diff options
| author | Jack Lloyd <[email protected]> | 2015-11-24 17:51:59 -0500 |
|---|---|---|
| committer | Jack Lloyd <[email protected]> | 2015-11-24 17:51:59 -0500 |
| commit | 5f208fab1890e2ad64b52306eccd82f031425c7a (patch) | |
| tree | 6bbbf1408e10538e441e3d603d80ebb2cabc6a78 /src/lib/entropy | |
| parent | bf59ffc4de374d7b27b7ab400789ab2723131b7a (diff) | |
New reseed_with_sources call on RNGs
Provides an easier way for an application to configure a list of
entropy sources they'd like to use, or add a custom entropy source to
their seeding.
Exposes some toggles for the global/default entropy sources to build.h
Adds basic entropy tests which runs the polls and does sanity checking
on the results, including compression tests if available. These are
less useful for the CSPRNG outputs but a good check for the ones
producing plain ASCII like the /proc reader.
Diffstat (limited to 'src/lib/entropy')
| -rw-r--r-- | src/lib/entropy/beos_stats/es_beos.h | 4 | ||||
| -rw-r--r-- | src/lib/entropy/cryptoapi_rng/es_capi.cpp | 8 | ||||
| -rw-r--r-- | src/lib/entropy/cryptoapi_rng/es_capi.h | 5 | ||||
| -rw-r--r-- | src/lib/entropy/darwin_secrandom/darwin_secrandom.cpp | 8 | ||||
| -rw-r--r-- | src/lib/entropy/darwin_secrandom/darwin_secrandom.h | 7 | ||||
| -rw-r--r-- | src/lib/entropy/dev_random/dev_random.cpp | 15 | ||||
| -rw-r--r-- | src/lib/entropy/dev_random/dev_random.h | 6 | ||||
| -rw-r--r-- | src/lib/entropy/egd/es_egd.cpp | 8 | ||||
| -rw-r--r-- | src/lib/entropy/egd/es_egd.h | 5 | ||||
| -rw-r--r-- | src/lib/entropy/entropy_src.h | 35 | ||||
| -rw-r--r-- | src/lib/entropy/entropy_srcs.cpp | 144 | ||||
| -rw-r--r-- | src/lib/entropy/hres_timer/hres_timer.h | 4 | ||||
| -rw-r--r-- | src/lib/entropy/info.txt | 2 | ||||
| -rw-r--r-- | src/lib/entropy/proc_walk/proc_walk.cpp | 2 | ||||
| -rw-r--r-- | src/lib/entropy/proc_walk/proc_walk.h | 4 | ||||
| -rw-r--r-- | src/lib/entropy/rdrand/rdrand.h | 4 | ||||
| -rw-r--r-- | src/lib/entropy/unix_procs/unix_procs.cpp | 7 | ||||
| -rw-r--r-- | src/lib/entropy/unix_procs/unix_procs.h | 8 | ||||
| -rw-r--r-- | src/lib/entropy/win32_stats/es_win32.h | 4 |
19 files changed, 181 insertions, 99 deletions
diff --git a/src/lib/entropy/beos_stats/es_beos.h b/src/lib/entropy/beos_stats/es_beos.h index 2565b9180..db5824f6f 100644 --- a/src/lib/entropy/beos_stats/es_beos.h +++ b/src/lib/entropy/beos_stats/es_beos.h @@ -15,10 +15,10 @@ namespace Botan { /** * BeOS Entropy Source */ -class BeOS_EntropySource : public EntropySource +class BeOS_EntropySource : public Entropy_Source { private: - std::string name() const override { return "BeOS Statistics"; } + std::string name() const override { return "system_stats"; } void poll(Entropy_Accumulator& accum) override; }; diff --git a/src/lib/entropy/cryptoapi_rng/es_capi.cpp b/src/lib/entropy/cryptoapi_rng/es_capi.cpp index 019b55a10..6ffc03c12 100644 --- a/src/lib/entropy/cryptoapi_rng/es_capi.cpp +++ b/src/lib/entropy/cryptoapi_rng/es_capi.cpp @@ -57,15 +57,17 @@ class CSP_Handle */ void Win32_CAPI_EntropySource::poll(Entropy_Accumulator& accum) { - m_buf.resize(32); + const size_t ENTROPY_BITS_PER_BYTE = 8; + + secure_vector<byte>& buf = accum.get_io_buf(BOTAN_SYSTEM_RNG_POLL_REQUEST); for(size_t i = 0; i != prov_types.size(); ++i) { CSP_Handle csp(prov_types[i]); - if(size_t got = csp.gen_random(m_buf.data(), m_buf.size())) + if(size_t got = csp.gen_random(buf.data(), buf.size())) { - accum.add(m_buf.data(), got, 6); + accum.add(buf.data(), got, ENTROPY_BITS_PER_BYTE); break; } } diff --git a/src/lib/entropy/cryptoapi_rng/es_capi.h b/src/lib/entropy/cryptoapi_rng/es_capi.h index 81a5003b2..eb63183e9 100644 --- a/src/lib/entropy/cryptoapi_rng/es_capi.h +++ b/src/lib/entropy/cryptoapi_rng/es_capi.h @@ -16,10 +16,10 @@ namespace Botan { /** * Win32 CAPI Entropy Source */ -class Win32_CAPI_EntropySource : public EntropySource +class Win32_CAPI_EntropySource : public Entropy_Source { public: - std::string name() const override { return "Win32 CryptoGenRandom"; } + std::string name() const override { return "win32_cryptoapi"; } void poll(Entropy_Accumulator& accum) override; @@ -30,7 +30,6 @@ class Win32_CAPI_EntropySource : public EntropySource Win32_CAPI_EntropySource(const std::string& provs = ""); private: std::vector<u64bit> prov_types; - secure_vector<byte> m_buf; }; } diff --git a/src/lib/entropy/darwin_secrandom/darwin_secrandom.cpp b/src/lib/entropy/darwin_secrandom/darwin_secrandom.cpp index f04b75a12..08b464ff0 100644 --- a/src/lib/entropy/darwin_secrandom/darwin_secrandom.cpp +++ b/src/lib/entropy/darwin_secrandom/darwin_secrandom.cpp @@ -16,12 +16,12 @@ namespace Botan { void Darwin_SecRandom::poll(Entropy_Accumulator& accum) { const size_t ENTROPY_BITS_PER_BYTE = 8; - const size_t BUF_SIZE = 256; - m_buf.resize(BUF_SIZE); - if (0 == SecRandomCopyBytes(kSecRandomDefault, m_buf.size(), m_buf.data())) + secure_vector<byte>& buf = accum.get_io_buf(BOTAN_SYSTEM_RNG_POLL_REQUEST); + + if(0 == SecRandomCopyBytes(kSecRandomDefault, buf.size(), buf.data())) { - accum.add(m_buf.data(), m_buf.size(), ENTROPY_BITS_PER_BYTE); + accum.add(buf.data(), buf.size(), ENTROPY_BITS_PER_BYTE); } } diff --git a/src/lib/entropy/darwin_secrandom/darwin_secrandom.h b/src/lib/entropy/darwin_secrandom/darwin_secrandom.h index 504d5cc64..970cd7941 100644 --- a/src/lib/entropy/darwin_secrandom/darwin_secrandom.h +++ b/src/lib/entropy/darwin_secrandom/darwin_secrandom.h @@ -15,15 +15,12 @@ namespace Botan { /** * Entropy source using SecRandomCopyBytes from Darwin's Security.framework */ -class Darwin_SecRandom : public EntropySource +class Darwin_SecRandom : public Entropy_Source { public: - std::string name() const override { return "Darwin SecRandomCopyBytes"; } + std::string name() const override { return "darwin_secrandom"; } void poll(Entropy_Accumulator& accum) override; - - private: - secure_vector<byte> m_buf; }; } diff --git a/src/lib/entropy/dev_random/dev_random.cpp b/src/lib/entropy/dev_random/dev_random.cpp index 526835fea..0115368da 100644 --- a/src/lib/entropy/dev_random/dev_random.cpp +++ b/src/lib/entropy/dev_random/dev_random.cpp @@ -6,7 +6,6 @@ */ #include <botan/internal/dev_random.h> -#include <botan/internal/rounding.h> #include <sys/types.h> #include <sys/select.h> @@ -61,10 +60,8 @@ void Device_EntropySource::poll(Entropy_Accumulator& accum) return; const size_t ENTROPY_BITS_PER_BYTE = 8; - const size_t MS_WAIT_TIME = 32; - const size_t READ_ATTEMPT = 32; - int max_fd = m_devices[0]; + fd_type max_fd = m_devices[0]; fd_set read_set; FD_ZERO(&read_set); for(size_t i = 0; i != m_devices.size(); ++i) @@ -75,21 +72,21 @@ void Device_EntropySource::poll(Entropy_Accumulator& accum) struct ::timeval timeout; - timeout.tv_sec = (MS_WAIT_TIME / 1000); - timeout.tv_usec = (MS_WAIT_TIME % 1000) * 1000; + timeout.tv_sec = (BOTAN_SYSTEM_RNG_POLL_TIMEOUT_MS / 1000); + timeout.tv_usec = (BOTAN_SYSTEM_RNG_POLL_TIMEOUT_MS % 1000) * 1000; if(::select(max_fd + 1, &read_set, nullptr, nullptr, &timeout) < 0) return; - m_buf.resize(READ_ATTEMPT); + secure_vector<byte>& buf = accum.get_io_buf(BOTAN_SYSTEM_RNG_POLL_REQUEST); for(size_t i = 0; i != m_devices.size(); ++i) { if(FD_ISSET(m_devices[i], &read_set)) { - const ssize_t got = ::read(m_devices[i], m_buf.data(), m_buf.size()); + const ssize_t got = ::read(m_devices[i], buf.data(), buf.size()); if(got > 0) - accum.add(m_buf.data(), got, ENTROPY_BITS_PER_BYTE); + accum.add(buf.data(), got, ENTROPY_BITS_PER_BYTE); } } } diff --git a/src/lib/entropy/dev_random/dev_random.h b/src/lib/entropy/dev_random/dev_random.h index 0d0c2df60..f634cf16c 100644 --- a/src/lib/entropy/dev_random/dev_random.h +++ b/src/lib/entropy/dev_random/dev_random.h @@ -17,10 +17,10 @@ namespace Botan { /** * Entropy source reading from kernel devices like /dev/random */ -class Device_EntropySource : public EntropySource +class Device_EntropySource : public Entropy_Source { public: - std::string name() const override { return "RNG Device Reader"; } + std::string name() const override { return "dev_random"; } void poll(Entropy_Accumulator& accum) override; @@ -28,8 +28,6 @@ class Device_EntropySource : public EntropySource ~Device_EntropySource(); private: typedef int fd_type; - - secure_vector<byte> m_buf; std::vector<fd_type> m_devices; }; diff --git a/src/lib/entropy/egd/es_egd.cpp b/src/lib/entropy/egd/es_egd.cpp index d64b87ba1..9b625d051 100644 --- a/src/lib/entropy/egd/es_egd.cpp +++ b/src/lib/entropy/egd/es_egd.cpp @@ -137,19 +137,19 @@ EGD_EntropySource::~EGD_EntropySource() */ void EGD_EntropySource::poll(Entropy_Accumulator& accum) { - const size_t READ_ATTEMPT = 32; + const size_t ENTROPY_BITS_PER_BYTE = 8; std::lock_guard<std::mutex> lock(m_mutex); - m_buf.resize(READ_ATTEMPT); + secure_vector<byte>& buf = accum.get_io_buf(BOTAN_SYSTEM_RNG_POLL_REQUEST); for(size_t i = 0; i != sockets.size(); ++i) { - size_t got = sockets[i].read(m_buf.data(), m_buf.size()); + size_t got = sockets[i].read(buf.data(), buf.size()); if(got) { - accum.add(m_buf.data(), got, 6); + accum.add(buf.data(), got, ENTROPY_BITS_PER_BYTE); break; } } diff --git a/src/lib/entropy/egd/es_egd.h b/src/lib/entropy/egd/es_egd.h index 7f7df1133..0b497a8bd 100644 --- a/src/lib/entropy/egd/es_egd.h +++ b/src/lib/entropy/egd/es_egd.h @@ -18,10 +18,10 @@ namespace Botan { /** * EGD Entropy Source */ -class EGD_EntropySource : public EntropySource +class EGD_EntropySource : public Entropy_Source { public: - std::string name() const override { return "EGD/PRNGD"; } + std::string name() const override { return "egd"; } void poll(Entropy_Accumulator& accum) override; @@ -44,7 +44,6 @@ class EGD_EntropySource : public EntropySource std::mutex m_mutex; std::vector<EGD_Socket> sockets; - secure_vector<byte> m_buf; }; } diff --git a/src/lib/entropy/entropy_src.h b/src/lib/entropy/entropy_src.h index c635b8756..0f4c38358 100644 --- a/src/lib/entropy/entropy_src.h +++ b/src/lib/entropy/entropy_src.h @@ -66,18 +66,27 @@ class BOTAN_DLL Entropy_Accumulator { add(&v, sizeof(T), entropy_bits_per_byte); } + + secure_vector<byte>& get_io_buf(size_t sz) { m_io_buf.resize(sz); return m_io_buf; } private: std::function<bool (const byte[], size_t, double)> m_accum_fn; + secure_vector<byte> m_io_buf; bool m_done = false; }; /** * Abstract interface to a source of entropy */ -class BOTAN_DLL EntropySource +class BOTAN_DLL Entropy_Source { public: - static void poll_available_sources(class Entropy_Accumulator& accum); + /* + * Return a new entropy source of a particular type, or null + * Each entropy source may require substantial resources (eg, a file handle + * or socket instance), so try to share them among multiple RNGs, or just + * use the preconfigured global list accessed by global_entropy_sources() + */ + static std::unique_ptr<Entropy_Source> create(const std::string& type); /** * @return name identifying this entropy source @@ -90,7 +99,27 @@ class BOTAN_DLL EntropySource */ virtual void poll(Entropy_Accumulator& accum) = 0; - virtual ~EntropySource() {} + virtual ~Entropy_Source() {} + }; + +class BOTAN_DLL Entropy_Sources + { + public: + static Entropy_Sources& global_sources(); + + void add_source(std::unique_ptr<Entropy_Source> src); + + std::vector<std::string> enabled_sources() const; + + void poll(Entropy_Accumulator& accum); + bool poll_just(Entropy_Accumulator& accum, const std::string& src); + + Entropy_Sources() {} + Entropy_Sources(const std::vector<std::string>& sources); + + ~Entropy_Sources(); + private: + std::vector<Entropy_Source*> m_srcs; }; } diff --git a/src/lib/entropy/entropy_srcs.cpp b/src/lib/entropy/entropy_srcs.cpp index d57160c88..cbf13d488 100644 --- a/src/lib/entropy/entropy_srcs.cpp +++ b/src/lib/entropy/entropy_srcs.cpp @@ -49,83 +49,147 @@ namespace Botan { -namespace { - -std::vector<std::unique_ptr<EntropySource>> get_default_entropy_sources() +std::unique_ptr<Entropy_Source> Entropy_Source::create(const std::string& name) { - std::vector<std::unique_ptr<EntropySource>> sources; - + if(name == "timestamp") + { #if defined(BOTAN_HAS_ENTROPY_SRC_HIGH_RESOLUTION_TIMER) - sources.push_back(std::unique_ptr<EntropySource>(new High_Resolution_Timestamp)); + return std::unique_ptr<Entropy_Source>(new High_Resolution_Timestamp); #endif + } + if(name == "rdrand") + { #if defined(BOTAN_HAS_ENTROPY_SRC_RDRAND) - sources.push_back(std::unique_ptr<EntropySource>(new Intel_Rdrand)); + return std::unique_ptr<Entropy_Source>(new Intel_Rdrand); #endif + } + if(name == "proc_info") + { #if defined(BOTAN_HAS_ENTROPY_SRC_UNIX_PROCESS_RUNNER) - sources.push_back(std::unique_ptr<EntropySource>(new