summaryrefslogtreecommitdiff
path: root/src
diff options
context:
space:
mode:
authordimitri staessens <[email protected]>2017-07-08 16:29:16 +0200
committerdimitri staessens <[email protected]>2017-07-09 12:50:15 +0200
commit93d5edc86b27e0ffa3b6badd4c18cd7f0e23cec9 (patch)
treee85e944f99046e583e888bb9f6dded71ef2e07b3 /src
parent3ca06069e72a0f4b98865732c022acd7d63a1057 (diff)
downloadouroboros-93d5edc86b27e0ffa3b6badd4c18cd7f0e23cec9.tar.gz
ouroboros-93d5edc86b27e0ffa3b6badd4c18cd7f0e23cec9.zip
lib: Add secure random generator
This adds a secure random number generator. It will use OS specific calls with a fallback to OpenSSL if available.
Diffstat (limited to 'src')
-rw-r--r--src/lib/CMakeLists.txt35
-rw-r--r--src/lib/random.c51
2 files changed, 81 insertions, 5 deletions
diff --git a/src/lib/CMakeLists.txt b/src/lib/CMakeLists.txt
index 99dd96fc..e08869b8 100644
--- a/src/lib/CMakeLists.txt
+++ b/src/lib/CMakeLists.txt
@@ -16,7 +16,7 @@ protobuf_generate_c(FRCT_ENROLL_SRCS FRCT_ENROLL_HDRS frct_enroll.proto)
if (NOT APPLE)
find_library(LIBRT_LIBRARIES rt)
if (NOT LIBRT_LIBRARIES)
- message(FATAL_ERROR "librt not found")
+ message(FATAL_ERROR "Could not find librt.")
endif ()
else ()
set(LIBRT_LIBRARIES "")
@@ -24,9 +24,14 @@ endif ()
find_library(LIBPTHREAD_LIBRARIES pthread)
if (NOT LIBPTHREAD_LIBRARIES)
- message(FATAL_ERROR "libpthread not found")
+ message(FATAL_ERROR "Could not find libpthread.")
endif ()
+find_path(LINUX_RND_HDR
+ sys/random.h
+ HINTS /usr/include /usr/local/include
+ )
+
set(SOURCE_FILES
# Add source files here
bitmap.c
@@ -46,6 +51,7 @@ set(SOURCE_FILES
nsm.c
qos.c
qoscube.c
+ random.c
rib.c
sha3.c
shm_flow_set.c
@@ -60,14 +66,33 @@ add_library(ouroboros SHARED ${SOURCE_FILES} ${IRM_PROTO_SRCS}
${IPCP_PROTO_SRCS} ${DIF_CONFIG_PROTO_SRCS} ${CDAP_PROTO_SRCS}
${CACEP_PROTO_SRCS} ${RO_PROTO_SRCS} ${FRCT_ENROLL_SRCS})
-target_link_libraries(ouroboros ${LIBRT_LIBRARIES}
- ${LIBPTHREAD_LIBRARIES} ${PROTOBUF_C_LIBRARY})
-
include(AddCompileFlags)
if (CMAKE_BUILD_TYPE MATCHES Debug)
add_compile_flags(ouroboros -DCONFIG_OUROBOROS_DEBUG)
endif (CMAKE_BUILD_TYPE MATCHES Debug)
+if (CMAKE_SYSTEM_NAME STREQUAL "FreeBSD")
+ message(STATUS "Found FreeBSD, using arc4random.")
+else()
+ if (${LINUX_RND_HDR} STREQUAL "LINUX_RND_HDR-NOTFOUND")
+ find_package(OpenSSL)
+ if (NOT OPENSSL_FOUND)
+ message(STATUS "No secure random generation, please install OpenSSL.")
+ else()
+ message(STATUS "OpenSSL found")
+ include_directories($OPENSSL_INCLUDE_DIR})
+ add_compile_flags(ouroboros -DHAVE_OPENSSL)
+ endif()
+ else ()
+ message(STATUS "Found linux random header in ${LINUX_RND_HDR}.")
+ include_directories(${LINUX_RND_HDR})
+ add_compile_flags(ouroboros -DHAVE_SYS_RANDOM)
+ endif ()
+endif()
+
+target_link_libraries(ouroboros ${LIBRT_LIBRARIES}
+ ${LIBPTHREAD_LIBRARIES} ${PROTOBUF_C_LIBRARY} ${OPENSSL_LIBRARIES})
+
install(TARGETS ouroboros LIBRARY DESTINATION usr/lib)
target_include_directories(ouroboros PUBLIC ${CMAKE_CURRENT_BINARY_DIR})
diff --git a/src/lib/random.c b/src/lib/random.c
new file mode 100644
index 00000000..d6bde0f8
--- /dev/null
+++ b/src/lib/random.c
@@ -0,0 +1,51 @@
+/*
+ * Ouroboros - Copyright (C) 2016 - 2017
+ *
+ * Pseudo random generator
+ *
+ * Dimitri Staessens <[email protected]>
+ * Sander Vrijders <[email protected]>
+ *
+ * This library is free software; you can redistribute it and/or
+ * modify it under the terms of the GNU Lesser General Public License
+ * version 2.1 as published by the Free Software Foundation.
+ *
+ * This library is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
+ * Lesser General Public License for more details.
+ *
+ * You should have received a copy of the GNU Lesser General Public
+ * License along with this library; if not, write to the Free Software
+ * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA
+ * 02110-1301 USA
+ */
+
+#include <ouroboros/random.h>
+
+#if defined(HAVE_SYS_RANDOM)
+#include <sys/random.h>
+#elif defined(__FreeBSD__)
+#include <stdlib.h>
+#elif defined(HAVE_OPENSSL)
+#include <openssl/rand.h>
+#include <limits.h>
+#endif
+
+int random_buffer(void * buf,
+ size_t len)
+{
+#if defined(HAVE_SYS_RANDOM)
+ return getrandom(buf, len, GRND_NONBLOCK); /* also in glibc 2.25 */
+#elif defined(__FreeBSD__)
+ return arc4random_buf(buf, len);
+#elif defined(HAVE_OPENSSL)
+ if (len > 0 && len < INT_MAX)
+ return RAND_bytes((unsigned char *) buf, (int) len);
+ return -1;
+#else
+ (void) buf;
+ (void) len;
+ return -1;
+#endif
+}