aboutsummaryrefslogtreecommitdiffstats
path: root/src
diff options
context:
space:
mode:
authorlloyd <[email protected]>2014-03-22 19:16:24 +0000
committerlloyd <[email protected]>2014-03-22 19:16:24 +0000
commit8ce4a125a6eaf012821852ce629ead2466a2fde8 (patch)
tree2902f436b55e22fecf31be72467f44477ed49f57 /src
parent6b043baa4f421e9d00272f3e0d93b7e40cac6b77 (diff)
Simpify HMAC_RNG reseeding process. Actually update HMAC_DRBG reseed counter.
Diffstat (limited to 'src')
-rw-r--r--src/lib/entropy/dev_random/dev_random.cpp2
-rw-r--r--src/lib/entropy/egd/es_egd.cpp4
-rw-r--r--src/lib/entropy/entropy_src.h70
-rw-r--r--src/lib/libstate/entropy_srcs.cpp4
-rw-r--r--src/lib/rng/hmac_drbg/hmac_drbg.cpp2
-rw-r--r--src/lib/rng/hmac_rng/hmac_rng.cpp14
6 files changed, 33 insertions, 63 deletions
diff --git a/src/lib/entropy/dev_random/dev_random.cpp b/src/lib/entropy/dev_random/dev_random.cpp
index 3f8df8749..832424acd 100644
--- a/src/lib/entropy/dev_random/dev_random.cpp
+++ b/src/lib/entropy/dev_random/dev_random.cpp
@@ -63,7 +63,7 @@ void Device_EntropySource::poll(Entropy_Accumulator& accum)
const size_t ENTROPY_BITS_PER_BYTE = 8;
const size_t MS_WAIT_TIME = 32;
- const size_t READ_ATTEMPT = std::max<size_t>(accum.desired_remaining_bits() / 8, 16);
+ const size_t READ_ATTEMPT = 32;
int max_fd = m_devices[0];
fd_set read_set;
diff --git a/src/lib/entropy/egd/es_egd.cpp b/src/lib/entropy/egd/es_egd.cpp
index d8dbecd44..c04acb4f3 100644
--- a/src/lib/entropy/egd/es_egd.cpp
+++ b/src/lib/entropy/egd/es_egd.cpp
@@ -137,9 +137,9 @@ EGD_EntropySource::~EGD_EntropySource()
*/
void EGD_EntropySource::poll(Entropy_Accumulator& accum)
{
- size_t go_get = std::min<size_t>(accum.desired_remaining_bits() / 8, 32);
+ const size_t READ_ATTEMPT = 32;
- secure_vector<byte>& io_buffer = accum.get_io_buffer(go_get);
+ secure_vector<byte>& io_buffer = accum.get_io_buffer(READ_ATTEMPT);
for(size_t i = 0; i != sockets.size(); ++i)
{
diff --git a/src/lib/entropy/entropy_src.h b/src/lib/entropy/entropy_src.h
index 552eca9de..d42f6eca2 100644
--- a/src/lib/entropy/entropy_src.h
+++ b/src/lib/entropy/entropy_src.h
@@ -1,6 +1,6 @@
/*
* EntropySource
-* (C) 2008-2009 Jack Lloyd
+* (C) 2008-2009,2014 Jack Lloyd
*
* Distributed under the terms of the Botan license
*/
@@ -8,8 +8,9 @@
#ifndef BOTAN_ENTROPY_SOURCE_BASE_H__
#define BOTAN_ENTROPY_SOURCE_BASE_H__
-#include <botan/buf_comp.h>
+#include <botan/secmem.h>
#include <string>
+#include <functional>
namespace Botan {
@@ -23,8 +24,8 @@ class BOTAN_DLL Entropy_Accumulator
* Initialize an Entropy_Accumulator
* @param goal is how many bits we would like to collect
*/
- Entropy_Accumulator(size_t goal) :
- entropy_goal(goal), collected_bits(0) {}
+ Entropy_Accumulator(std::function<bool (const byte[], size_t, size_t)> accum) :
+ m_accum_fn(accum), m_done(false) {}
virtual ~Entropy_Accumulator() {}
@@ -36,29 +37,16 @@ class BOTAN_DLL Entropy_Accumulator
* @return cached I/O buffer for repeated polls
*/
secure_vector<byte>& get_io_buffer(size_t size)
- { io_buffer.resize(size); return io_buffer; }
-
- /**
- * @return number of bits collected so far
- */
- size_t bits_collected() const
- { return static_cast<size_t>(collected_bits); }
+ {
+ m_io_buffer.clear();
+ m_io_buffer.resize(size);
+ return m_io_buffer;
+ }
/**
* @return if our polling goal has been achieved
*/
- bool polling_goal_achieved() const
- { return (collected_bits >= entropy_goal); }
-
- /**
- * @return how many bits we need to reach our polling goal
- */
- size_t desired_remaining_bits() const
- {
- if(collected_bits >= entropy_goal)
- return 0;
- return static_cast<size_t>(entropy_goal - collected_bits);
