Commit d21c0feb authored by Nick Mathewson's avatar Nick Mathewson
Browse files

Add RNG seeding


svn:r318
parent 33eeccd0
......@@ -39,8 +39,16 @@
#define RETURN_SSL_OUTCOME(exp) return !(exp)
#endif
static inline const EVP_CIPHER *
crypto_cipher_evp_cipher(int type, int enc);
static inline int
crypto_cipher_iv_length(int type) {
/*
printf("%d -> %d IV\n",type, EVP_CIPHER_iv_length(
crypto_cipher_evp_cipher(type,0)));
*/
switch(type)
{
case CRYPTO_CIPHER_IDENTITY: return 0;
......@@ -53,6 +61,10 @@ crypto_cipher_iv_length(int type) {
static inline int
crypto_cipher_key_length(int type) {
/*
printf("%d -> %d\n",type, EVP_CIPHER_key_length(
crypto_cipher_evp_cipher(type,0)));
*/
switch(type)
{
case CRYPTO_CIPHER_IDENTITY: return 0;
......@@ -774,8 +786,36 @@ void crypto_dh_free(crypto_dh_env_t *dh)
free(dh);
}
/* random numbers */
int crypto_seed_rng()
{
static char *filenames[] = {
"/dev/srandom", "/dev/urandom", "/dev/random", NULL
};
int i;
char buf[21];
char *cp;
FILE *f;
for (i = 0; filenames[i]; ++i) {
f = fopen(filenames[i], "rb");
if (!f) continue;
log(LOG_INFO, "Seeding RNG from %s", filenames[i]);
buf[20]='\xff';
cp = fgets(buf, 20, f);
fclose(f);
if (!cp || buf[20]) {
log(LOG_INFO, "Error reading from entropy source");
return -1;
}
RAND_seed(buf, 20);
return 0;
}
log(LOG_INFO, "Cannot seed RNG -- no entropy source found.");
return -1;
}
int crypto_rand(unsigned int n, unsigned char *to)
{
assert(to);
......
......@@ -100,6 +100,7 @@ crypto_cipher_env_t *crypto_create_init_cipher(int cipher_type, char *key, char
int crypto_SHA_digest(unsigned char *m, int len, unsigned char *digest);
/* random numbers */
int crypto_seed_rng();
int crypto_rand(unsigned int n, unsigned char *to);
int crypto_pseudo_rand(unsigned int n, unsigned char *to);
......
......@@ -799,6 +799,7 @@ int tor_main(int argc, char *argv[]) {
signal (SIGHUP, catch); /* to reload directory */
crypto_global_init();
crypto_seed_rng();
retval = do_main_loop();
crypto_global_cleanup();
......
Supports Markdown
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment