diff options
author | lloyd <[email protected]> | 2014-12-02 13:33:10 +0000 |
---|---|---|
committer | lloyd <[email protected]> | 2014-12-02 13:33:10 +0000 |
commit | 2f884827b2aa1b070795230ebe012f1708ded73a (patch) | |
tree | bb13325a9254f210bd7cc4dd50b22b6957c48800 | |
parent | e78801f8c8a168d70ae06769ec6996c4e0da122f (diff) |
Add an easy way to directly use the system PRNG.
-rw-r--r-- | doc/relnotes/1_11_10.rst | 9 | ||||
-rw-r--r-- | src/cmd/rng.cpp | 8 | ||||
-rw-r--r-- | src/lib/rng/system_rng/info.txt | 19 | ||||
-rw-r--r-- | src/lib/rng/system_rng/system_rng.cpp | 79 | ||||
-rw-r--r-- | src/lib/rng/system_rng/system_rng.h | 19 |
5 files changed, 134 insertions, 0 deletions
diff --git a/doc/relnotes/1_11_10.rst b/doc/relnotes/1_11_10.rst index b44b7101c..9fbf8e369 100644 --- a/doc/relnotes/1_11_10.rst +++ b/doc/relnotes/1_11_10.rst @@ -50,6 +50,15 @@ Version 1.11.10, Not Yet Released * The default PKCS #8 encryption scheme has changed to use PBKDF2 with SHA-256 instead of SHA-1 +* A specialized reducer for P-521 was added. + +* On Linux the mlock allocator will use MADV_DONTDUMP on the pool so + that the contents are not included in coredumps. + +* A new interface for directly using a system-provided PRNG is + available in system_rng.h. Currently only systems with /dev/urandom + are supported. + * Fix decoding indefinite length BER constructs that contain a context sensitive tag of zero. Github pull 26 from Janusz Chorko. diff --git a/src/cmd/rng.cpp b/src/cmd/rng.cpp index 187fbad1e..0fdec2019 100644 --- a/src/cmd/rng.cpp +++ b/src/cmd/rng.cpp @@ -7,6 +7,10 @@ #include "apps.h" #include <botan/libstate.h> +#if defined(BOTAN_HAS_SYSTEM_RNG) + #include <botan/system_rng.h> +#endif + namespace { int rng(int argc, char* argv[]) @@ -22,6 +26,10 @@ int rng(int argc, char* argv[]) const size_t amt = to_u32bit(argv[argc-1]); const bool raw = (argc == 3 && std::string(argv[1]) == "--raw-entropy"); +#if defined(BOTAN_HAS_SYSTEM_RNG) + std::cout << "System " << hex_encode(system_rng().random_vec(amt)) << "\n"; +#endif + if(!raw) { AutoSeeded_RNG rng; diff --git a/src/lib/rng/system_rng/info.txt b/src/lib/rng/system_rng/info.txt new file mode 100644 index 000000000..387b7e1dd --- /dev/null +++ b/src/lib/rng/system_rng/info.txt @@ -0,0 +1,19 @@ +define SYSTEM_RNG 20141202 + +<os> +aix +cygwin +darwin +dragonfly +freebsd +haiku +hpux +hurd +irix +linux +netbsd +openbsd +qnx +solaris +tru64 +</os> diff --git a/src/lib/rng/system_rng/system_rng.cpp b/src/lib/rng/system_rng/system_rng.cpp new file mode 100644 index 000000000..afffb69cc --- /dev/null +++ b/src/lib/rng/system_rng/system_rng.cpp @@ -0,0 +1,79 @@ +/* +* System RNG +* (C) 2014 Jack Lloyd +* +* Distributed under the terms of the Botan license +*/ + +#include <botan/system_rng.h> + +#include <sys/types.h> +#include <sys/stat.h> +#include <fcntl.h> +#include <unistd.h> +#include <string.h> +#include <errno.h> + +namespace Botan { + +namespace { + +class System_RNG : public RandomNumberGenerator + { + public: + System_RNG(); + ~System_RNG(); + + void randomize(byte buf[], size_t len); + + bool is_seeded() const { return true; } + void clear() {} + std::string name() const { return "system"; } + + void reseed(size_t) {} + void add_entropy(const byte[], size_t) {} + private: + int m_fd; + }; + +System_RNG::System_RNG() + { + m_fd = ::open("/dev/urandom", O_RDONLY); + if(m_fd < 0) + throw std::runtime_error("System_RNG failed to open /dev/urandom"); + } + +System_RNG::~System_RNG() + { + ::close(m_fd); + } + +void System_RNG::randomize(byte buf[], size_t len) + { + while(len) + { + ssize_t got = ::read(m_fd, buf, len); + + if(got < 0) + { + if(errno == EINTR) + continue; + throw std::runtime_error("System_RNG read failed error " + std::to_string(errno)); + } + if(got == 0) + throw std::runtime_error("System_RNG EOF on device"); // ?!? + + buf += got; + len -= got; + } + } + +} + +RandomNumberGenerator& system_rng() + { + static System_RNG g_system_rng; + return g_system_rng; + } + +} diff --git a/src/lib/rng/system_rng/system_rng.h b/src/lib/rng/system_rng/system_rng.h new file mode 100644 index 000000000..6b4746a9c --- /dev/null +++ b/src/lib/rng/system_rng/system_rng.h @@ -0,0 +1,19 @@ +/* +* System RNG interface +* (C) 2014 Jack Lloyd +* +* Distributed under the terms of the Botan license +*/ + +#ifndef BOTAN_SYSTEM_RNG_H__ +#define BOTAN_SYSTEM_RNG_H__ + +#include <botan/rng.h> + +namespace Botan { + +BOTAN_DLL RandomNumberGenerator& system_rng(); + +} + +#endif |