[or-cvs] Add RNG seeding

Fri Jun 13 21:13:40 UTC 2003

Update of /home/or/cvsroot/src/common
In directory moria.mit.edu:/tmp/cvs-serv31930/src/common

Modified Files:
	crypto.c crypto.h 
Log Message:
Add RNG seeding

Index: crypto.c
===================================================================
RCS file: /home/or/cvsroot/src/common/crypto.c,v
retrieving revision 1.20
retrieving revision 1.21
diff -u -d -r1.20 -r1.21

--- crypto.c	10 Jun 2003 20:50:56 -0000	1.20
+++ crypto.c	13 Jun 2003 21:13:37 -0000	1.21
@@ -39,8 +39,16 @@
 #define RETURN_SSL_OUTCOME(exp) return !(exp)
 #endif
 
+static inline const EVP_CIPHER *
+crypto_cipher_evp_cipher(int type, int enc);
+
+
 static inline int 
 crypto_cipher_iv_length(int type) {
+  /*
+  printf("%d -> %d IV\n",type, EVP_CIPHER_iv_length(
+						  crypto_cipher_evp_cipher(type,0)));
+  */
   switch(type) 
     {
     case CRYPTO_CIPHER_IDENTITY: return 0;
@@ -53,6 +61,10 @@
 
 static inline int
 crypto_cipher_key_length(int type) {
+  /*
+  printf("%d -> %d\n",type, EVP_CIPHER_key_length(
+						  crypto_cipher_evp_cipher(type,0)));
+  */
   switch(type) 
     {
     case CRYPTO_CIPHER_IDENTITY: return 0;
@@ -774,8 +786,36 @@
   free(dh);
 }
 
-
 /* random numbers */
+int crypto_seed_rng()
+{
+  static char *filenames[] = { 
+    "/dev/srandom", "/dev/urandom", "/dev/random", NULL
+  };
+  int i;
+  char buf[21];
+  char *cp;
+  FILE *f;
+  
+  for (i = 0; filenames[i]; ++i) {
+    f = fopen(filenames[i], "rb");
+    if (!f) continue;
+    log(LOG_INFO, "Seeding RNG from %s", filenames[i]);
+    buf[20]='\xff';
+    cp = fgets(buf, 20, f);
+    fclose(f);
+    if (!cp || buf[20]) {
+      log(LOG_INFO, "Error reading from entropy source");
+      return -1;
+    }
+    RAND_seed(buf, 20);
+    return 0;
+  }
+
+  log(LOG_INFO, "Cannot seed RNG -- no entropy source found.");
+  return -1;
+}
+
 int crypto_rand(unsigned int n, unsigned char *to)
 {
   assert(to);

Index: crypto.h
===================================================================
RCS file: /home/or/cvsroot/src/common/crypto.h,v
retrieving revision 1.11
retrieving revision 1.12
diff -u -d -r1.11 -r1.12
--- crypto.h	7 May 2003 18:30:46 -0000	1.11
+++ crypto.h	13 Jun 2003 21:13:37 -0000	1.12
@@ -100,6 +100,7 @@
 int crypto_SHA_digest(unsigned char *m, int len, unsigned char *digest);
 
 /* random numbers */
+int crypto_seed_rng();
 int crypto_rand(unsigned int n, unsigned char *to);
 int crypto_pseudo_rand(unsigned int n, unsigned char *to);
 

