aboutsummaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorlloyd <[email protected]>2014-12-02 13:33:10 +0000
committerlloyd <[email protected]>2014-12-02 13:33:10 +0000
commit2f884827b2aa1b070795230ebe012f1708ded73a (patch)
treebb13325a9254f210bd7cc4dd50b22b6957c48800
parente78801f8c8a168d70ae06769ec6996c4e0da122f (diff)
Add an easy way to directly use the system PRNG.
-rw-r--r--doc/relnotes/1_11_10.rst9
-rw-r--r--src/cmd/rng.cpp8
-rw-r--r--src/lib/rng/system_rng/info.txt19
-rw-r--r--src/lib/rng/system_rng/system_rng.cpp79
-rw-r--r--src/lib/rng/system_rng/system_rng.h19
5 files changed, 134 insertions, 0 deletions
diff --git a/doc/relnotes/1_11_10.rst b/doc/relnotes/1_11_10.rst
index b44b7101c..9fbf8e369 100644
--- a/doc/relnotes/1_11_10.rst
+++ b/doc/relnotes/1_11_10.rst
@@ -50,6 +50,15 @@ Version 1.11.10, Not Yet Released
* The default PKCS #8 encryption scheme has changed to use PBKDF2 with
SHA-256 instead of SHA-1
+* A specialized reducer for P-521 was added.
+
+* On Linux the mlock allocator will use MADV_DONTDUMP on the pool so
+ that the contents are not included in coredumps.
+
+* A new interface for directly using a system-provided PRNG is
+ available in system_rng.h. Currently only systems with /dev/urandom
+ are supported.
+
* Fix decoding indefinite length BER constructs that contain a context sensitive
tag of zero. Github pull 26 from Janusz Chorko.
diff --git a/src/cmd/rng.cpp b/src/cmd/rng.cpp
index 187fbad1e..0fdec2019 100644
--- a/src/cmd/rng.cpp
+++ b/src/cmd/rng.cpp
@@ -7,6 +7,10 @@
#include "apps.h"
#include <botan/libstate.h>
+#if defined(BOTAN_HAS_SYSTEM_RNG)
+ #include <botan/system_rng.h>
+#endif
+
namespace {
int rng(int argc, char* argv[])
@@ -22,6 +26,10 @@ int rng(int argc, char* argv[])
const size_t amt = to_u32bit(argv[argc-1]);
const bool raw = (argc == 3 && std::string(argv[1]) == "--raw-entropy");
+#if defined(BOTAN_HAS_SYSTEM_RNG)
+ std::cout << "System " << hex_encode(system_rng().random_vec(amt)) << "\n";
+#endif
+
if(!raw)
{
AutoSeeded_RNG rng;
diff --git a/src/lib/rng/system_rng/info.txt b/src/lib/rng/system_rng/info.txt
new file mode 100644
index 000000000..387b7e1dd
--- /dev/null
+++ b/src/lib/rng/system_rng/info.txt
@@ -0,0 +1,19 @@
+define SYSTEM_RNG 20141202
+
+<os>
+aix
+cygwin
+darwin
+dragonfly
+freebsd
+haiku
+hpux
+hurd
+irix
+linux
+netbsd
+openbsd
+qnx
+solaris
+tru64
+</os>
diff --git a/src/lib/rng/system_rng/system_rng.cpp b/src/lib/rng/system_rng/system_rng.cpp
new file mode 100644
index 000000000..afffb69cc
--- /dev/null
+++ b/src/lib/rng/system_rng/system_rng.cpp
@@ -0,0 +1,79 @@
+/*
+* System RNG
+* (C) 2014 Jack Lloyd
+*
+* Distributed under the terms of the Botan license
+*/
+
+#include <botan/system_rng.h>
+
+#include <sys/types.h>
+#include <sys/stat.h>
+#include <fcntl.h>
+#include <unistd.h>
+#include <string.h>
+#include <errno.h>
+
+namespace Botan {
+
+namespace {
+
+class System_RNG : public RandomNumberGenerator
+ {
+ public:
+ System_RNG();
+ ~System_RNG();
+
+ void randomize(byte buf[], size_t len);
+
+ bool is_seeded() const { return true; }
+ void clear() {}
+ std::string name() const { return "system"; }
+
+ void reseed(size_t) {}
+ void add_entropy(const byte[], size_t) {}
+ private:
+ int m_fd;
+ };
+
+System_RNG::System_RNG()
+ {
+ m_fd = ::open("/dev/urandom", O_RDONLY);
+ if(m_fd < 0)
+ throw std::runtime_error("System_RNG failed to open /dev/urandom");
+ }
+
+System_RNG::~System_RNG()
+ {
+ ::close(m_fd);
+ }
+
+void System_RNG::randomize(byte buf[], size_t len)
+ {
+ while(len)
+ {
+ ssize_t got = ::read(m_fd, buf, len);
+
+ if(got < 0)
+ {
+ if(errno == EINTR)
+ continue;
+ throw std::runtime_error("System_RNG read failed error " + std::to_string(errno));
+ }
+ if(got == 0)
+ throw std::runtime_error("System_RNG EOF on device"); // ?!?
+
+ buf += got;
+ len -= got;
+ }
+ }
+
+}
+
+RandomNumberGenerator& system_rng()
+ {
+ static System_RNG g_system_rng;
+ return g_system_rng;
+ }
+
+}
diff --git a/src/lib/rng/system_rng/system_rng.h b/src/lib/rng/system_rng/system_rng.h
new file mode 100644
index 000000000..6b4746a9c
--- /dev/null
+++ b/src/lib/rng/system_rng/system_rng.h
@@ -0,0 +1,19 @@
+/*
+* System RNG interface
+* (C) 2014 Jack Lloyd
+*
+* Distributed under the terms of the Botan license
+*/
+
+#ifndef BOTAN_SYSTEM_RNG_H__
+#define BOTAN_SYSTEM_RNG_H__
+
+#include <botan/rng.h>
+
+namespace Botan {
+
+BOTAN_DLL RandomNumberGenerator& system_rng();
+
+}
+
+#endif