UnixProcessInfo_EntropySource)); + return std::unique_ptr<Entropy_Source>(new UnixProcessInfo_EntropySource); #endif + } -#if defined(BOTAN_HAS_ENTROPY_SRC_DEV_RANDOM) - sources.push_back(std::unique_ptr<EntropySource>(new Device_EntropySource( - { "/dev/random", "/dev/srandom", "/dev/urandom" } - ))); + if(name == "darwin_secrandom") + { +#if defined(BOTAN_HAS_ENTROPY_SRC_DARWIN_SECRANDOM) + return std::unique_ptr<Entropy_Source>(new Darwin_SecRandom); #endif + } -#if defined(BOTAN_HAS_ENTROPY_SRC_CAPI) - sources.push_back(std::unique_ptr<EntropySource>(new Win32_CAPI_EntropySource)); + if(name == "dev_random") + { +#if defined(BOTAN_HAS_ENTROPY_SRC_DEV_RANDOM) + return std::unique_ptr<Entropy_Source>(new Device_EntropySource(BOTAN_SYSTEM_RNG_POLL_DEVICES)); + } + + if(name == "win32_cryptoapi") + { +#elif defined(BOTAN_HAS_ENTROPY_SRC_CAPI) + return std::unique_ptr<Entropy_Source>(new Win32_CAPI_EntropySource); #endif + } + if(name == "proc_walk") + { #if defined(BOTAN_HAS_ENTROPY_SRC_PROC_WALKER) - sources.push_back(std::unique_ptr<EntropySource>(new ProcWalking_EntropySource("/proc"))); + return std::unique_ptr<Entropy_Source>(new ProcWalking_EntropySource("/proc")); #endif + } + if(name == "system_stats") + { #if defined(BOTAN_HAS_ENTROPY_SRC_WIN32) - sources.push_back(std::unique_ptr<EntropySource>(new Win32_EntropySource)); -#endif - -#if defined(BOTAN_HAS_ENTROPY_SRC_BEOS) - sources.push_back(std::unique_ptr<EntropySource>(new BeOS_EntropySource)); + return std::unique_ptr<Entropy_Source>(new Win32_EntropySource); +#elif defined(BOTAN_HAS_ENTROPY_SRC_BEOS) + return std::unique_ptr<Entropy_Source>(new BeOS_EntropySource); #endif + } + if(name == "unix_procs") + { #if defined(BOTAN_HAS_ENTROPY_SRC_UNIX_PROCESS_RUNNER) - sources.push_back(std::unique_ptr<EntropySource>(new Unix_EntropySource( - { "/bin", "/sbin", "/usr/bin", "/usr/sbin" } - ))); + return std::unique_ptr<Entropy_Source>(new Unix_EntropySource(BOTAN_ENTROPY_SAFE_PATHS)); #endif + } + if(name == "egd") + { #if defined(BOTAN_HAS_ENTROPY_SRC_EGD) - sources.push_back(std::unique_ptr<EntropySource>( - new EGD_EntropySource({ "/var/run/egd-pool", "/dev/egd-pool" }) - )); + return std::unique_ptr<Entropy_Source>(new EGD_EntropySource(BOTAN_ENTROPY_EGD_PATHS)); #endif + } -#if defined(BOTAN_HAS_ENTROPY_SRC_DARWIN_SECRANDOM) - sources.push_back(std::unique_ptr<EntropySource>(new Darwin_SecRandom)); -#endif + return std::unique_ptr<Entropy_Source>(); + } +void Entropy_Sources::add_source(std::unique_ptr<Entropy_Source> src) + { + if(src.get()) + { + m_srcs.push_back(src.release()); + } + } + +std::vector<std::string> Entropy_Sources::enabled_sources() const + { + std::vector<std::string> sources; + for(size_t i = 0; i != m_srcs.size(); ++i) + { + sources.push_back(m_srcs[i]->name()); + } return sources; } -} +void Entropy_Sources::poll(Entropy_Accumulator& accum) + { + for(size_t i = 0; i != m_srcs.size(); ++i) + { + m_srcs[i]->poll(accum); + if(accum.polling_goal_achieved()) + break; + } + } -//static -void EntropySource::poll_available_sources(class Entropy_Accumulator& accum) +bool