static void
fill_random_nonzero (guchar *data, gsize n_data)
{
guchar *rnd;
guint n_zero, i, j;
gcry_randomize (data, n_data, GCRY_STRONG_RANDOM);
/* Find any zeros in random data */
n_zero = 0;
for (i = 0; i < n_data; ++i) {
if (data[i] == 0x00)
++n_zero;
}
while (n_zero > 0) {
rnd = gcry_random_bytes (n_zero, GCRY_STRONG_RANDOM);
n_zero = 0;
for (i = 0, j = 0; i < n_data; ++i) {
if (data[i] != 0x00)
continue;
/* Use some of the replacement data */
data[i] = rnd[j];
++j;
/* It's zero again :( */
if (data[i] == 0x00)
n_zero++;
}
gcry_free (rnd);
}
}
static char* createNewSalt(const char *path, struct passwd *userInfo)
{
unlink(path);//in case the file already exists
char *dir = strdup(path);
dir[strlen(dir) - 14] = '\0';//remove kdewallet.salt
mkpath(dir, userInfo);//create the path in case it does not exists
free(dir);
char *salt = gcry_random_bytes(KWALLET_PAM_SALTSIZE, GCRY_STRONG_RANDOM);
FILE *fd = fopen(path, "w");
//If the file can't be created
if (fd == NULL) {
syslog(LOG_ERR, "Couldn't open file: %s because: %d-%s", path, errno, strerror(errno));
return NULL;
}
fwrite(salt, KWALLET_PAM_SALTSIZE, 1, fd);
fclose(fd);
if (chown(path, userInfo->pw_uid, userInfo->pw_gid) == -1) {
syslog(LOG_ERR, "Couldn't change ownership of the created salt file");
}
return salt;
}
/*This function returns randomly generated 4bytes of data that can be used as salt value for encryption */
char * generatesalt()
{
char *salt = malloc(SALTSIZE);
int i;
salt = gcry_random_bytes (SALTSIZE, GCRY_STRONG_RANDOM);
printf("Salt value generated successfully\n");
return salt;
}
/* Return a new valid instance tag */
otrl_instag_t otrl_instag_get_new()
{
otrl_instag_t result = 0;
while(result < OTRL_MIN_VALID_INSTAG) {
otrl_instag_t * instag = (otrl_instag_t *)gcry_random_bytes(
sizeof(otrl_instag_t), GCRY_STRONG_RANDOM);
result = *instag;
gcry_free(instag);
}
return result;
}
/* We do the encryption init on the fly. We can't do it in the module
init code because that is run before we listen for connections and
in case we are started on demand by gpg etc. it will only wait for
a few seconds to decide whether the agent may now accept
connections. Thus we should get into listen state as soon as
possible. */
static gpg_error_t
init_encryption (void)
{
gpg_error_t err;
void *key;
int res;
if (encryption_handle)
return 0; /* Shortcut - Already initialized. */
res = npth_mutex_lock (&encryption_lock);
if (res)
log_fatal ("failed to acquire cache encryption mutex: %s\n", strerror (res));
err = gcry_cipher_open (&encryption_handle, GCRY_CIPHER_AES128,
GCRY_CIPHER_MODE_AESWRAP, GCRY_CIPHER_SECURE);
if (!err)
{
key = gcry_random_bytes (ENCRYPTION_KEYSIZE, GCRY_STRONG_RANDOM);
if (!key)
err = gpg_error_from_syserror ();
else
{
err = gcry_cipher_setkey (encryption_handle, key, ENCRYPTION_KEYSIZE);
xfree (key);
}
if (err)
{
gcry_cipher_close (encryption_handle);
encryption_handle = NULL;
}
}
if (err)
log_error ("error initializing cache encryption context: %s\n",
gpg_strerror (err));
res = npth_mutex_unlock (&encryption_lock);
if (res)
log_fatal ("failed to release cache encryption mutex: %s\n", strerror (res));
return err? gpg_error (GPG_ERR_NOT_INITIALIZED) : 0;
}
void
gcry_mpi_randomize( gcry_mpi_t w,
unsigned int nbits, enum gcry_random_level level )
{
unsigned char *p;
size_t nbytes = (nbits+7)/8;
if (level == GCRY_WEAK_RANDOM)
{
p = mpi_is_secure(w) ? gcry_xmalloc_secure (nbytes)
: gcry_xmalloc (nbytes);
gcry_create_nonce (p, nbytes);
}
else
{
p = mpi_is_secure(w) ? gcry_random_bytes_secure (nbytes, level)
: gcry_random_bytes (nbytes, level);
}
_gcry_mpi_set_buffer( w, p, nbytes, 0 );
gcry_free (p);
}