- }
+ bool polling_goal_achieved() const { return m_done; }
/**
* Add entropy to the accumulator
@@ -69,8 +57,8 @@ class BOTAN_DLL Entropy_Accumulator
*/
void add(const void* bytes, size_t length, double entropy_bits_per_byte)
{
- add_bytes(reinterpret_cast<const byte*>(bytes), length);
- collected_bits += entropy_bits_per_byte * length;
+ m_done = m_accum_fn(reinterpret_cast<const byte*>(bytes),
+ length, entropy_bits_per_byte * length);
}
/**
@@ -85,35 +73,9 @@ class BOTAN_DLL Entropy_Accumulator
add(&v, sizeof(T), entropy_bits_per_byte);
}
private:
- virtual void add_bytes(const byte bytes[], size_t length) = 0;
-
- secure_vector<byte> io_buffer;
- size_t entropy_goal;
- double collected_bits;
- };
-
-/**
-* Entropy accumulator that puts the input into a Buffered_Computation
-*/
-class BOTAN_DLL Entropy_Accumulator_BufferedComputation :
- public Entropy_Accumulator
- {
- public:
- /**
- * @param sink the hash or MAC we are feeding the poll data into
- * @param goal is how many bits we want to collect in this poll
- */
- Entropy_Accumulator_BufferedComputation(Buffered_Computation& sink,
- size_t goal) :
- Entropy_Accumulator(goal), entropy_sink(sink) {}
-
- private:
- void add_bytes(const byte bytes[], size_t length) override
- {
- entropy_sink.update(bytes, length);
- }
-
- Buffered_Computation& entropy_sink;
+ std::function<bool (const byte[], size_t, size_t)> m_accum_fn;
+ bool m_done;
+ secure_vector<byte> m_io_buffer;
};
/**
diff --git a/src/lib/libstate/entropy_srcs.cpp b/src/lib/libstate/entropy_srcs.cpp
index 44bf7b2e2..1f36a945d 100644
--- a/src/lib/libstate/entropy_srcs.cpp
+++ b/src/lib/libstate/entropy_srcs.cpp
@@ -104,14 +104,12 @@ void Library_State::poll_available_sources(class Entropy_Accumulator& accum)
{
std::lock_guard<std::mutex> lock(m_entropy_src_mutex);
- const size_t poll_bits = accum.desired_remaining_bits();
-
if(m_sources.empty())
throw std::runtime_error("No entropy sources enabled at build time, poll failed");
size_t poll_attempt = 0;
- while(!accum.polling_goal_achieved() && poll_attempt < poll_bits)
+ while(!accum.polling_goal_achieved() && poll_attempt < 16)
{
const size_t src_idx = poll_attempt % m_sources.size();
m_sources[src_idx]->poll(accum);
diff --git a/src/lib/rng/hmac_drbg/hmac_drbg.cpp b/src/lib/rng/hmac_drbg/hmac_drbg.cpp
index 96bd791ee..03b617af3 100644
--- a/src/lib/rng/hmac_drbg/hmac_drbg.cpp
+++ b/src/lib/rng/hmac_drbg/hmac_drbg.cpp
@@ -38,6 +38,8 @@ void HMAC_DRBG::randomize(byte out[], size_t length)
out += to_copy;
}
+ m_reseed_counter += length;
+
update(nullptr, 0); // additional_data is always empty
}
diff --git a/src/lib/rng/hmac_rng/hmac_rng.cpp b/src/lib/rng/hmac_rng/hmac_rng.cpp
index 98ae6439e..7d8b54e84 100644
--- a/src/lib/rng/hmac_rng/hmac_rng.cpp
+++ b/src/lib/rng/hmac_rng/hmac_rng.cpp
@@ -128,7 +128,15 @@ void HMAC_RNG::reseed(size_t poll_bits)
a bad poll doesn't wipe us out.
*/
- Entropy_Accumulator_BufferedComputation accum(*m_extractor, poll_bits);
+ double bits_collected = 0;
+
+ Entropy_Accumulator accum(
+ [&](const byte in[], size_t in_len, double entropy_estimate)
+ {
+ m_extractor->update(in, in_len);
+ bits_collected += entropy_estimate;
+ return (bits_collected >= poll_bits);
+ });
global_state().poll_available_sources(accum);
@@ -162,8 +170,8 @@ void HMAC_RNG::reseed(size_t poll_bits)
m_counter = 0;
m_collected_entropy_estimate =
- std::min(m_collected_entropy_estimate + accum.bits_collected(),
- m_extractor->output_length() * 8);
+ std::min<size_t>(m_collected_entropy_estimate + bits_collected,
+ m_extractor->output_length() * 8);
m_output_since_reseed = 0;
}