101 lines
3.3 KiB
Diff
101 lines
3.3 KiB
Diff
From 5d38da6d4eb29bf87e98a5cb4577b870dbf405ed Mon Sep 17 00:00:00 2001
|
|
From: Robbie Harwood <rharwood@redhat.com>
|
|
Date: Wed, 14 Sep 2016 16:12:57 -0400
|
|
Subject: [PATCH] Add OS prng intended for use with getrandom()
|
|
|
|
Add the prng_os.c module, using the name previously occupied by what
|
|
is now prng_device.c. Unlike prng_device.c, this PRNG module
|
|
maintains no file descriptor and just uses k5_os_random(), which is
|
|
most efficient on platforms which have a getrandom() system call.
|
|
|
|
[ghudson@mit.edu: expanded on commit message]
|
|
|
|
ticket: 8499
|
|
(cherry picked from commit 0be7642b2b6f7b9e0acebb2c3d60aa6c3f7543aa)
|
|
---
|
|
src/lib/crypto/krb/prng_os.c | 72 ++++++++++++++++++++++++++++++++++++++++++++
|
|
1 file changed, 72 insertions(+)
|
|
create mode 100644 src/lib/crypto/krb/prng_os.c
|
|
|
|
diff --git a/src/lib/crypto/krb/prng_os.c b/src/lib/crypto/krb/prng_os.c
|
|
new file mode 100644
|
|
index 0000000..8ea13e7
|
|
--- /dev/null
|
|
+++ b/src/lib/crypto/krb/prng_os.c
|
|
@@ -0,0 +1,72 @@
|
|
+/* -*- mode: c; c-basic-offset: 4; indent-tabs-mode: nil -*- */
|
|
+/* lib/crypto/krb/prng_os.c - OS PRNG implementation */
|
|
+/*
|
|
+ * Copyright (C) 2016 by the Massachusetts Institute of Technology.
|
|
+ * All rights reserved.
|
|
+ *
|
|
+ * Redistribution and use in source and binary forms, with or without
|
|
+ * modification, are permitted provided that the following conditions
|
|
+ * are met:
|
|
+ *
|
|
+ * * Redistributions of source code must retain the above copyright
|
|
+ * notice, this list of conditions and the following disclaimer.
|
|
+ *
|
|
+ * * Redistributions in binary form must reproduce the above copyright
|
|
+ * notice, this list of conditions and the following disclaimer in
|
|
+ * the documentation and/or other materials provided with the
|
|
+ * distribution.
|
|
+ *
|
|
+ * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
|
|
+ * "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
|
|
+ * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS
|
|
+ * FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE
|
|
+ * COPYRIGHT HOLDER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT,
|
|
+ * INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES
|
|
+ * (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR
|
|
+ * SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
|
|
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
|
|
+ * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
|
|
+ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
|
|
+ * OF THE POSSIBILITY OF SUCH DAMAGE.
|
|
+ */
|
|
+
|
|
+/*
|
|
+ * This file implements a PRNG module which relies on the system's PRNG. An
|
|
+ * OS packager can select this module given sufficient confidence in the
|
|
+ * operating system's native PRNG quality.
|
|
+ */
|
|
+
|
|
+#include "crypto_int.h"
|
|
+
|
|
+int
|
|
+k5_prng_init(void)
|
|
+{
|
|
+ return 0;
|
|
+}
|
|
+
|
|
+void
|
|
+k5_prng_cleanup(void)
|
|
+{
|
|
+}
|
|
+
|
|
+krb5_error_code KRB5_CALLCONV
|
|
+krb5_c_random_add_entropy(krb5_context context, unsigned int randsource,
|
|
+ const krb5_data *indata)
|
|
+{
|
|
+ return 0;
|
|
+}
|
|
+
|
|
+krb5_error_code KRB5_CALLCONV
|
|
+krb5_c_random_make_octets(krb5_context context, krb5_data *outdata)
|
|
+{
|
|
+ krb5_boolean res;
|
|
+
|
|
+ res = k5_get_os_entropy((uint8_t *)outdata->data, outdata->length, 0);
|
|
+ return res ? 0 : KRB5_CRYPTO_INTERNAL;
|
|
+}
|
|
+
|
|
+krb5_error_code KRB5_CALLCONV
|
|
+krb5_c_random_os_entropy(krb5_context context, int strong, int *success)
|
|
+{
|
|
+ return 0;
|
|
+}
|
|
--
|
|
2.9.3
|
|
|