summaryrefslogtreecommitdiff
path: root/src/lib/random.c
diff options
context:
space:
mode:
authordimitri staessens <[email protected]>2017-08-09 18:55:37 +0200
committerdimitri staessens <[email protected]>2017-08-09 20:48:27 +0200
commit24aa46946349529bf36d3569796a28917d3e756f (patch)
tree58ef8a40142323771eecbd8ce6c2eaea409bc138 /src/lib/random.c
parentc1d7ff1e1bd44e1a38af8a1b498c68f3378fa342 (diff)
downloadouroboros-24aa46946349529bf36d3569796a28917d3e756f.tar.gz
ouroboros-24aa46946349529bf36d3569796a28917d3e756f.zip
build, lib, ipcpd, irmd: Add support for libgcrypt
This adds support for libgcrypt. If at least version 1.7.0 of libgcrypt is present, it may be used for secure random number generation and is used for hashing in the irmd/ipcp. The hash definitions are moved to the internal hash.h header, and defined independently of the hashes that are defined as part of the directory policy for the normal IPCP. The translation is moved from the IRMd to ipcpd/ipcp.h. The bootstrap call from the IRMd expects the IPCP to return the correct hash algorithm with a dif_info struct, which is in line with the behavior of the enroll call. This also improves how some platform checks in the build system are handled.
Diffstat (limited to 'src/lib/random.c')
-rw-r--r--src/lib/random.c11
1 files changed, 6 insertions, 5 deletions
diff --git a/src/lib/random.c b/src/lib/random.c
index d6bde0f8..17973695 100644
--- a/src/lib/random.c
+++ b/src/lib/random.c
@@ -21,10 +21,13 @@
* 02110-1301 USA
*/
+#include <ouroboros/config.h>
#include <ouroboros/random.h>
#if defined(HAVE_SYS_RANDOM)
#include <sys/random.h>
+#elif defined(HAVE_LIBGCRYPT)
+#include <grypt.h>
#elif defined(__FreeBSD__)
#include <stdlib.h>
#elif defined(HAVE_OPENSSL)
@@ -36,16 +39,14 @@ int random_buffer(void * buf,
size_t len)
{
#if defined(HAVE_SYS_RANDOM)
- return getrandom(buf, len, GRND_NONBLOCK); /* also in glibc 2.25 */
+ return getrandom(buf, len, GRND_NONBLOCK); /* glibc 2.25 */
+#elif defined(HAVE_LIBGCRYPT)
+ return gcry_randomize(buf, len, GCRY_STRONG_RANDOM);
#elif defined(__FreeBSD__)
return arc4random_buf(buf, len);
#elif defined(HAVE_OPENSSL)
if (len > 0 && len < INT_MAX)
return RAND_bytes((unsigned char *) buf, (int) len);
return -1;
-#else
- (void) buf;
- (void) len;
- return -1;
#endif
}