static int
wrap_nettle_rnd (void *_ctx, int level, void *data, size_t datasize)
{
  int ret;

  RND_LOCK;

  ret = do_trivia_source (0);
  if (ret < 0)
    {
      RND_UNLOCK;
      gnutls_assert ();
      return ret;
    }

  ret = do_device_source (0);
  if (ret < 0)
    {
      RND_UNLOCK;
      gnutls_assert ();
      return ret;
    }

  yarrow256_random (&yctx, datasize, data);
  RND_UNLOCK;
  return 0;
}
Exemple #2
0
static int
process_file(struct rsa_session *ctx,
	     FILE *in, FILE *out)
{
  uint8_t buffer[BLOCK_SIZE + SHA1_DIGEST_SIZE];

  for (;;)
    {
      size_t size = fread(buffer, 1, BLOCK_SIZE, in);
      hmac_sha1_update(&ctx->hmac, size, buffer);

      if (size < BLOCK_SIZE)
	{
	  unsigned leftover;
	  unsigned padding;

	  if (ferror(in))
	    {
	      werror("Reading input failed: %s\n", strerror(errno));
	      return 0;
	    }
	  
	  leftover = size % AES_BLOCK_SIZE;
	  padding = AES_BLOCK_SIZE - leftover;

	  assert (size + padding <= BLOCK_SIZE);
	  
	  if (padding > 1)
	    yarrow256_random(&ctx->yarrow, padding - 1, buffer + size);

	  size += padding;

	  buffer[size - 1] = padding;
	  CBC_ENCRYPT(&ctx->aes, aes_encrypt, size, buffer, buffer);

	  assert (size + SHA1_DIGEST_SIZE <= sizeof(buffer));

	  hmac_sha1_digest(&ctx->hmac, SHA1_DIGEST_SIZE, buffer + size);
	  size += SHA1_DIGEST_SIZE;

	  if (!write_string(out, size, buffer))
	    {
	      werror("Writing output failed: %s\n", strerror(errno));
	      return 0;
	    }
	  return 1;
	}

      CBC_ENCRYPT(&ctx->aes, aes_encrypt, size, buffer, buffer);
      if (!write_string(out, size, buffer))
	{
	  werror("Writing output failed: %s\n", strerror(errno));
	  return 0;
	}
    }
}
Exemple #3
0
static int
wrap_nettle_rnd(void *_ctx, int level, void *data, size_t datasize)
{
	int ret, reseed = 0;
	struct event_st event;

	if (level == GNUTLS_RND_NONCE)
		return wrap_nettle_rnd_nonce(_ctx, data, datasize);

	_rnd_get_event(&event);

	RND_LOCK(&rnd_ctx);

	if (_gnutls_detect_fork(rnd_ctx.forkid)) {	/* fork() detected */
		memset(&rnd_ctx.device_last_read, 0, sizeof(rnd_ctx.device_last_read));
		reseed = 1;
	}

	/* reseed main */
	ret = do_trivia_source(&rnd_ctx, 0, &event);
	if (ret < 0) {
		gnutls_assert();
		goto cleanup;
	}

	ret = do_device_source(&rnd_ctx, 0, &event);
	if (ret < 0) {
		gnutls_assert();
		goto cleanup;
	}

	if (reseed != 0) {
		yarrow256_slow_reseed(&rnd_ctx.yctx);
		rnd_ctx.forkid = _gnutls_get_forkid();
	}

	yarrow256_random(&rnd_ctx.yctx, datasize, data);
	ret = 0;

cleanup:
	RND_UNLOCK(&rnd_ctx);
	return ret;
}
Exemple #4
0
int
main(int argc, char **argv)
{
  struct rsa_session ctx;
  struct rsa_session_info info;
  
  struct rsa_public_key key;
  mpz_t x;
  
  int c;
  const char *random_name = NULL;

  enum { OPT_HELP = 300 };
  
  static const struct option options[] =
    {
      /* Name, args, flag, val */
      { "help", no_argument, NULL, OPT_HELP },
      { "random", required_argument, NULL, 'r' },
      { NULL, 0, NULL, 0}
    };
  
  while ( (c = getopt_long(argc, argv, "o:r:", options, NULL)) != -1)
    switch (c)
      {
      case 'r':
	random_name = optarg;
	break;
	
      case '?':
	return EXIT_FAILURE;

      case OPT_HELP:
	usage(stdout);
	return EXIT_SUCCESS;
      default:
	abort();
      }

  argv += optind;
  argc -= optind;

  if (argc != 1)
    {
      usage (stderr);
      return EXIT_FAILURE;
    }

  rsa_public_key_init(&key);
  
  if (!read_rsa_key(argv[0], &key, NULL))
    {
      werror("Invalid key\n");
      return EXIT_FAILURE;
    }

  /* NOTE: No sources */
  yarrow256_init(&ctx.yarrow, 0, NULL);
  
  /* Read some data to seed the generator */
  if (!simple_random(&ctx.yarrow, random_name))
    {
      werror("Initialization of randomness generator failed.\n");
      return EXIT_FAILURE;
    }

  WRITE_UINT32(SESSION_VERSION(&info), RSA_VERSION);
  
  yarrow256_random(&ctx.yarrow, sizeof(info.key) - 4, info.key + 4);

  rsa_session_set_encrypt_key(&ctx, &info);
  
#ifdef WIN32
  _setmode(0, O_BINARY);
  _setmode(1, O_BINARY);
#endif

  write_version(stdout);
  
  mpz_init(x);

  if (!rsa_encrypt(&key,
		   &ctx.yarrow, (nettle_random_func *) yarrow256_random,
		   sizeof(info.key), info.key, 
		   x))
    {
      werror("RSA encryption failed.\n");
      return EXIT_FAILURE;
    }

  write_bignum(stdout, x);

  mpz_clear (x);

  if (!process_file(&ctx,
		    stdin, stdout))
    return EXIT_FAILURE;

  rsa_public_key_clear(&key);

  return EXIT_SUCCESS;
}
Exemple #5
0
//Return randomly generated uint8 value of specified size
void gen_random(struct yarrow256_ctx *ctx, size_t s, uint8_t *r) {

    yarrow256_random(ctx, s, r); //generate s bytes of PR, store in r

}
void strongRandomize(void* buffer, unsigned int length){
	Q_ASSERT(yarrow256_is_seeded(&StrongCtx));
	for(uint i=0; i<length;i++)
		yarrow256_random(&StrongCtx,1,(quint8*)buffer+i);	
}
void randomize(void* buffer, unsigned int length){
	if(!yarrow256_is_seeded(&StrongCtx))
		yarrow256_random(&WeakCtx,length,(quint8*)buffer);
	else
		yarrow256_random(&StrongCtx,length,(quint8*)buffer);
}