Entropy_Sources::poll_just(Entropy_Accumulator& accum, const std::string& the_src) { - static std::vector<std::unique_ptr<EntropySource>> g_sources(get_default_entropy_sources()); + for(size_t i = 0; i != m_srcs.size(); ++i) + { + if(m_srcs[i]->name() == the_src) + { + m_srcs[i]->poll(accum); + return true; + } + } - if(g_sources.empty()) - throw std::runtime_error("No entropy sources enabled at build time, RNG poll failed"); + return false; + } - size_t poll_attempt = 0; +Entropy_Sources::Entropy_Sources(const std::vector<std::string>& sources) + { + for(auto&& src_name : sources) + { + add_source(Entropy_Source::create(src_name)); + } + } - while(!accum.polling_finished() && poll_attempt < 16) +Entropy_Sources::~Entropy_Sources() + { + for(size_t i = 0; i != m_srcs.size(); ++i) { - const size_t src_idx = poll_attempt % g_sources.size(); - g_sources[src_idx]->poll(accum); - ++poll_attempt; + delete m_srcs[i]; + m_srcs[i] = nullptr; } + m_srcs.clear(); + } + +Entropy_Sources& Entropy_Sources::global_sources() + { + static Entropy_Sources global_entropy_sources(BOTAN_ENTROPY_DEFAULT_SOURCES); + + return global_entropy_sources; } } diff --git a/src/lib/entropy/hres_timer/hres_timer.h b/src/lib/entropy/hres_timer/hres_timer.h index b5b92fd97..93ced283a 100644 --- a/src/lib/entropy/hres_timer/hres_timer.h +++ b/src/lib/entropy/hres_timer/hres_timer.h @@ -18,10 +18,10 @@ namespace Botan { * @note Any results from timers are marked as not contributing entropy * to the poll, as a local attacker could observe them directly. */ -class High_Resolution_Timestamp : public EntropySource +class High_Resolution_Timestamp : public Entropy_Source { public: - std::string name() const override { return "High Resolution Timestamp"; } + std::string name() const override { return "timestamp"; } void poll(Entropy_Accumulator& accum) override; }; diff --git a/src/lib/entropy/info.txt b/src/lib/entropy/info.txt index 77c2669e9..ba5a4044d 100644 --- a/src/lib/entropy/info.txt +++ b/src/lib/entropy/info.txt @@ -1 +1 @@ -define ENTROPY_SOURCE 20150201 +define ENTROPY_SOURCE 20151120 diff --git a/src/lib/entropy/proc_walk/proc_walk.cpp b/src/lib/entropy/proc_walk/proc_walk.cpp index 3d63e5d5a..817aa80a5 100644 --- a/src/lib/entropy/proc_walk/proc_walk.cpp +++ b/src/lib/entropy/proc_walk/proc_walk.cpp @@ -113,7 +113,7 @@ int Directory_Walker::next_fd() void ProcWalking_EntropySource::poll(Entropy_Accumulator& accum) { const size_t MAX_FILES_READ_PER_POLL = 2048; - const double ENTROPY_ESTIMATE = 1.0 / (8*1024); + const double ENTROPY_ESTIMATE = 1.0 / 128; std::lock_guard<std::mutex> lock(m_mutex); diff --git a/src/lib/entropy/proc_walk/proc_walk.h b/src/lib/entropy/proc_walk/proc_walk.h index ec56f9e2d..b67f71111 100644 --- a/src/lib/entropy/proc_walk/proc_walk.h +++ b/src/lib/entropy/proc_walk/proc_walk.h @@ -23,10 +23,10 @@ class File_Descriptor_Source /** * File Tree Walking Entropy Source */ -class ProcWalking_EntropySource : public EntropySource +class ProcWalking_EntropySource : public Entropy_Source { public: - std::string name() const override { return "Proc Walker"; } + std::string name() const override { return "proc_walk"; } void