintf (stderr, _("No hostkey file specified on command line\n"));
71	return;	66	return;
72	}	67	}
73	if (0 != weak_random)
74	GNUNET_CRYPTO_random_disable_entropy_gathering ();
75	pk = GNUNET_CRYPTO_rsa_key_create_from_file (args[0]);	68	pk = GNUNET_CRYPTO_rsa_key_create_from_file (args[0]);
76	if (NULL == pk)	69	if (NULL == pk)
77	return;	70	return;
@@ -127,9 +120,6 @@ main (int argc, char constargv)
127	{ 's', "print-short-identity", NULL,	120	{ 's', "print-short-identity", NULL,
128	gettext_noop ("print the short hash of the public key in ASCII format"),	121	gettext_noop ("print the short hash of the public key in ASCII format"),
129	0, &GNUNET_GETOPT_set_one, &print_short_identity },	122	0, &GNUNET_GETOPT_set_one, &print_short_identity },
130	{ 'w', "weak-random", NULL,
131	gettext_noop ("use insecure, weak random number generator for key generation (for testing only)"),
132	0, &GNUNET_GETOPT_set_one, &weak_random },
133	GNUNET_GETOPT_OPTION_END	123	GNUNET_GETOPT_OPTION_END
134	};	124	};
135	int ret;	125	int ret;


diff --git a/src/util/test_crypto_aes.c b/src/util/test_crypto_aes.c index 88b51188e..1c5897c1e 100644 --- a/src/util/test_crypto_aes.c +++ b/src/util/test_crypto_aes.c
@@ -147,7 +147,6 @@ main (int argc, char *argv[])
147	int failureCount = 0;	147	int failureCount = 0;
148		148
149	GNUNET_log_setup ("test-crypto-aes", "WARNING", NULL);	149	GNUNET_log_setup ("test-crypto-aes", "WARNING", NULL);
150	GNUNET_CRYPTO_random_disable_entropy_gathering ();
151	GNUNET_assert (strlen (INITVALUE) >	150	GNUNET_assert (strlen (INITVALUE) >
152	sizeof (struct GNUNET_CRYPTO_AesInitializationVector));	151	sizeof (struct GNUNET_CRYPTO_AesInitializationVector));
153	failureCount += testSymcipher ();	152	failureCount += testSymcipher ();


diff --git a/src/util/test_crypto_aes_weak.c b/src/util/test_crypto_aes_weak.c index 201bfeb5d..f2ddf2012 100644 --- a/src/util/test_crypto_aes_weak.c +++ b/src/util/test_crypto_aes_weak.c
@@ -175,7 +175,6 @@ main (int argc, char *argv[])
175	int weak_keys;	175	int weak_keys;
176		176
177	GNUNET_log_setup ("test-crypto-aes-weak", "WARNING", NULL);	177	GNUNET_log_setup ("test-crypto-aes-weak", "WARNING", NULL);
178	GNUNET_CRYPTO_random_disable_entropy_gathering ();
179	if (GENERATE_WEAK_KEYS)	178	if (GENERATE_WEAK_KEYS)
180	{	179	{
181	weak_keys = getWeakKeys ();	180	weak_keys = getWeakKeys ();


diff --git a/src/util/test_crypto_ecc.c b/src/util/test_crypto_ecc.c index 6dac1763f..1adb41888 100644 --- a/src/util/test_crypto_ecc.c +++ b/src/util/test_crypto_ecc.c
@@ -216,7 +216,6 @@ main (int argc, char *argv[])
216	return 0;	216	return 0;
217	}	217	}
218	GNUNET_log_setup ("test-crypto-ecc", "WARNING", NULL);	218	GNUNET_log_setup ("test-crypto-ecc", "WARNING", NULL);
219	GNUNET_CRYPTO_random_disable_entropy_gathering ();
220	if (GNUNET_OK != testCreateFromFile ())	219	if (GNUNET_OK != testCreateFromFile ())
221	failureCount++;	220	failureCount++;
222	GNUNET_SCHEDULER_run (&test_async_creation, NULL);	221	GNUNET_SCHEDULER_run (&test_async_creation, NULL);


diff --git a/src/util/test_crypto_rsa.c b/src/util/test_crypto_rsa.c index ee673786d..6574cc970 100644 --- a/src/util/test_crypto_rsa.c +++ b/src/util/test_crypto_rsa.c
@@ -325,7 +325,6 @@ main (int argc, char *argv[])
325	int failureCount = 0;	325	int failureCount = 0;
326		326
327	GNUNET_log_setup ("test-crypto-rsa", "WARNING", NULL);	327	GNUNET_log_setup ("test-crypto-rsa", "WARNING", NULL);
328	GNUNET_CRYPTO_random_disable_entropy_gathering ();
329	if (GNUNET_OK != testCreateFromFile ())	328	if (GNUNET_OK != testCreateFromFile ())
330	failureCount++;	329	failureCount++;
331	GNUNET_SCHEDULER_run (&test_async_creation, NULL);	330	GNUNET_SCHEDULER_run (&test_async_creation, NULL);


diff --git a/src/util/test_pseudonym.c b/src/util/test_pseudonym.c index 9b5085b25..56159be1c 100644 --- a/src/util/test_pseudonym.c +++ b/src/util/test_pseudonym.c
@@ -112,7 +112,6 @@ main (int argc, char *argv[])
112		112
113	GNUNET_log_setup ("test-pseudonym", "WARNING", NULL);	113	GNUNET_log_setup ("test-pseudonym", "WARNING", NULL);
114	ok = GNUNET_YES;	114	ok = GNUNET_YES;
115	GNUNET_CRYPTO_random_disable_entropy_gathering ();
116	(void) GNUNET_DISK_directory_remove ("/tmp/gnunet-pseudonym-test");	115	(void) GNUNET_DISK_directory_remove ("/tmp/gnunet-pseudonym-test");
117	cfg = GNUNET_CONFIGURATION_create ();	116	cfg = GNUNET_CONFIGURATION_create ();
118	if (-1 == GNUNET_CONFIGURATION_parse (cfg, "test_pseudonym_data.conf"))	117	if (-1 == GNUNET_CONFIGURATION_parse (cfg, "test_pseudonym_data.conf"))