static bool pluto_init_nss(char *nssdb) { SECStatus rv; /* little lie, lsw_nss_setup doesn't have logging */ loglog(RC_LOG_SERIOUS, "NSS DB directory: sql:%s", nssdb); lsw_nss_buf_t err; if (!lsw_nss_setup(nssdb, LSW_NSS_READONLY, lsw_nss_get_password, err)) { loglog(RC_LOG_SERIOUS, "%s", err); return FALSE; } libreswan_log("NSS initialized"); /* * This exists purely to make the BSI happy. * We do not inflict this on other users */ if (pluto_nss_seedbits != 0) { int seedbytes = BYTES_FOR_BITS(pluto_nss_seedbits); unsigned char *buf = alloc_bytes(seedbytes,"TLA seedmix"); get_bsi_random(seedbytes, buf); /* much TLA, very blocking */ rv = PK11_RandomUpdate(buf, seedbytes); libreswan_log("seeded %d bytes into the NSS PRNG", seedbytes); passert(rv == SECSuccess); messupn(buf, seedbytes); pfree(buf); } return TRUE; }
static bool pluto_init_nss(char *nssdb) { SECStatus rv; char dbuf[1024]; snprintf(dbuf, sizeof(dbuf), "sql:%s", nssdb); loglog(RC_LOG_SERIOUS, "NSS DB directory: %s", dbuf); rv = NSS_Initialize(dbuf, "", "", SECMOD_DB, NSS_INIT_READONLY); if (rv != SECSuccess) { loglog(RC_LOG_SERIOUS, "NSS readonly initialization (\"%s\") failed (err %d)\n", dbuf, PR_GetError()); return FALSE; } libreswan_log("NSS initialized"); PK11_SetPasswordFunc(getNSSPassword); /* * This exists purely to make the BSI happy. * We do not inflict this on other users */ if (pluto_nss_seedbits != 0) { int seedbytes = BYTES_FOR_BITS(pluto_nss_seedbits); unsigned char *buf = alloc_bytes(seedbytes,"TLA seedmix"); get_bsi_random(seedbytes, buf); /* much TLA, very blocking */ rv = PK11_RandomUpdate(buf, seedbytes); libreswan_log("seeded %d bytes into the NSS PRNG", seedbytes); passert(rv == SECSuccess); messupn(buf, seedbytes); pfree(buf); } return TRUE; }
/* * UpdateRNG - Updates NSS's PRNG with user generated entropy * * pluto and rsasigkey use the NSS crypto library as its random source. * Some government Three Letter Agencies require that pluto reads additional * bits from /dev/random and feed these into the NSS RNG before drawing random * from the NSS library, despite the NSS library itself already seeding its * internal state. This process can block pluto or rsasigkey for an extended * time during startup, depending on the entropy of the system. Therefore * the default is to not perform this redundant seeding. If specifying a * value, it is recommended to specify at least 460 bits (for FIPS) or 440 * bits (for BSI). */ static void UpdateNSS_RNG(int seedbits) { SECStatus rv; int seedbytes = BYTES_FOR_BITS(seedbits); unsigned char *buf = alloc_bytes(seedbytes,"TLA seedmix"); lsw_random(seedbytes, buf); rv = PK11_RandomUpdate(buf, seedbytes); assert(rv == SECSuccess); messupn(buf, seedbytes); pfree(buf); }
/* * bundle - bundle e and n into an RFC2537-format chunk_t */ static char *base64_bundle(int e, chunk_t modulus) { /* * Pack the single-byte exponent into a byte array. */ assert(e <= 255); u_char exponent_byte = 1; chunk_t exponent = { .ptr = &exponent_byte, .len = 1, }; /* * Create the resource record. */ char *bundle; err_t err = rsa_pubkey_to_base64(exponent, modulus, &bundle); if (err) { fprintf(stderr, "%s: can't-happen bundle convert error `%s'\n", progname, err); exit(1); } return bundle; } /* UpdateRNG - Updates NSS's PRNG with user generated entropy. */ static void UpdateNSS_RNG(int seedbits) { SECStatus rv; int seedbytes = BYTES_FOR_BITS(seedbits); unsigned char *buf = alloc_bytes(seedbytes,"TLA seedmix"); getrandom(seedbytes, buf); rv = PK11_RandomUpdate(buf, seedbytes); assert(rv == SECSuccess); messupn(buf, seedbytes); pfree(buf); }