diff options
author | Simon Josefsson <simon@josefsson.org> | 2005-08-30 09:30:43 +0000 |
---|---|---|
committer | Simon Josefsson <simon@josefsson.org> | 2005-08-30 09:30:43 +0000 |
commit | a34bb376600386a6434cecba341c458fc4388e6c (patch) | |
tree | 25e62de2b7322ad6980c9f5d85f790f6b35bf6a6 | |
parent | 808346e3fd6cead6e121bad8fd1b7fc293da5c56 (diff) | |
download | gnutls-a34bb376600386a6434cecba341c458fc4388e6c.tar.gz |
Pull up from HEAD.
-rw-r--r-- | lib/Makefile.am | 2 | ||||
-rw-r--r-- | lib/auth_rsa.c | 45 | ||||
-rw-r--r-- | lib/auth_srp_passwd.c | 18 | ||||
-rw-r--r-- | lib/gnutls_cipher.c | 14 | ||||
-rw-r--r-- | lib/gnutls_handshake.c | 14 | ||||
-rw-r--r-- | lib/gnutls_pk.c | 12 | ||||
-rw-r--r-- | lib/gnutls_random.c | 57 | ||||
-rw-r--r-- | lib/gnutls_random.h | 31 | ||||
-rw-r--r-- | lib/x509/pkcs12.c | 6 | ||||
-rw-r--r-- | lib/x509/privkey_pkcs8.c | 28 |
10 files changed, 84 insertions, 143 deletions
diff --git a/lib/Makefile.am b/lib/Makefile.am index c21f807e3d..e29aadfd08 100644 --- a/lib/Makefile.am +++ b/lib/Makefile.am @@ -58,7 +58,7 @@ COBJECTS = gnutls_record.c gnutls_compress.c debug.c gnutls_cipher.c \ gnutls_errors.c gnutls_algorithms.c gnutls_dh.c gnutls_kx.c \ gnutls_priority.c gnutls_hash_int.c gnutls_cipher_int.c \ gnutls_compress_int.c gnutls_session.c gnutls_db.c x509_b64.c \ - auth_anon.c gnutls_extensions.c gnutls_auth.c gnutls_random.c \ + auth_anon.c gnutls_extensions.c gnutls_auth.c \ gnutls_v2_compat.c gnutls_datum.c auth_rsa.c \ gnutls_session_pack.c gnutls_mpi.c gnutls_pk.c gnutls_cert.c \ gnutls_global.c gnutls_constate.c gnutls_anon_cred.c \ diff --git a/lib/auth_rsa.c b/lib/auth_rsa.c index 662cbf6f4d..39d3cdf280 100644 --- a/lib/auth_rsa.c +++ b/lib/auth_rsa.c @@ -42,6 +42,7 @@ #include <gnutls_sig.h> #include <gnutls_x509.h> #include <gnutls_extra.h> +#include <gc.h> int _gnutls_gen_rsa_client_kx(gnutls_session_t, opaque **); int _gnutls_proc_rsa_client_kx(gnutls_session_t, opaque *, size_t); @@ -190,15 +191,6 @@ int _gnutls_get_private_rsa_params(gnutls_session_t session, return 0; } - - -#define RANDOMIZE_KEY(x, galloc, rand) x.size=TLS_MASTER_SIZE; x.data=galloc(x.size); \ - if (x.data==NULL) return GNUTLS_E_MEMORY_ERROR; \ - if (_gnutls_get_random( x.data, x.size, rand) < 0) { \ - gnutls_assert(); \ - return GNUTLS_E_MEMORY_ERROR; \ - } - int _gnutls_proc_rsa_client_kx(gnutls_session_t session, opaque * data, size_t _data_size) { @@ -264,10 +256,20 @@ int _gnutls_proc_rsa_client_kx(gnutls_session_t session, opaque * data, } if (randomize_key != 0) { - /* we do not need strong random numbers here. - */ - RANDOMIZE_KEY(session->key->key, - gnutls_malloc, GNUTLS_WEAK_RANDOM); + session->key->key.size = TLS_MASTER_SIZE; + session->key->key.data = gnutls_malloc (session->key->key.size); + if (session->key->key.data == NULL) + { + gnutls_assert(); + return GNUTLS_E_MEMORY_ERROR; + } + + /* we do not need strong random numbers here. + */ + if (gc_nonce(session->key->key.data, session->key->key.size) != GC_OK) { + gnutls_assert(); + return GNUTLS_E_RANDOM_FAILED; + } } else { session->key->key.data = plaintext.data; @@ -303,8 +305,21 @@ int _gnutls_gen_rsa_client_kx(gnutls_session_t session, opaque ** data) gnutls_assert(); return GNUTLS_E_INSUFFICIENT_CREDENTIALS; } - RANDOMIZE_KEY(session->key->key, gnutls_secure_malloc, - GNUTLS_STRONG_RANDOM); + + session->key->key.size = TLS_MASTER_SIZE; + session->key->key.data = gnutls_secure_malloc(session->key->key.size); + + if (session->key->key.data == NULL) + { + gnutls_assert(); + return GNUTLS_E_MEMORY_ERROR; + } + + if (gc_pseudo_random(session->key->key.data, + session->key->key.size) != GC_OK) { + gnutls_assert(); + return GNUTLS_E_RANDOM_FAILED; + } ver = _gnutls_get_adv_version(session); diff --git a/lib/auth_srp_passwd.c b/lib/auth_srp_passwd.c index d4386f5caf..7cdf5bd582 100644 --- a/lib/auth_srp_passwd.c +++ b/lib/auth_srp_passwd.c @@ -40,6 +40,7 @@ #include <gnutls_str.h> #include <gnutls_datum.h> #include <gnutls_num.h> +#include <gc.h> static int _randomize_pwd_entry(SRP_PWD_ENTRY * entry); @@ -361,7 +362,10 @@ static int _randomize_pwd_entry(SRP_PWD_ENTRY * entry) return GNUTLS_E_INTERNAL_ERROR; } - _gnutls_get_random(&rnd, 1, GNUTLS_WEAK_RANDOM); + if (gc_nonce (&rnd, 1) != GC_OK) { + gnutls_assert(); + return GNUTLS_E_RANDOM_FAILED; + } entry->salt.size = (rnd % 10) + 9; entry->v.data = gnutls_malloc(20); @@ -371,7 +375,10 @@ static int _randomize_pwd_entry(SRP_PWD_ENTRY * entry) return GNUTLS_E_MEMORY_ERROR; } - _gnutls_get_random(entry->v.data, 20, GNUTLS_WEAK_RANDOM); + if (gc_nonce (entry->v.data, 20) != GC_OK) { + gnutls_assert(); + return GNUTLS_E_RANDOM_FAILED; + } entry->salt.data = gnutls_malloc(entry->salt.size); if (entry->salt.data == NULL) { @@ -379,10 +386,9 @@ static int _randomize_pwd_entry(SRP_PWD_ENTRY * entry) return GNUTLS_E_MEMORY_ERROR; } - if (_gnutls_get_random - (entry->salt.data, entry->salt.size, GNUTLS_WEAK_RANDOM) < 0) { - gnutls_assert(); - return GNUTLS_E_MEMORY_ERROR; + if (gc_nonce (entry->salt.data, entry->salt.size) != GC_OK) { + gnutls_assert(); + return GNUTLS_E_RANDOM_FAILED; } return 0; diff --git a/lib/gnutls_cipher.c b/lib/gnutls_cipher.c index 42a14909eb..2cf9144871 100644 --- a/lib/gnutls_cipher.c +++ b/lib/gnutls_cipher.c @@ -40,6 +40,7 @@ #include "gnutls_kx.h" #include "gnutls_record.h" #include "gnutls_constate.h" +#include <gc.h> inline static int is_write_comp_null(gnutls_session_t session) { @@ -215,9 +216,9 @@ calc_enc_length(gnutls_session_t session, int data_size, break; case CIPHER_BLOCK: - if (_gnutls_get_random(&rnd, 1, GNUTLS_WEAK_RANDOM) < 0) { - gnutls_assert(); - return GNUTLS_E_MEMORY_ERROR; + if (gc_nonce (&rnd, 1) != GC_OK) { + gnutls_assert(); + return GNUTLS_E_RANDOM_FAILED; } /* make rnd a multiple of blocksize */ @@ -337,10 +338,9 @@ int _gnutls_compressed2ciphertext(gnutls_session_t session, session->security_parameters.version >= GNUTLS_TLS1_1) { /* copy the random IV. */ - if (_gnutls_get_random(data_ptr, blocksize, GNUTLS_WEAK_RANDOM) < - 0) { - gnutls_assert(); - return GNUTLS_E_MEMORY_ERROR; + if (gc_nonce (data_ptr, blocksize) != GC_OK) { + gnutls_assert(); + return GNUTLS_E_RANDOM_FAILED; } data_ptr += blocksize; } diff --git a/lib/gnutls_handshake.c b/lib/gnutls_handshake.c index e1a9a357b4..4ce7e78d9a 100644 --- a/lib/gnutls_handshake.c +++ b/lib/gnutls_handshake.c @@ -50,6 +50,7 @@ #include <ext_srp.h> #include <gnutls_rsa_export.h> /* for gnutls_get_rsa_params() */ #include <auth_anon.h> /* for gnutls_anon_server_credentials_t */ +#include <gc.h> #ifdef HANDSHAKE_DEBUG #define ERR(x, y) _gnutls_handshake_log( "HSK[%x]: %s (%d)\n", session, x,y) @@ -239,10 +240,9 @@ int _gnutls_tls_create_random(opaque * dst) /* generate server random value */ _gnutls_write_uint32(tim, dst); - if (_gnutls_get_random - (&dst[4], TLS_RANDOM_SIZE - 4, GNUTLS_WEAK_RANDOM) < 0) { - gnutls_assert(); - return GNUTLS_E_MEMORY_ERROR; + if (gc_nonce (&dst[4], TLS_RANDOM_SIZE - 4) != GC_OK) { + gnutls_assert(); + return GNUTLS_E_RANDOM_FAILED; } return 0; @@ -2352,9 +2352,9 @@ int _gnutls_generate_session_id(opaque * session_id, uint8 * len) { *len = TLS_MAX_SESSION_ID_SIZE; - if (_gnutls_get_random(session_id, *len, GNUTLS_WEAK_RANDOM) < 0) { - gnutls_assert(); - return GNUTLS_E_MEMORY_ERROR; + if (gc_nonce (session_id, *len) != GC_OK) { + gnutls_assert(); + return GNUTLS_E_RANDOM_FAILED; } return 0; diff --git a/lib/gnutls_pk.c b/lib/gnutls_pk.c index 9f2183cefd..47c53164f5 100644 --- a/lib/gnutls_pk.c +++ b/lib/gnutls_pk.c @@ -37,6 +37,7 @@ #include "debug.h" #include <x509/mpi.h> #include <x509/common.h> +#include <gc.h> static int _gnutls_pk_encrypt(int algo, mpi_t * resarr, mpi_t data, mpi_t * pkey, int pkey_len); @@ -96,20 +97,17 @@ int _gnutls_pkcs1_rsa_encrypt(gnutls_datum_t * ciphertext, return GNUTLS_E_INTERNAL_ERROR; } - if ((ret = - _gnutls_get_random(ps, psize, GNUTLS_STRONG_RANDOM)) < 0) { + if (gc_pseudo_random (ps, psize) != GC_OK) { gnutls_assert(); gnutls_afree(edata); - return ret; + return GNUTLS_E_RANDOM_FAILED; } for (i = 0; i < psize; i++) while (ps[i] == 0) { - if ((ret = - _gnutls_get_random(&ps[i], 1, - GNUTLS_STRONG_RANDOM)) < 0) { + if (gc_pseudo_random (&ps[i], 1) != GC_OK) { gnutls_assert(); gnutls_afree(edata); - return ret; + return GNUTLS_E_RANDOM_FAILED; } } break; diff --git a/lib/gnutls_random.c b/lib/gnutls_random.c deleted file mode 100644 index 7810cf4163..0000000000 --- a/lib/gnutls_random.c +++ /dev/null @@ -1,57 +0,0 @@ -/* - * Copyright (C) 2001, 2003, 2004, 2005 Free Software Foundation - * - * Author: Nikos Mavroyanopoulos - * - * This file is part of GNUTLS. - * - * The GNUTLS library is free software; you can redistribute it and/or - * modify it under the terms of the GNU Lesser General Public License - * as published by the Free Software Foundation; either version 2.1 of - * the License, or (at your option) any later version. - * - * This library is distributed in the hope that it will be useful, but - * WITHOUT ANY WARRANTY; without even the implied warranty of - * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU - * Lesser General Public License for more details. - * - * You should have received a copy of the GNU Lesser General Public - * License along with this library; if not, write to the Free Software - * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, - * USA - * - */ - -/* Functions to return random bytes. - */ - -#include <gnutls_int.h> -#include <gnutls_random.h> -#include <gnutls_errors.h> - -/* fills the buffer 'res' with random bytes of 'bytes' long. - * level is WEAK, STRONG, or VERY_STRONG (libgcrypt) - */ -int _gnutls_get_random(opaque * res, int bytes, int level) -{ - int err; - - switch (level) { - case GNUTLS_WEAK_RANDOM: - err = gc_nonce((char *) res, (size_t) bytes); - break; - - case GNUTLS_STRONG_RANDOM: - err = gc_pseudo_random((char *) res, (size_t) bytes); - break; - - default: /* GNUTLS_VERY_STRONG_RANDOM */ - err = gc_random((char *) res, (size_t) bytes); - break; - } - - if (err != GC_OK) - return GNUTLS_E_RANDOM_FAILED; - - return GNUTLS_E_SUCCESS; -} diff --git a/lib/gnutls_random.h b/lib/gnutls_random.h deleted file mode 100644 index ed5d5f6e37..0000000000 --- a/lib/gnutls_random.h +++ /dev/null @@ -1,31 +0,0 @@ -/* - * Copyright (C) 2000, 2001, 2002, 2003, 2004, 2005 Free Software Foundation - * - * Author: Nikos Mavroyanopoulos - * - * This file is part of GNUTLS. - * - * The GNUTLS