delta/libgcrypt.git - dev.gnupg.org: source/libgcrypt.git

	Commit message (Collapse)	Author	Age	Files	Lines
*	random: Rename rndlinux module to rndoldlinux.	NIIBE Yutaka	2022-01-11	1	-5/+5
\| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \|	* configure.ac (USE_RNDOLDLINUX): Rename from USE_RNDLINUX. (GCRYPT_RANDOM): Use rndoldlinux.lo. * doc/gcrypt.texi: Update. * random/Makefile.am (EXTRA_librandom_la_SOURCES): Update. * random/rndoldlinux.c: Rename from rndlinux.c. Rename the function. * random/rand-internal.h: Update the function name. * random/random-csprng.c: Update the calls to the function. * random/random-drbg.c: Likewise. * random/random-system.c: Likewise. * src/global.c: Use USE_RNDOLDLINUX. -- GnuPG-bug-id: 5759 Signed-off-by: NIIBE Yutaka <gniibe@fsij.org>
*	random: Fix rndgetentropy correctly uses rndjent.	NIIBE Yutaka	2021-11-18	1	-1/+2
\| \| \| \| \| \| \| \| \| \|	* random/rndgetentropy.c (_gcry_rndgetentropy_gather_random): Call _gcry_rndjent_poll for GCRY_VERY_STRONG_RANDOM. -- GnuPG-bug-id: 5692 Signed-off-by: NIIBE Yutaka <gniibe@fsij.org>
*	random: Include getentropy random module.	NIIBE Yutaka	2021-11-15	1	-2/+6
\| \| \| \| \| \| \| \| \| \| \| \| \| \| \|	* random/rand-internal.h (_gcry_rndgetentropy_gather_random): Add. * random/random-csprng.c [USE_RNDLINUX] (_gcry_rngcsprng_close_fds) (getfnc_gather_random): Support getentropy random module. * random/random-drbg.c: Likewise. * random/random-fips.c: Likewise. * random/random-system.c: Likewise. * src/global.c [USE_RNDLINUX] (print_config): Show getentropy. -- GnuPG-bug-id: 5636 Signed-off-by: NIIBE Yutaka <gniibe@fsij.org>
*	Replace ath based mutexes by gpgrt based locks.	Werner Koch	2014-01-16	1	-15/+9
\| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \|	* configure.ac (NEED_GPG_ERROR_VERSION): Require 1.13. (gl_LOCK): Remove. * src/ath.c, src/ath.h: Remove. Remove from all files. Replace all mutexes by gpgrt based statically initialized locks. * src/global.c (global_init): Remove ath_init. (_gcry_vcontrol): Make ath install a dummy function. (print_config): Remove threads info line. * doc/gcrypt.texi: Simplify the multi-thread related documentation. -- The current code does only work on ELF systems with weak symbol support. In particular no locks were used under Windows. With the new gpgrt_lock functions from the soon to be released libgpg-error 1.13 we have a better portable scheme which also allows for static initialized mutexes. Signed-off-by: Werner Koch <wk@gnupg.org>
*	random: Add a feature to close device file descriptors.	Werner Koch	2013-12-11	1	-0/+13
\| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \|	* src/gcrypt.h.in (GCRYCTL_CLOSE_RANDOM_DEVICE): New. * src/global.c (_gcry_vcontrol): Call _gcry_random_close_fds. * random/random.c (_gcry_random_close_fds): New. * random/random-csprng.c (_gcry_rngcsprng_close_fds): New. * random/random-fips.c (_gcry_rngfips_close_fds): New. * random/random-system.c (_gcry_rngsystem_close_fds): New. * random/rndlinux.c (open_device): Add arg retry. (_gcry_rndlinux_gather_random): Add mode to close open fds. * tests/random.c (check_close_random_device): New. (main): Call new test. Signed-off-by: Werner Koch <wk@gnupg.org>
*	random: Add a RNG selection interface and system RNG wrapper.	Werner Koch	2012-12-03	1	-0/+243
	* random/random-system.c: New. * random/Makefile.am (librandom_la_SOURCES): Add new module. * random/random.c (struct rng_types): New. (_gcry_set_preferred_rng_type, _gcry_get_rng_type): New. (_gcry_random_initialize, gcry_random_add_bytes, do_randomize) (_gcry_set_random_seed_file, _gcry_update_random_seed_file) (_gcry_fast_random_poll): Dispatch to the actual RNG. * src/gcrypt.h.in (GCRYCTL_SET_PREFERRED_RNG_TYPE): New. GCRYCTL_GET_CURRENT_RNG_TYPE): New. (gcry_rng_types): New. * src/global.c (print_config): Print the TNG type. (global_init, _gcry_vcontrol): Implement the new control codes. * doc/gcrypt.texi (Controlling the library): Document the new control codes. * tests/benchmark.c (main): Add options to test the RNG types. * tests/random.c (main): Add new options. (print_hex): Print to stderr. (progress_cb, rng_type): New. (check_rng_type_switching, check_early_rng_type_switching): New. (run_all_rng_tests): New. -- The purpose of this change is to allow applications with moderate random requirements to use the system's RNG (e.g. /dev/urandom). The type switching logic makes sure that existing applications won't be affected by this change. A library is in almost all cases not able to degrade the quality of the RNG. The definition of "degrade" comes from our own assertion of the quality/trustworthiness of the RNGs: The most trustworthy RNG is the CSPRNG which dates back to the early GnuPG days. It is quite conservative and often requires more seeding than might be justified. GCRY_RNG_TYPE_STANDARD is the default unless the process is in FIPS mode. The second trustworthy RNG is the FIPS recommended X9.81 AES based implementation. It is seeded by the system's RNG. GCRY_RNG_TYPE_FIPS is the only available RNG if running in FIPS mode. The third trustworthy RNG is a mere wrapper around the system's native RNG. Thus there is no extra step on top of what, for example, /dev/random provides. GCRY_RNG_TYPE_SYSTEM may be used by applications which would use /dev/random or /dev/urandom instead.