From 0f1f8ccf43e1296725cfbef482d19c90b15af98c Mon Sep 17 00:00:00 2001 From: Daniel Borkmann Date: Tue, 4 Jun 2013 09:58:23 +0200 Subject: [PATCH] rnd: break out prng from xutils We only need it in curvetun, this makes it easier to maintain. Signed-off-by: Daniel Borkmann --- curve.c | 1 + curve.h | 1 + curvetun/Makefile | 1 + rnd.c | 49 +++++++++++++++++++++++++++++++++++++++++++++++++ rnd.h | 6 ++++++ xio.c | 45 --------------------------------------------- xio.h | 1 - 7 files changed, 58 insertions(+), 46 deletions(-) create mode 100644 rnd.c create mode 100644 rnd.h diff --git a/curve.c b/curve.c index 1b05f0c4..2b390b13 100644 --- a/curve.c +++ b/curve.c @@ -21,6 +21,7 @@ #include "curve.h" #include "xutils.h" #include "xio.h" +#include "rnd.h" #include "die.h" #include "str.h" #include "curvetun.h" diff --git a/curve.h b/curve.h index 85c6e61e..8750b705 100644 --- a/curve.h +++ b/curve.h @@ -13,6 +13,7 @@ #include "locking.h" #include "built_in.h" #include "xio.h" +#include "rnd.h" #include "crypto_box_curve25519xsalsa20poly1305.h" struct tai { diff --git a/curvetun/Makefile b/curvetun/Makefile index 44025ac3..ce91dc24 100644 --- a/curvetun/Makefile +++ b/curvetun/Makefile @@ -10,6 +10,7 @@ curvetun-objs = xmalloc.o \ corking.o \ trie.o \ hash.o \ + rnd.o \ curve.o \ cpusched.o \ ct_usermgmt.o \ diff --git a/rnd.c b/rnd.c new file mode 100644 index 00000000..ad321753 --- /dev/null +++ b/rnd.c @@ -0,0 +1,49 @@ +#include +#include +#include +#include + +#include "rnd.h" + +static int fd_rnd = -1; + +static void randombytes(unsigned char *x, unsigned long long xlen) +{ + int ret; + + if (fd_rnd == -1) { + for (;;) { + fd_rnd = open("/dev/urandom", O_RDONLY); + if (fd_rnd != -1) + break; + sleep(1); + } + } + + while (xlen > 0) { + if (xlen < 1048576) + ret = xlen; + else + ret = 1048576; + + ret = read(fd_rnd, x, ret); + if (ret < 1) { + sleep(1); + continue; + } + + x += ret; + xlen -= ret; + } +} + +/* Note: it's not really secure, but the name only suggests it's better to use + * than rand(3) when transferring bytes over the network in non-security + * critical structure members. secrand() is only used to fill up salts actually. + */ +int secrand(void) +{ + int ret; + randombytes((void *) &ret, sizeof(ret)); + return ret; +} diff --git a/rnd.h b/rnd.h new file mode 100644 index 00000000..3d36d8ec --- /dev/null +++ b/rnd.h @@ -0,0 +1,6 @@ +#ifndef RND_H +#define RND_H + +extern int secrand(void); + +#endif /* RND_H */ diff --git a/xio.c b/xio.c index 991ff7f0..da172061 100644 --- a/xio.c +++ b/xio.c @@ -158,51 +158,6 @@ ssize_t write_exact(int fd, void *buf, size_t len, int mayexit) return num; } -static int fd_rnd = -1; - -static void randombytes(unsigned char *x, unsigned long long xlen) -{ - int ret; - - if (fd_rnd == -1) { - for (;;) { - fd_rnd = open("/dev/urandom", O_RDONLY); - if (fd_rnd != -1) - break; - sleep(1); - } - } - - while (xlen > 0) { - if (xlen < 1048576) - ret = xlen; - else - ret = 1048576; - - ret = read(fd_rnd, x, ret); - if (ret < 1) { - sleep(1); - continue; - } - - x += ret; - xlen -= ret; - } -} - -/* Note: it's not really secure, but the name only suggests it's better to use - * than rand(3) when transferring bytes over the network in non-security - * critical structure members. secrand() is only used to fill up salts actually. - */ -int secrand(void) -{ - int ret; - - randombytes((void *) &ret, sizeof(ret)); - - return ret; -} - static char const *priov[] = { [LOG_EMERG] = "EMERG:", [LOG_ALERT] = "ALERT:", diff --git a/xio.h b/xio.h index fe8e1e20..b02e7a94 100644 --- a/xio.h +++ b/xio.h @@ -16,7 +16,6 @@ extern ssize_t read_or_die(int fd, void *buf, size_t count); extern ssize_t write_or_die(int fd, const void *buf, size_t count); extern ssize_t read_exact(int fd, void *buf, size_t len, int mayexit); extern ssize_t write_exact(int fd, void *buf, size_t len, int mayexit); -extern int secrand(void); extern void to_std_log(FILE **fp); #endif /* XIO_H */ -- 2.11.4.GIT