library is free software; you can redistribute it and/or - * modify it under the terms of the GNU Lesser General Public License - * as published by the Free Software Foundation; either version 2.1 of - * the License, or (at your option) any later version. - * - * This library is distributed in the hope that it will be useful, but - * WITHOUT ANY WARRANTY; without even the implied warranty of - * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU - * Lesser General Public License for more details. - * - * You should have received a copy of the GNU Lesser General Public - * License along with this library; if not, write to the Free Software - * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, - * USA - * - */ - -#include "defines.h" - -#define GNUTLS_WEAK_RANDOM 0 -#define GNUTLS_STRONG_RANDOM 1 -#define GNUTLS_VERY_STRONG_RANDOM 2 - -int _gnutls_get_random(opaque * res, int bytes, int); diff --git a/lib/x509/pkcs12.c b/lib/x509/pkcs12.c index 1e85f4fc4c..0ec8914aea 100644 --- a/lib/x509/pkcs12.c +++ b/lib/x509/pkcs12.c @@ -40,6 +40,7 @@ #include <pkcs12.h> #include <dn.h> #include <mpi.h> +#include <gc.h> /* Decodes the PKCS #12 auth_safe, and returns the allocated raw data, @@ -823,7 +824,10 @@ int gnutls_pkcs12_generate_mac(gnutls_pkcs12_t pkcs12, const char *pass) /* Generate the salt. */ - _gnutls_get_random(salt, sizeof(salt), GNUTLS_WEAK_RANDOM); + if (gc_nonce (salt, sizeof(salt)) != GC_OK) { + gnutls_assert(); + return GNUTLS_E_RANDOM_FAILED; + } /* Write the salt into the structure. */ diff --git a/lib/x509/privkey_pkcs8.c b/lib/x509/privkey_pkcs8.c index 5a63400fa3..4b73baa7f6 100644 --- a/lib/x509/privkey_pkcs8.c +++ b/lib/x509/privkey_pkcs8.c @@ -42,6 +42,7 @@ #include <gnutls_algorithms.h> #include <gnutls_random.h> #include <gnutls_num.h> +#include <gc.h> #define PBES2_OID "1.2.840.113549.1.5.13" @@ -1237,10 +1238,9 @@ static int decrypt_data(schema_id schema, ASN1_TYPE pkcs8_asn, /* generate the key */ if (schema == PBES2) { - result = - gc_pkcs5_pbkdf2_sha1(password, strlen(password), - kdf_params->salt, kdf_params->salt_size, - kdf_params->iter_count, key_size, key); + result = gc_pkcs5_pbkdf2_sha1(password, strlen(password), + kdf_params->salt, kdf_params->salt_size, + kdf_params->iter_count, key_size, key); if (result != GC_OK) { gnutls_assert(); @@ -1481,7 +1481,10 @@ static int generate_key(schema_id schema, else if (schema == PKCS12_RC2_40_SHA1) enc_params->cipher = GNUTLS_CIPHER_RC2_40_CBC; - _gnutls_get_random(rnd, 2, GNUTLS_STRONG_RANDOM); + if (gc_pseudo_random (rnd, 2) != GC_OK) { + gnutls_assert(); + return GNUTLS_E_RANDOM_FAILED; + } /* generate salt */ @@ -1491,8 +1494,10 @@ static int generate_key(schema_id schema, else kdf_params->salt_size = 8; - _gnutls_get_random(kdf_params->salt, kdf_params->salt_size, - GNUTLS_STRONG_RANDOM); + if (gc_pseudo_random (kdf_params->salt, kdf_params->salt_size) != GC_OK) { + gnutls_assert(); + return GNUTLS_E_RANDOM_FAILED; + } kdf_params->iter_count = 256 + rnd[0]; key->size = kdf_params->key_size = @@ -1520,10 +1525,11 @@ static int generate_key(schema_id schema, return GNUTLS_E_ENCRYPTION_FAILED; } - if (enc_params->iv_size) - _gnutls_get_random(enc_params->iv, enc_params->iv_size, - GNUTLS_WEAK_RANDOM); - + if (enc_params->iv_size && + gc_nonce (enc_params->iv, enc_params->iv_size) != GC_OK) { + gnutls_assert(); + return GNUTLS_E_RANDOM_FAILED; + } } else { /* PKCS12 schemas */ ret = _pkcs12_string_to_key(1 /*KEY*/, kdf_params->salt, |