poll(Entropy_Accumulator& accum) override; diff --git a/src/lib/entropy/rdrand/rdrand.h b/src/lib/entropy/rdrand/rdrand.h index 9ff6e557f..1fa928641 100644 --- a/src/lib/entropy/rdrand/rdrand.h +++ b/src/lib/entropy/rdrand/rdrand.h @@ -16,10 +16,10 @@ namespace Botan { * Entropy source using the rdrand instruction first introduced on * Intel's Ivy Bridge architecture. */ -class Intel_Rdrand : public EntropySource +class Intel_Rdrand : public Entropy_Source { public: - std::string name() const override { return "Intel Rdrand"; } + std::string name() const override { return "rdrand"; } void poll(Entropy_Accumulator& accum) override; }; diff --git a/src/lib/entropy/unix_procs/unix_procs.cpp b/src/lib/entropy/unix_procs/unix_procs.cpp index c6ad6a700..abfe341e0 100644 --- a/src/lib/entropy/unix_procs/unix_procs.cpp +++ b/src/lib/entropy/unix_procs/unix_procs.cpp @@ -43,8 +43,8 @@ size_t concurrent_processes(size_t user_request) const size_t DEFAULT_CONCURRENT = 2; const size_t MAX_CONCURRENT = 8; - if(user_request > 0 && user_request < MAX_CONCURRENT) - return user_request; + if(user_request > 0) + return std::min(user_request, MAX_CONCURRENT); const long online_cpus = ::sysconf(_SC_NPROCESSORS_ONLN); @@ -72,9 +72,6 @@ void UnixProcessInfo_EntropySource::poll(Entropy_Accumulator& accum) accum.add(::getppid(), 0.0); accum.add(::getuid(), 0.0); accum.add(::getgid(), 0.0); -#if defined(BOTAN_TARGET_OS_HAS_GETSID) - accum.add(::getsid(0), 0.0); -#endif accum.add(::getpgrp(), 0.0); struct ::rusage usage; diff --git a/src/lib/entropy/unix_procs/unix_procs.h b/src/lib/entropy/unix_procs/unix_procs.h index 808d34221..bc2fd87d1 100644 --- a/src/lib/entropy/unix_procs/unix_procs.h +++ b/src/lib/entropy/unix_procs/unix_procs.h @@ -20,10 +20,10 @@ namespace Botan { * effective against local attackers as they can sample from the same * distribution. */ -class Unix_EntropySource : public EntropySource +class Unix_EntropySource : public Entropy_Source { public: - std::string name() const override { return "Unix Process Runner"; } + std::string name() const override { return "unix_procs"; } void poll(Entropy_Accumulator& accum) override; @@ -78,10 +78,10 @@ class Unix_EntropySource : public EntropySource secure_vector<byte> m_buf; }; -class UnixProcessInfo_EntropySource : public EntropySource +class UnixProcessInfo_EntropySource : public Entropy_Source { public: - std::string name() const override { return "Unix Process Info"; } + std::string name() const override { return "proc_info"; } void poll(Entropy_Accumulator& accum) override; }; diff --git a/src/lib/entropy/win32_stats/es_win32.h b/src/lib/entropy/win32_stats/es_win32.h index 98bfb0e36..958a79e19 100644 --- a/src/lib/entropy/win32_stats/es_win32.h +++ b/src/lib/entropy/win32_stats/es_win32.h @@ -15,10 +15,10 @@ namespace Botan { /** * Win32 Entropy Source */ -class Win32_EntropySource : public EntropySource +class Win32_EntropySource : public Entropy_Source { public: - std::string name() const override { return "Win32 Statistics"; } + std::string name() const override { return "system_stats"; } void poll(Entropy_Accumulator& accum) override; }; |