/*
* Initialise the given ctr_drbg context, using a personalisation string and an
* entropy gathering function.
*/
ctr_drbg_context * rand_ctx_get()
{
static entropy_context ec = {0};
static ctr_drbg_context cd_ctx = {0};
static bool rand_initialised = false;
if (!rand_initialised)
{
struct gc_arena gc = gc_new();
struct buffer pers_string = alloc_buf_gc(100, &gc);
/*
* Personalisation string, should be as unique as possible (see NIST
* 800-90 section 8.7.1). We have very little information at this stage.
* Include Program Name, memory address of the context and PID.
*/
buf_printf(&pers_string, "OpenVPN %0u %p %s", platform_getpid(), &cd_ctx, time_string(0, 0, 0, &gc));
/* Initialise PolarSSL RNG, and built-in entropy sources */
entropy_init(&ec);
if (0 != ctr_drbg_init(&cd_ctx, entropy_func, &ec, BPTR(&pers_string), BLEN(&pers_string)))
msg (M_FATAL, "Failed to initialize random generator");
gc_free(&gc);
rand_initialised = true;
}
return &cd_ctx;
}
/* Write our PID to a file */
void
write_pid (const char *filename)
{
if (filename)
{
unsigned int pid = 0;
FILE *fp = platform_fopen (filename, "w");
if (!fp)
msg (M_ERR, "Open error on pid file %s", filename);
pid = platform_getpid ();
fprintf(fp, "%u\n", pid);
if (fclose (fp))
msg (M_ERR, "Close error on pid file %s", filename);
}
}
