diff -up scrub-2.6.1/configure.ac.libgcrypt scrub-2.6.1/configure.ac --- scrub-2.6.1/configure.ac.libgcrypt 2014-08-26 14:15:12.000000000 -0400 +++ scrub-2.6.1/configure.ac 2021-02-22 13:42:48.489217200 -0500 @@ -70,6 +70,25 @@ AC_CHECK_FUNCS( \ X_AC_CHECK_PTHREADS ## +# gcrypt library +## +have_libgcrypt=no +AC_ARG_WITH(libgcrypt, AS_HELP_STRING([--without-libgcrypt], [build without libgcrypt; + fallback to custom AES implementation])) +AS_IF([test "x$with_libgcrypt" != "xno"], + [AM_PATH_LIBGCRYPT([1.5.0], + [AC_DEFINE([HAVE_LIBGCRYPT], [1], [libgcrypt API available]) + gcrypt_CFLAGS="$LIBGCRYPT_CFLAGS" + gcrypt_LIBS="$LIBGCRYPT_LIBS" + have_libgcrypt=yes + ] + )] +) +AM_CONDITIONAL([LIBGCRYPT], [test "$have_libgcrypt" = "yes"]) +AC_SUBST([gcrypt_CFLAGS]) +AC_SUBST([gcrypt_LIBS]) + +## # Arrange for large file support ## AC_SYS_LARGEFILE diff -up scrub-2.6.1/src/genrand.c.libgcrypt scrub-2.6.1/src/genrand.c --- scrub-2.6.1/src/genrand.c.libgcrypt 2014-08-20 17:33:43.000000000 -0400 +++ scrub-2.6.1/src/genrand.c 2021-02-22 13:42:48.490217204 -0500 @@ -37,21 +37,27 @@ #include #include -#include "aes.h" #include "util.h" #include "genrand.h" #include "hwrand.h" -#define PATH_URANDOM "/dev/urandom" - -#define PAYLOAD_SZ 16 -#define KEY_SZ 16 +#ifdef HAVE_LIBGCRYPT +#include +#else +#include "aes.h" +#endif /* HAVE_LIBGCRYPT. */ extern char *prog; static bool no_hwrand = false; static hwrand_t gen_hwrand; +#ifndef HAVE_LIBGCRYPT +#define PATH_URANDOM "/dev/urandom" + +#define PAYLOAD_SZ 16 +#define KEY_SZ 16 + static aes_context ctx; static unsigned char ctr[PAYLOAD_SZ]; @@ -140,17 +146,26 @@ churnrand(void) error: return -1; } +#endif /* HAVE_LIBGCRYPT. */ /* Initialize the module. */ int initrand(void) { +#ifndef HAVE_LIBGCRYPT struct timeval tv; +#else + if (!gcry_check_version(GCRYPT_VERSION)) { + goto error; + } + gcry_control(GCRYCTL_INITIALIZATION_FINISHED, 0); +#endif /* HAVE_LIBGCRYPT */ if (!no_hwrand) gen_hwrand = init_hwrand(); +#ifndef HAVE_LIBGCRYPT /* Always initialize the software random number generator as backup */ if (gettimeofday(&tv, NULL) < 0) @@ -163,6 +178,7 @@ initrand(void) #endif if (churnrand() < 0) goto error; +#endif /* HAVE_LIBGCRYPT. */ return 0; error: return -1; @@ -173,9 +189,11 @@ error: void genrand(unsigned char *buf, int buflen) { +#ifndef HAVE_LIBGCRYPT int i; unsigned char out[PAYLOAD_SZ]; int cpylen = PAYLOAD_SZ; +#endif /* HAVE_LIBGCRYPT. */ if (gen_hwrand) { bool hwok = gen_hwrand(buf, buflen); @@ -183,6 +201,7 @@ genrand(unsigned char *buf, int buflen) return; } +#ifndef HAVE_LIBGCRYPT for (i = 0; i < buflen; i += cpylen) { aes_encrypt(&ctx, ctr, out); incr128(ctr); @@ -191,6 +210,9 @@ genrand(unsigned char *buf, int buflen) memcpy(&buf[i], out, cpylen); } assert(i == buflen); +#else + gcry_randomize(buf, buflen, GCRY_STRONG_RANDOM); +#endif /* HAVE_LIBGCRYPT. */ } /* diff -up scrub-2.6.1/src/genrand.h.libgcrypt scrub-2.6.1/src/genrand.h --- scrub-2.6.1/src/genrand.h.libgcrypt 2014-08-20 17:33:43.000000000 -0400 +++ scrub-2.6.1/src/genrand.h 2021-02-22 13:42:48.490217204 -0500 @@ -1,8 +1,14 @@ +#include "config.h" + void disable_hwrand(void); int initrand(void); -int churnrand(void); void genrand(unsigned char *buf, int buflen); +#ifndef HAVE_LIBGCRYPT +int churnrand(void); +#endif /* HAVE_LIBGCRYPT. */ + + /* * vi:tabstop=4 shiftwidth=4 expandtab */ diff -up scrub-2.6.1/src/Makefile.am.libgcrypt scrub-2.6.1/src/Makefile.am --- scrub-2.6.1/src/Makefile.am.libgcrypt 2014-08-20 17:33:43.000000000 -0400 +++ scrub-2.6.1/src/Makefile.am 2021-02-22 13:43:47.008492696 -0500 @@ -1,8 +1,6 @@ bin_PROGRAMS = scrub scrub_SOURCES = \ - aes.c \ - aes.h \ filldentry.c \ filldentry.h \ fillfile.c \ @@ -24,3 +22,9 @@ scrub_SOURCES = \ util.h scrub_LDADD = $(LIBPTHREAD) + +if LIBGCRYPT +scrub_LDADD += $(gcrypt_LIBS) +else +scrub_SOURCES += aes.c aes.h +endif diff -up scrub-2.6.1/src/scrub.c.libgcrypt scrub-2.6.1/src/scrub.c --- scrub-2.6.1/src/scrub.c.libgcrypt 2021-02-22 13:42:48.488217195 -0500 +++ scrub-2.6.1/src/scrub.c 2021-02-22 13:42:48.490217204 -0500 @@ -459,11 +459,13 @@ scrub(char *path, off_t size, const sequ case PAT_RANDOM: printf("%s: %-8s", prog, "random"); progress_create(&p, pcol); +#ifndef HAVE_LIBGCRYPT if (churnrand() < 0) { fprintf(stderr, "%s: churnrand: %s\n", prog, strerror(errno)); exit(1); } +#endif /* HAVE_LIBGCRYPT. */ written = fillfile(path, size, buf, bufsize, (progress_t)progress_update, p, (refill_t)genrand, sparse, enospc); diff -up scrub-2.6.1/test/Makefile.am.libgcrypt scrub-2.6.1/test/Makefile.am --- scrub-2.6.1/test/Makefile.am.libgcrypt 2014-08-26 14:11:14.000000000 -0400 +++ scrub-2.6.1/test/Makefile.am 2021-02-22 13:44:59.301833042 -0500 @@ -1,8 +1,8 @@ -check_PROGRAMS = pad trand aestest tprogress tgetsize tsig tsize pat +check_PROGRAMS = pad trand tprogress tgetsize tsig tsize pat TESTS_ENVIRONMENT = env TESTS_ENVIRONMENT += "PATH_SCRUB=$(top_builddir)/src/scrub" -TESTS = t00 t01 t02 t03 t04 t05 t06 t07 t08 t09 t10 t11 t12 t13 t14 t15 t16 \ +TESTS = t01 t02 t03 t04 t05 t06 t07 t08 t09 t10 t11 t12 t13 t14 t15 t16 \ t17 t18 t19 t20 t21 t22 CLEANFILES = *.out *.diff testfile @@ -13,17 +13,24 @@ common_sources = \ $(top_srcdir)/src/getsize.c \ $(top_srcdir)/src/genrand.c \ $(top_srcdir)/src/hwrand.c \ - $(top_srcdir)/src/aes.c \ $(top_srcdir)/src/util.c \ $(top_srcdir)/src/progress.c \ $(top_srcdir)/src/sig.c pad_SOURCES = pad.c $(common_sources) trand_SOURCES = trand.c $(common_sources) -aestest_SOURCES = aestest.c $(common_sources) tprogress_SOURCES = tprogress.c $(common_sources) tgetsize_SOURCES = tgetsize.c $(common_sources) tsig_SOURCES = tsig.c $(common_sources) pat_SOURCES = pat.c $(common_sources) +if LIBGCRYPT +AM_LDFLAGS = $(gcrypt_LIBS) +else +check_PROGRAMS += aestest +TESTS += t00 +common_sources += $(top_srcdir)/src/aes.c +aestest_SOURCES = aestest.c $(common_sources) +endif + EXTRA_DIST = $(TESTS) $(TESTS:%=%.exp)