diff options
| author | NIIBE Yutaka <gniibe@fsij.org> | 2021-11-15 14:45:57 +0900 |
|---|---|---|
| committer | NIIBE Yutaka <gniibe@fsij.org> | 2021-11-15 14:45:57 +0900 |
| commit | ec671cfa239888b67fcafda40b19006b61d9bbf2 (patch) | |
| tree | 57669068d247d7d57f63aa89379697fa39fd33fa /random | |
| parent | e562e34c824dda9ce1c4a0af58e8366699a3d88b (diff) | |
| download | libgcrypt-ec671cfa239888b67fcafda40b19006b61d9bbf2.tar.gz | |
random: Include getentropy random module.
* random/rand-internal.h (_gcry_rndgetentropy_gather_random): Add.
* random/random-csprng.c [USE_RNDLINUX] (_gcry_rngcsprng_close_fds)
(getfnc_gather_random): Support getentropy random module.
* random/random-drbg.c: Likewise.
* random/random-fips.c: Likewise.
* random/random-system.c: Likewise.
* src/global.c [USE_RNDLINUX] (print_config): Show getentropy.
--
GnuPG-bug-id: 5636
Signed-off-by: NIIBE Yutaka <gniibe@fsij.org>
Diffstat (limited to 'random')
| -rw-r--r-- | random/rand-internal.h | 6 | ||||
| -rw-r--r-- | random/random-csprng.c | 11 | ||||
| -rw-r--r-- | random/random-drbg.c | 11 | ||||
| -rw-r--r-- | random/random-fips.c | 14 | ||||
| -rw-r--r-- | random/random-system.c | 8 | ||||
| -rw-r--r-- | random/rndgetentropy.c | 2 |
6 files changed, 41 insertions, 11 deletions
diff --git a/random/rand-internal.h b/random/rand-internal.h index 34221569..1bfc7e4c 100644 --- a/random/rand-internal.h +++ b/random/rand-internal.h @@ -89,6 +89,12 @@ void _gcry_rngsystem_randomize (void *buffer, size_t length, +/*-- rndgetentropy.c --*/ +int _gcry_rndgetentropy_gather_random (void (*add) (const void *, size_t, + enum random_origins), + enum random_origins origin, + size_t length, int level); + /*-- rndlinux.c --*/ int _gcry_rndlinux_gather_random (void (*add) (const void *, size_t, enum random_origins), diff --git a/random/random-csprng.c b/random/random-csprng.c index 0228a1f0..1664b708 100644 --- a/random/random-csprng.c +++ b/random/random-csprng.c @@ -352,10 +352,12 @@ void _gcry_rngcsprng_close_fds (void) { lock_pool (); -#if USE_RNDLINUX +#if USE_RNDGETENTROPY + _gcry_rndgetentropy_gather_random (NULL, 0, 0, 0); +#elif USE_RNDLINUX _gcry_rndlinux_gather_random (NULL, 0, 0, 0); - pool_filled = 0; /* Force re-open on next use. */ #endif + pool_filled = 0; /* Force re-open on next use. */ unlock_pool (); } @@ -1204,6 +1206,11 @@ getfnc_gather_random (void))(void (*)(const void*, size_t, int (*fnc)(void (*)(const void*, size_t, enum random_origins), enum random_origins, size_t, int); +#if USE_RNDGETENTROPY + fnc = _gcry_rndgetentropy_gather_random; + return fnc; +#endif + #if USE_RNDLINUX if ( !access (NAME_OF_DEV_RANDOM, R_OK) && !access (NAME_OF_DEV_URANDOM, R_OK)) diff --git a/random/random-drbg.c b/random/random-drbg.c index 6124f5fb..dc8c7044 100644 --- a/random/random-drbg.c +++ b/random/random-drbg.c @@ -618,7 +618,10 @@ drbg_get_entropy (drbg_state_t drbg, unsigned char *buffer, read_cb_buffer = buffer; read_cb_size = len; read_cb_len = 0; -#if USE_RNDLINUX +#if USE_RNDGETENTROPY + rc = _gcry_rndgetentropy_gather_random (drbg_read_cb, 0, len, + GCRY_VERY_STRONG_RANDOM); +#elif USE_RNDLINUX rc = _gcry_rndlinux_gather_random (drbg_read_cb, 0, len, GCRY_VERY_STRONG_RANDOM); #elif USE_RNDUNIX @@ -1865,11 +1868,13 @@ _gcry_rngdrbg_reinit (const char *flagstr, gcry_buffer_t *pers, int npers) void _gcry_rngdrbg_close_fds (void) { -#if USE_RNDLINUX drbg_lock (); +#if USE_RNDGETENTROPY + _gcry_rndgetentropy_gather_random (NULL, 0, 0, 0); +#elif USE_RNDLINUX _gcry_rndlinux_gather_random (NULL, 0, 0, 0); - drbg_unlock (); #endif + drbg_unlock (); } /* Print some statistics about the RNG. */ diff --git a/random/random-fips.c b/random/random-fips.c index 3a641b25..967b1a83 100644 --- a/random/random-fips.c +++ b/random/random-fips.c @@ -554,7 +554,11 @@ get_entropy (size_t nbytes) entropy_collect_buffer_size = nbytes; entropy_collect_buffer_len = 0; -#if USE_RNDLINUX +#if USE_RNDGETENTROPY + rc = _gcry_rndgetentropy_gather_random (entropy_collect_cb, 0, + X931_AES_KEYLEN, + GCRY_VERY_STRONG_RANDOM); +#elif USE_RNDLINUX rc = _gcry_rndlinux_gather_random (entropy_collect_cb, 0, X931_AES_KEYLEN, GCRY_VERY_STRONG_RANDOM); @@ -781,7 +785,9 @@ void _gcry_rngfips_close_fds (void) { lock_rng (); -#if USE_RNDLINUX +#if USE_RNDGETENTROPY + _gcry_rndgetentropy_gather_random (NULL, 0, 0, 0); +#elif USE_RNDLINUX _gcry_rndlinux_gather_random (NULL, 0, 0, 0); #endif unlock_rng (); @@ -1000,7 +1006,7 @@ _gcry_rngfips_selftest (selftest_report_func_t report) { gcry_err_code_t ec; -#if defined(USE_RNDLINUX) || defined(USE_RNDW32) +#if defined(USE_RNDGETENTROPY) || defined(USE_RNDLINUX) || defined(USE_RNDW32) { char buffer[8]; @@ -1013,7 +1019,7 @@ _gcry_rngfips_selftest (selftest_report_func_t report) ec = selftest_kat (report); -#else /*!(USE_RNDLINUX||USE_RNDW32)*/ +#else /*!(USE_RNDGETENTROPY||USE_RNDLINUX||USE_RNDW32)*/ report ("random", 0, "setup", "no entropy gathering module"); ec = GPG_ERR_SELFTEST_FAILED; #endif diff --git a/random/random-system.c b/random/random-system.c index 8b79511c..2ac8df9e 100644 --- a/random/random-system.c +++ b/random/random-system.c @@ -147,7 +147,9 @@ get_random (void *buffer, size_t length, int level) read_cb_size = length; read_cb_len = 0; -#if USE_RNDLINUX +#if USE_RNDGETENTROPY + rc = _gcry_rndgetentropy_gather_random (read_cb, 0, length, level); +#elif USE_RNDLINUX rc = _gcry_rndlinux_gather_random (read_cb, 0, length, level); #elif USE_RNDUNIX rc = _gcry_rndunix_gather_random (read_cb, 0, length, level); @@ -193,7 +195,9 @@ void _gcry_rngsystem_close_fds (void) { lock_rng (); -#if USE_RNDLINUX +#if USE_RNDGETENTROPY + _gcry_rndgetentropy_gather_random (NULL, 0, 0, 0); +#elif USE_RNDLINUX _gcry_rndlinux_gather_random (NULL, 0, 0, 0); #endif unlock_rng (); diff --git a/random/rndgetentropy.c b/random/rndgetentropy.c index 68946165..5a033276 100644 --- a/random/rndgetentropy.c +++ b/random/rndgetentropy.c @@ -41,6 +41,8 @@ _gcry_rndgetentropy_gather_random (void (*add)(const void*, size_t, { byte buffer[256]; + (void)level; + if (!add) { /* Special mode to release resouces. */ |