diff options
author | Nick Mathewson <nickm@torproject.org> | 2003-06-13 21:13:37 +0000 |
---|---|---|
committer | Nick Mathewson <nickm@torproject.org> | 2003-06-13 21:13:37 +0000 |
commit | d21c0feb5ac510831d98bfbaa704c525bacea6bd (patch) | |
tree | 7f572176715e27a127f03052c2e30d80f06831f9 /src/common/crypto.c | |
parent | 33eeccd0a42ce5cd2ce492bc717d74e5e5ee916e (diff) | |
download | tor-d21c0feb5ac510831d98bfbaa704c525bacea6bd.tar tor-d21c0feb5ac510831d98bfbaa704c525bacea6bd.tar.gz |
Add RNG seeding
svn:r318
Diffstat (limited to 'src/common/crypto.c')
-rw-r--r-- | src/common/crypto.c | 42 |
1 files changed, 41 insertions, 1 deletions
diff --git a/src/common/crypto.c b/src/common/crypto.c index c0e7c6657..70754abf8 100644 --- a/src/common/crypto.c +++ b/src/common/crypto.c @@ -39,8 +39,16 @@ #define RETURN_SSL_OUTCOME(exp) return !(exp) #endif +static inline const EVP_CIPHER * +crypto_cipher_evp_cipher(int type, int enc); + + static inline int crypto_cipher_iv_length(int type) { + /* + printf("%d -> %d IV\n",type, EVP_CIPHER_iv_length( + crypto_cipher_evp_cipher(type,0))); + */ switch(type) { case CRYPTO_CIPHER_IDENTITY: return 0; @@ -53,6 +61,10 @@ crypto_cipher_iv_length(int type) { static inline int crypto_cipher_key_length(int type) { + /* + printf("%d -> %d\n",type, EVP_CIPHER_key_length( + crypto_cipher_evp_cipher(type,0))); + */ switch(type) { case CRYPTO_CIPHER_IDENTITY: return 0; @@ -774,8 +786,36 @@ void crypto_dh_free(crypto_dh_env_t *dh) free(dh); } - /* random numbers */ +int crypto_seed_rng() +{ + static char *filenames[] = { + "/dev/srandom", "/dev/urandom", "/dev/random", NULL + }; + int i; + char buf[21]; + char *cp; + FILE *f; + + for (i = 0; filenames[i]; ++i) { + f = fopen(filenames[i], "rb"); + if (!f) continue; + log(LOG_INFO, "Seeding RNG from %s", filenames[i]); + buf[20]='\xff'; + cp = fgets(buf, 20, f); + fclose(f); + if (!cp || buf[20]) { + log(LOG_INFO, "Error reading from entropy source"); + return -1; + } + RAND_seed(buf, 20); + return 0; + } + + log(LOG_INFO, "Cannot seed RNG -- no entropy source found."); + return -1; +} + int crypto_rand(unsigned int n, unsigned char *to) { assert(to); |