static void
_rs_stir(void)
{
u_char rnd[KEYSZ + IVSZ];
if (getentropy(rnd, sizeof rnd) == -1) {
#ifdef SIGKILL
raise(SIGKILL);
#else
exit(9); /* windows */
#endif
}
if (!rs)
_rs_init(rnd, sizeof(rnd));
else
_rs_rekey(rnd, sizeof(rnd));
explicit_bzero(rnd, sizeof(rnd)); /* discard source seed */
/* invalidate rs_buf */
rs->rs_have = 0;
memset(rsx->rs_buf, 0, sizeof(rsx->rs_buf));
rs->rs_count = 1600000;
}
static void
_rs_rekey(unsigned char *dat, size_t datlen)
{
#ifndef KEYSTREAM_ONLY
pure_memzero(rs_buf, RSBUFSZ);
#endif
/* fill rs_buf with the keystream */
chacha_encrypt_bytes(&rs, rs_buf, rs_buf, RSBUFSZ);
/* mix in optional user provided data */
if (dat != NULL) {
size_t i, m;
if (datlen < KEYSZ + IVSZ) {
m = datlen;
} else {
m = KEYSZ + IVSZ;
}
for (i = 0; i < m; i++) {
rs_buf[i] ^= dat[i];
}
}
/* immediately reinit for backtracking resistance */
_rs_init(rs_buf, KEYSZ + IVSZ);
pure_memzero(rs_buf, KEYSZ + IVSZ);
rs_have = RSBUFSZ - KEYSZ - IVSZ;
}
static void
_rs_stir(void)
{
unsigned char rnd[KEYSZ + IVSZ];
#ifdef WITH_OPENSSL
if (RAND_bytes(rnd, sizeof(rnd)) <= 0)
fatal("Couldn't obtain random bytes (error %ld)",
ERR_get_error());
#else
getrnd(rnd, sizeof(rnd));
#endif
if (!rs_initialized) {
rs_initialized = 1;
_rs_init(rnd, sizeof(rnd));
} else
_rs_rekey(rnd, sizeof(rnd));
explicit_bzero(rnd, sizeof(rnd));
/* invalidate rs_buf */
rs_have = 0;
memset(rs_buf, 0, RSBUFSZ);
rs_count = 1600000;
}
static void
_rs_stir(void)
{
unsigned char rnd[KEYSZ + IVSZ];
if (!rs_initialized) {
random_data_source_fd = _rs_random_dev_open();
}
if (random_data_source_fd != -1) {
safe_read(random_data_source_fd, rnd, sizeof rnd);
} else {
#ifdef HAVE_RANDOM_DEV
_exit(1);
#else
size_t i = (size_t) 0U;
# ifdef HAVE_ARC4RANDOM
crypto_uint4 r;
do {
r = arc4random();
memcpy(&rnd[i], &r, (size_t) 4U);
i += (size_t) 4U;
} while (i < sizeof(rnd));
# elif defined(HAVE_RANDOM)
unsigned short r;
do {
r = (unsigned short) random();
rnd[i++] = r & 0xFF;
rnd[i++] = (r << 8) & 0xFF;
} while (i < sizeof(rnd));
# else
unsigned char r;
do {
r = (unsigned char) rand();
rnd[i++] = r;
} while (i < sizeof(rnd));
# endif
#endif
}
if (!rs_initialized) {
rs_initialized = 1;
_rs_init(rnd, sizeof rnd);
} else {
_rs_rekey(rnd, sizeof rnd);
}
pure_memzero(rnd, sizeof rnd);
/* invalidate rs_buf */
rs_have = 0;
pure_memzero(rs_buf, RSBUFSZ);
rs_count = 1600000;
}
static void
_rs_stir(void)
{
u_char rnd[KEYSZ + IVSZ];
if (getentropy(rnd, sizeof rnd) == -1)
_getentropy_fail();
if (!rs)
_rs_init(rnd, sizeof(rnd));
else
_rs_rekey(rnd, sizeof(rnd));
explicit_bzero(rnd, sizeof(rnd)); /* discard source seed */
/* invalidate rs_buf */
rs->rs_have = 0;
memset(rsx->rs_buf, 0, sizeof(rsx->rs_buf));
rs->rs_count = 1600000;
}
static inline void
_rs_rekey(unsigned char *dat, size_t datlen)
{
#ifndef KEYSTREAM_ONLY
memset(rs_buf, 0, RSBUFSZ);
#endif
/* fill rs_buf with the keystream */
chacha_encrypt_bytes(&rs, rs_buf, rs_buf, RSBUFSZ);
/* mix in optional user provided data */
if (dat) {
size_t i, m;
m = MIN(datlen, KEYSZ + IVSZ);
for (i = 0; i < m; i++)
rs_buf[i] ^= dat[i];
}
/* immediately reinit for backtracking resistance */
_rs_init(rs_buf, KEYSZ + IVSZ);
memset(rs_buf, 0, KEYSZ + IVSZ);
rs_have = RSBUFSZ - KEYSZ - IVSZ;
}