From 1418ba24b73b8d9e4af67950fee38a02e7f1ac75 Mon Sep 17 00:00:00 2001 From: lloyd Date: Fri, 19 Mar 2010 15:59:45 +0000 Subject: There are some nasty API problems that are caused by having to pass a PRNG everywhere. The removal of the global PRNG was generated by a desire to remove the global library state entirely. However the real point of this was to remove the use of globally visible _mutable_ state; of the mutable state, the PRNG is probably the least important, and the most useful to share. And it seems unlikely that thread contention would be a major issue in the PRNG. Add back a global PRNG to Library_State. Use lazy initialization, so apps that don't ever use a PRNG don't need a seeding step. Then have AutoSeeded_RNG call that global PRNG. Offer once again RandomNumberGenerator& Library_State::global_rng(); which returns a reference to the global PRNG. This RNG object serializes access to itself with a mutex. Remove the hack known as Blinding::choose_nonce, replace with using the global PRNG to choose a blinding nonce --- src/rng/auto_rng/auto_rng.cpp | 141 ------------------------------------------ src/rng/auto_rng/auto_rng.h | 17 ++--- src/rng/auto_rng/info.txt | 3 +- 3 files changed, 10 insertions(+), 151 deletions(-) delete mode 100644 src/rng/auto_rng/auto_rng.cpp (limited to 'src/rng') diff --git a/src/rng/auto_rng/auto_rng.cpp b/src/rng/auto_rng/auto_rng.cpp deleted file mode 100644 index 78a7ca21d..000000000 --- a/src/rng/auto_rng/auto_rng.cpp +++ /dev/null @@ -1,141 +0,0 @@ -/* -* Auto Seeded RNG -* (C) 2008 Jack Lloyd -* -* Distributed under the terms of the Botan license -*/ - -#include -#include -#include - -#if defined(BOTAN_HAS_RANDPOOL) - #include -#endif - -#if defined(BOTAN_HAS_HMAC_RNG) - #include -#endif - -#if defined(BOTAN_HAS_X931_RNG) - #include -#endif - -#if defined(BOTAN_HAS_ENTROPY_SRC_HIGH_RESOLUTION_TIMER) - #include -#endif - -#if defined(BOTAN_HAS_ENTROPY_SRC_DEV_RANDOM) - #include -#endif - -#if defined(BOTAN_HAS_ENTROPY_SRC_EGD) - #include -#endif - -#if defined(BOTAN_HAS_ENTROPY_SRC_UNIX) - #include -#endif - -#if defined(BOTAN_HAS_ENTROPY_SRC_BEOS) - #include -#endif - -#if defined(BOTAN_HAS_ENTROPY_SRC_CAPI) - #include -#endif - -#if defined(BOTAN_HAS_ENTROPY_SRC_WIN32) - #include -#endif - -#if defined(BOTAN_HAS_ENTROPY_SRC_FTW) - #include -#endif - -namespace Botan { - -namespace { - -/** -* Add any known entropy sources to this RNG -*/ -void add_entropy_sources(RandomNumberGenerator* rng) - { -#if defined(BOTAN_HAS_ENTROPY_SRC_HIGH_RESOLUTION_TIMER) - rng->add_entropy_source(new High_Resolution_Timestamp); -#endif - -#if defined(BOTAN_HAS_ENTROPY_SRC_DEV_RANDOM) - rng->add_entropy_source( - new Device_EntropySource( - split_on("/dev/urandom:/dev/random:/dev/srandom", ':') - ) - ); -#endif - -#if defined(BOTAN_HAS_ENTROPY_SRC_EGD) - rng->add_entropy_source( - new EGD_EntropySource(split_on("/var/run/egd-pool:/dev/egd-pool", ':')) - ); -#endif - -#if defined(BOTAN_HAS_ENTROPY_SRC_CAPI) - rng->add_entropy_source(new Win32_CAPI_EntropySource); -#endif - -#if defined(BOTAN_HAS_ENTROPY_SRC_FTW) - rng->add_entropy_source(new FTW_EntropySource("/proc")); -#endif - -#if defined(BOTAN_HAS_ENTROPY_SRC_WIN32) - rng->add_entropy_source(new Win32_EntropySource); -#endif - -#if defined(BOTAN_HAS_ENTROPY_SRC_BEOS) - rng->add_entropy_source(new BeOS_EntropySource); -#endif - -#if defined(BOTAN_HAS_ENTROPY_SRC_UNIX) - rng->add_entropy_source( - new Unix_EntropySource(split_on("/bin:/sbin:/usr/bin:/usr/sbin", ':')) - ); -#endif - } - -} - -AutoSeeded_RNG::AutoSeeded_RNG(u32bit poll_bits) - { - rng = 0; - - Algorithm_Factory& af = global_state().algorithm_factory(); - -#if defined(BOTAN_HAS_HMAC_RNG) - - rng = new HMAC_RNG(af.make_mac("HMAC(SHA-512)"), - af.make_mac("HMAC(SHA-256)")); - -#elif defined(BOTAN_HAS_RANDPOOL) && defined(BOTAN_HAS_AES) - - rng = new Randpool(af.make_block_cipher("AES-256"), - af.make_mac("HMAC(SHA-256)")); - -#endif - - if(!rng) - throw Internal_Error("No usable RNG found enabled in build"); - - /* If X9.31 is available, use it to wrap the other RNG as a failsafe */ -#if defined(BOTAN_HAS_X931_RNG) && defined(BOTAN_HAS_AES) - - rng = new ANSI_X931_RNG(af.make_block_cipher("AES-256"), rng); - -#endif - - add_entropy_sources(rng); - - rng->reseed(poll_bits); - } - -} diff --git a/src/rng/auto_rng/auto_rng.h b/src/rng/auto_rng/auto_rng.h index a15b11b13..9a93fee8f 100644 --- a/src/rng/auto_rng/auto_rng.h +++ b/src/rng/auto_rng/auto_rng.h @@ -9,31 +9,32 @@ #define BOTAN_AUTO_SEEDING_RNG_H__ #include +#include #include namespace Botan { -/** -* RNG that attempts to seed itself -*/ class BOTAN_DLL AutoSeeded_RNG : public RandomNumberGenerator { public: void randomize(byte out[], u32bit len) { rng->randomize(out, len); } - bool is_seeded() const - { return rng->is_seeded(); } + + bool is_seeded() const { return rng->is_seeded(); } + void clear() { rng->clear(); } - std::string name() const - { return "AutoSeeded(" + rng->name() + ")"; } + + std::string name() const { return rng->name(); } void reseed(u32bit poll_bits = 256) { rng->reseed(poll_bits); } + void add_entropy_source(EntropySource* es) { rng->add_entropy_source(es); } + void add_entropy(const byte in[], u32bit len) { rng->add_entropy(in, len); } - AutoSeeded_RNG(u32bit poll_bits = 256); + AutoSeeded_RNG() { rng = &global_state().global_rng(); } ~AutoSeeded_RNG() { delete rng; } private: RandomNumberGenerator* rng; diff --git a/src/rng/auto_rng/info.txt b/src/rng/auto_rng/info.txt index 0f7cee282..6f98a65f4 100644 --- a/src/rng/auto_rng/info.txt +++ b/src/rng/auto_rng/info.txt @@ -1,6 +1,5 @@ define AUTO_SEEDING_RNG -hmac -sha2 +libstate -- cgit v1.2.3