Ver código fonte

[crypto] Add a placeholder for a proper random number generator

Currently it just calls random().

Signed-off-by: Marty Connor <mdc@etherboot.org>
tags/v1.0.0-rc1
Joshua Oreman 15 anos atrás
pai
commit
8d08da3a99
2 arquivos alterados com 57 adições e 0 exclusões
  1. 55
    0
      src/crypto/crandom.c
  2. 2
    0
      src/include/gpxe/crypto.h

+ 55
- 0
src/crypto/crandom.c Ver arquivo

@@ -0,0 +1,55 @@
1
+/*
2
+ * Copyright (c) 2009 Joshua Oreman <oremanj@rwcr.net>.
3
+ *
4
+ * This program is free software; you can redistribute it and/or
5
+ * modify it under the terms of the GNU General Public License as
6
+ * published by the Free Software Foundation; either version 2 of the
7
+ * License, or any later version.
8
+ *
9
+ * This program is distributed in the hope that it will be useful, but
10
+ * WITHOUT ANY WARRANTY; without even the implied warranty of
11
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
12
+ * General Public License for more details.
13
+ *
14
+ * You should have received a copy of the GNU General Public License
15
+ * along with this program; if not, write to the Free Software
16
+ * Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA.
17
+ */
18
+
19
+FILE_LICENCE ( GPL2_OR_LATER );
20
+
21
+/** @file
22
+ *
23
+ * Cryptographically strong random number generator
24
+ *
25
+ * Currently the cryptographic part is not implemented, and this just
26
+ * uses random().
27
+ */
28
+
29
+#include <gpxe/crypto.h>
30
+#include <stdlib.h>
31
+
32
+/**
33
+ * Get cryptographically strong random bytes
34
+ *
35
+ * @v buf	Buffer in which to store random bytes
36
+ * @v len	Number of random bytes to generate
37
+ *
38
+ * @b WARNING: This function is currently underimplemented, and does
39
+ * not give numbers any stronger than random()!
40
+ */
41
+void get_random_bytes ( void *buf, size_t len )
42
+{
43
+	u8 *bufp = buf;
44
+
45
+	/*
46
+	 * Somewhat arbitrarily, choose the 0x00FF0000-masked byte
47
+	 * returned by random() as having good entropy. PRNGs often
48
+	 * don't provide good entropy in lower bits, and the top byte
49
+	 * might show a pattern because of sign issues.
50
+	 */
51
+
52
+	while ( len-- ) {
53
+		*bufp++ = ( random() >> 16 ) & 0xFF;
54
+	}
55
+}

+ 2
- 0
src/include/gpxe/crypto.h Ver arquivo

@@ -151,4 +151,6 @@ extern struct digest_algorithm digest_null;
151 151
 extern struct cipher_algorithm cipher_null;
152 152
 extern struct pubkey_algorithm pubkey_null;
153 153
 
154
+void get_random_bytes ( void *buf, size_t len );
155
+
154 156
 #endif /* _GPXE_CRYPTO_H */

Carregando…
Cancelar
Salvar