diff options
| author | Jack Lloyd <[email protected]> | 2015-11-24 17:51:59 -0500 |
|---|---|---|
| committer | Jack Lloyd <[email protected]> | 2015-11-24 17:51:59 -0500 |
| commit | 5f208fab1890e2ad64b52306eccd82f031425c7a (patch) | |
| tree | 6bbbf1408e10538e441e3d603d80ebb2cabc6a78 /src/lib/rng/system_rng | |
| parent | bf59ffc4de374d7b27b7ab400789ab2723131b7a (diff) | |
New reseed_with_sources call on RNGs
Provides an easier way for an application to configure a list of
entropy sources they'd like to use, or add a custom entropy source to
their seeding.
Exposes some toggles for the global/default entropy sources to build.h
Adds basic entropy tests which runs the polls and does sanity checking
on the results, including compression tests if available. These are
less useful for the CSPRNG outputs but a good check for the ones
producing plain ASCII like the /proc reader.
Diffstat (limited to 'src/lib/rng/system_rng')
| -rw-r--r-- | src/lib/rng/system_rng/system_rng.cpp | 24 | ||||
| -rw-r--r-- | src/lib/rng/system_rng/system_rng.h | 7 |
2 files changed, 25 insertions, 6 deletions
diff --git a/src/lib/rng/system_rng/system_rng.cpp b/src/lib/rng/system_rng/system_rng.cpp index 8b949d071..02ad07736 100644 --- a/src/lib/rng/system_rng/system_rng.cpp +++ b/src/lib/rng/system_rng/system_rng.cpp @@ -40,8 +40,18 @@ class System_RNG_Impl : public RandomNumberGenerator void clear() override {} std::string name() const override { return "system"; } - void reseed(size_t) override {} - void add_entropy(const byte[], size_t) override {} + size_t reseed_with_sources(Entropy_Sources& srcs, + size_t poll_bits, + std::chrono::milliseconds poll_timeout) override + { + return 0; + } + + void add_entropy(const byte[], size_t) override + { + // We could write this back to /dev/urandom to help seed the PRNG + // Unclear if this is valuable on current systems + } private: #if defined(BOTAN_TARGET_OS_HAS_CRYPTGENRANDOM) @@ -55,14 +65,18 @@ System_RNG_Impl::System_RNG_Impl() { #if defined(BOTAN_TARGET_OS_HAS_CRYPTGENRANDOM) - if(!CryptAcquireContext(&m_prov, 0, 0, PROV_RSA_FULL, CRYPT_VERIFYCONTEXT)) + if(!CryptAcquireContext(&m_prov, 0, 0, BOTAN_SYSTEM_RNG_CRYPTOAPI_PROV_TYPE, CRYPT_VERIFYCONTEXT)) throw std::runtime_error("System_RNG failed to acquire crypto provider"); #else - m_fd = ::open("/dev/urandom", O_RDONLY); +#ifndef O_NOCTTY + #define O_NOCTTY 0 +#endif + + m_fd = ::open(BOTAN_SYSTEM_RNG_DEVICE, O_RDONLY | O_NOCTTY); if(m_fd < 0) - throw std::runtime_error("System_RNG failed to open /dev/urandom"); + throw std::runtime_error("System_RNG failed to open RNG device"); #endif } diff --git a/src/lib/rng/system_rng/system_rng.h b/src/lib/rng/system_rng/system_rng.h index 0f4b94725..6290b8769 100644 --- a/src/lib/rng/system_rng/system_rng.h +++ b/src/lib/rng/system_rng/system_rng.h @@ -35,7 +35,12 @@ class BOTAN_DLL System_RNG : public RandomNumberGenerator std::string name() const override { return m_rng.name(); } - void reseed(size_t poll_bits = 256) override { m_rng.reseed(poll_bits); } + size_t reseed_with_sources(Entropy_Sources& srcs, + size_t poll_bits, + std::chrono::milliseconds poll_timeout) override + { + return m_rng.reseed_with_sources(srcs, poll_bits, poll_timeout); + } void add_entropy(const byte in[], size_t len) override { m_rng.add_entropy(in, len); } private: |