int state_key_generate(state *s) { unsigned char entropy_pool[1024]; /* 160 + 8032 bits */ const int real_random = 20; const int pseudo_random = sizeof(entropy_pool) - real_random; const int salt = s->flags & FLAG_SALTED; /* TODO: It's almost certain that it's better To read whole * key from dev/random instead of this weird splitting. */ /* Gather entropy from random + urandom to speed things up... */ if (crypto_file_rng("/dev/random", NULL, entropy_pool, real_random) != 0) { print_perror(PRINT_ERROR, "Unable to open /dev/random"); return 1; } if (crypto_file_rng("/dev/urandom", NULL, entropy_pool+real_random, pseudo_random) != 0) { print_perror(PRINT_ERROR, "Unable to open /dev/random"); return 1; } if (salt == 0) { crypto_sha256(entropy_pool, sizeof(entropy_pool), s->sequence_key); memset(entropy_pool, 0, sizeof(entropy_pool)); s->counter = num_i(0); s->latest_card = num_i(0); s->flags &= ~(FLAG_SALTED); } else { unsigned char cnt_bin[32] = {'\0'}; /* Use half of entropy to generate key */ crypto_sha256(entropy_pool, sizeof(entropy_pool)/2, s->sequence_key); /* And half to initialize counter */ crypto_sha256(entropy_pool + sizeof(entropy_pool)/2, sizeof(entropy_pool)/2, cnt_bin); num_import(&s->counter, (char *)cnt_bin, NUM_FORMAT_BIN); s->counter = num_and(s->counter, s->salt_mask); s->latest_card = num_i(0); memset(entropy_pool, 0, sizeof(entropy_pool)); memset(cnt_bin, 0, sizeof(cnt_bin)); s->flags |= FLAG_SALTED; } s->new_key = 1; return 0; }
void hash_find(unsigned char *addr, unsigned int size, unsigned char *digest, unsigned char auth_alg) { crypto_result_type ret_val = CRYPTO_SHA_ERR_NONE; crypto_engine_type platform_ce_type = board_ce_type(); if (auth_alg == CRYPTO_AUTH_ALG_SHA1) { if(platform_ce_type == CRYPTO_ENGINE_TYPE_SW) /* Hardware CE is not present , use software hashing */ digest = SHA1(addr, size, digest); else if (platform_ce_type == CRYPTO_ENGINE_TYPE_HW) ret_val = crypto_sha1(addr, size, digest); else ret_val = CRYPTO_SHA_ERR_FAIL; } else if (auth_alg == CRYPTO_AUTH_ALG_SHA256) { if(platform_ce_type == CRYPTO_ENGINE_TYPE_SW) /* Hardware CE is not present , use software hashing */ digest = SHA256(addr, size, digest); else if (platform_ce_type == CRYPTO_ENGINE_TYPE_HW) ret_val = crypto_sha256(addr, size, digest); else ret_val = CRYPTO_SHA_ERR_FAIL; } else ret_val = CRYPTO_SHA_ERR_FAIL; if (ret_val != CRYPTO_SHA_ERR_NONE) { dprintf(CRITICAL, "crypto_sha256 returns error %d\n", ret_val); } }
void hash_find(unsigned char *addr, unsigned int size, unsigned char *digest, unsigned char auth_alg) { crypto_result_type ret_val = CRYPTO_SHA_ERR_NONE; if (auth_alg == 1) { #ifdef NO_CRYPTO_ENG /* Hardware CE is not present , use software hashing */ digest = SHA1(addr, size, digest); #else ret_val = crypto_sha1(addr, size, digest); #endif } else if (auth_alg == 2) { #ifdef NO_CRYPTO_ENG /* Hardware CE is not present , use software hashing */ digest = SHA256(addr, size, digest); #else ret_val = crypto_sha256(addr, size, digest); #endif } if (ret_val != CRYPTO_SHA_ERR_NONE) { dprintf(CRITICAL, "crypto_sha256 returns error %d\n", ret_val); } }
/* Generate a ping_id and put it in ping_id */ static void generate_ping_id(const Onion_Announce *onion_a, uint64_t time, const uint8_t *public_key, IP_Port ret_ip_port, uint8_t *ping_id) { time /= PING_ID_TIMEOUT; uint8_t data[CRYPTO_SYMMETRIC_KEY_SIZE + sizeof(time) + CRYPTO_PUBLIC_KEY_SIZE + sizeof(ret_ip_port)]; memcpy(data, onion_a->secret_bytes, CRYPTO_SYMMETRIC_KEY_SIZE); memcpy(data + CRYPTO_SYMMETRIC_KEY_SIZE, &time, sizeof(time)); memcpy(data + CRYPTO_SYMMETRIC_KEY_SIZE + sizeof(time), public_key, CRYPTO_PUBLIC_KEY_SIZE); memcpy(data + CRYPTO_SYMMETRIC_KEY_SIZE + sizeof(time) + CRYPTO_PUBLIC_KEY_SIZE, &ret_ip_port, sizeof(ret_ip_port)); crypto_sha256(ping_id, data, sizeof(data)); }