diff options
| author | Werner Koch <[email protected]> | 1999-02-24 10:12:32 +0000 |
|---|---|---|
| committer | Werner Koch <[email protected]> | 1999-02-24 10:12:32 +0000 |
| commit | d1b9b359a6361a964094cde0eb667becbefc90eb (patch) | |
| tree | 5f9b51104f54240748517f0c2b1fa0377f152b58 /cipher | |
| parent | *** empty log message *** (diff) | |
| download | gnupg-d1b9b359a6361a964094cde0eb667becbefc90eb.tar.gz gnupg-d1b9b359a6361a964094cde0eb667becbefc90eb.zip | |
See ChangeLog: Wed Feb 24 11:07:27 CET 1999 Werner Koch
Diffstat (limited to 'cipher')
| -rw-r--r-- | cipher/ChangeLog | 7 | ||||
| -rw-r--r-- | cipher/cipher.c | 22 | ||||
| -rw-r--r-- | cipher/md.c | 35 | ||||
| -rw-r--r-- | cipher/rndegd.c | 84 | ||||
| -rw-r--r-- | cipher/rndunix.c | 3 |
5 files changed, 85 insertions, 66 deletions
diff --git a/cipher/ChangeLog b/cipher/ChangeLog index a11af403f..442591f15 100644 --- a/cipher/ChangeLog +++ b/cipher/ChangeLog @@ -1,3 +1,10 @@ +Wed Feb 24 11:07:27 CET 1999 Werner Koch <[email protected]> + + * cipher.c (context): Fixed alignment + * md.c: Ditto. + + * rndegd.c: New + Mon Feb 22 20:04:00 CET 1999 Werner Koch <[email protected]> * rndegd.c: New. diff --git a/cipher/cipher.c b/cipher/cipher.c index 601165b71..ca79fa9b7 100644 --- a/cipher/cipher.c +++ b/cipher/cipher.c @@ -60,7 +60,7 @@ struct cipher_handle_s { int (*setkey)( void *c, byte *key, unsigned keylen ); void (*encrypt)( void *c, byte *outbuf, byte *inbuf ); void (*decrypt)( void *c, byte *outbuf, byte *inbuf ); - byte context[1]; + PROPERLY_ALIGNED_TYPE context; }; @@ -328,8 +328,10 @@ cipher_open( int algo, int mode, int secure ) /* ? perform selftest here and mark this with a flag in cipher_table ? */ hd = secure ? m_alloc_secure_clear( sizeof *hd - + cipher_table[i].contextsize ) - : m_alloc_clear( sizeof *hd + cipher_table[i].contextsize ); + + cipher_table[i].contextsize + - sizeof(PROPERLY_ALIGNED_TYPE) ) + : m_alloc_clear( sizeof *hd + cipher_table[i].contextsize + - sizeof(PROPERLY_ALIGNED_TYPE) ); hd->algo = algo; hd->blocksize = cipher_table[i].blocksize; hd->setkey = cipher_table[i].setkey; @@ -360,7 +362,7 @@ cipher_close( CIPHER_HANDLE c ) int cipher_setkey( CIPHER_HANDLE c, byte *key, unsigned keylen ) { - return (*c->setkey)( &c->context, key, keylen ); + return (*c->setkey)( &c->context.c, key, keylen ); } @@ -383,7 +385,7 @@ do_ecb_encrypt( CIPHER_HANDLE c, byte *outbuf, byte *inbuf, unsigned nblocks ) unsigned n; for(n=0; n < nblocks; n++ ) { - (*c->encrypt)( &c->context, outbuf, inbuf ); + (*c->encrypt)( &c->context.c, outbuf, inbuf ); inbuf += c->blocksize; outbuf += c->blocksize; } @@ -395,7 +397,7 @@ do_ecb_decrypt( CIPHER_HANDLE c, byte *outbuf, byte *inbuf, unsigned nblocks ) unsigned n; for(n=0; n < nblocks; n++ ) { - (*c->decrypt)( &c->context, outbuf, inbuf ); + (*c->decrypt)( &c->context.c, outbuf, inbuf ); inbuf += c->blocksize; outbuf += c->blocksize; } @@ -428,7 +430,7 @@ do_cfb_encrypt( CIPHER_HANDLE c, byte *outbuf, byte *inbuf, unsigned nbytes ) int i; /* encrypt the IV (and save the current one) */ memcpy( c->lastiv, c->iv, blocksize ); - (*c->encrypt)( &c->context, c->iv, c->iv ); + (*c->encrypt)( &c->context.c, c->iv, c->iv ); /* XOR the input with the IV and store input into IV */ for(ivp=c->iv,i=0; i < blocksize; i++ ) *outbuf++ = (*ivp++ ^= *inbuf++); @@ -437,7 +439,7 @@ do_cfb_encrypt( CIPHER_HANDLE c, byte *outbuf, byte *inbuf, unsigned nbytes ) if( nbytes ) { /* process the remaining bytes */ /* encrypt the IV (and save the current one) */ memcpy( c->lastiv, c->iv, blocksize ); - (*c->encrypt)( &c->context, c->iv, c->iv ); + (*c->encrypt)( &c->context.c, c->iv, c->iv ); c->unused = blocksize; /* and apply the xor */ c->unused -= nbytes; @@ -479,7 +481,7 @@ do_cfb_decrypt( CIPHER_HANDLE c, byte *outbuf, byte *inbuf, unsigned nbytes ) int i; /* encrypt the IV (and save the current one) */ memcpy( c->lastiv, c->iv, blocksize ); - (*c->encrypt)( &c->context, c->iv, c->iv ); + (*c->encrypt)( &c->context.c, c->iv, c->iv ); /* XOR the input with the IV and store input into IV */ for(ivp=c->iv,i=0; i < blocksize; i++ ) { temp = *inbuf++; @@ -491,7 +493,7 @@ do_cfb_decrypt( CIPHER_HANDLE c, byte *outbuf, byte *inbuf, unsigned nbytes ) if( nbytes ) { /* process the remaining bytes */ /* encrypt the IV (and save the current one) */ memcpy( c->lastiv, c->iv, blocksize ); - (*c->encrypt)( &c->context, c->iv, c->iv ); + (*c->encrypt)( &c->context.c, c->iv, c->iv ); c->unused = blocksize; /* and apply the xor */ c->unused -= nbytes; diff --git a/cipher/md.c b/cipher/md.c index 95167ff49..0a2974406 100644 --- a/cipher/md.c +++ b/cipher/md.c @@ -47,7 +47,7 @@ struct md_digest_list_s { void (*final)( void *c ); byte *(*read)( void *c ); size_t contextsize; /* allocate this amount of context */ - char context[1]; + PROPERLY_ALIGNED_TYPE context; }; static struct md_digest_list_s *digest_list; @@ -238,13 +238,15 @@ md_enable( MD_HANDLE h, int algo ) return; } /* and allocate a new list entry */ - ac = h->secure? m_alloc_secure( sizeof *ac + r->contextsize ) - : m_alloc( sizeof *ac + r->contextsize ); + ac = h->secure? m_alloc_secure( sizeof *ac + r->contextsize + - sizeof(r->context) ) + : m_alloc( sizeof *ac + r->contextsize + - sizeof(r->context) ); *ac = *r; ac->next = h->list; h->list = ac; /* and init this instance */ - (*ac->init)( &ac->context ); + (*ac->init)( &ac->context.c ); } @@ -264,9 +266,12 @@ md_copy( MD_HANDLE a ) /* and now copy the complete list of algorithms */ /* I know that the copied list is reversed, but that doesn't matter */ for( ar=a->list; ar; ar = ar->next ) { - br = a->secure ? m_alloc_secure( sizeof *br + ar->contextsize ) - : m_alloc( sizeof *br + ar->contextsize ); - memcpy( br, ar, sizeof(*br) + ar->contextsize ); + br = a->secure ? m_alloc_secure( sizeof *br + ar->contextsize + - sizeof(ar->context) ) + : m_alloc( sizeof *br + ar->contextsize + - sizeof(ar->context) ); + memcpy( br, ar, sizeof(*br) + ar->contextsize + - sizeof(ar->context) ); br->next = b->list; b->list = br; } @@ -288,8 +293,8 @@ md_reset( MD_HANDLE a ) a->bufcount = 0; for( r=a->list; r; r = r->next ) { - memset( r->context, 0, r->contextsize ); - (*r->init)( &r->context ); + memset( r->context.c, 0, r->contextsize ); + (*r->init)( &r->context.c ); } } @@ -323,8 +328,8 @@ md_write( MD_HANDLE a, byte *inbuf, size_t inlen) BUG(); } for(r=a->list; r; r = r->next ) { - (*r->write)( &r->context, a->buffer, a->bufcount ); - (*r->write)( &r->context, inbuf, inlen ); + (*r->write)( &r->context.c, a->buffer, a->bufcount ); + (*r->write)( &r->context.c, inbuf, inlen ); } a->bufcount = 0; } @@ -340,7 +345,7 @@ md_final(MD_HANDLE a) md_write( a, NULL, 0 ); for(r=a->list; r; r = r->next ) { - (*r->final)( &r->context ); + (*r->final)( &r->context.c ); } } @@ -357,13 +362,13 @@ md_read( MD_HANDLE a, int algo ) if( (r=a->list) ) { if( r->next ) log_debug("more than algorithm in md_read(0)\n"); - return (*r->read)( &r->context ); + return (*r->read)( &r->context.c ); } } else { for(r=a->list; r; r = r->next ) if( r->algo == algo ) - return (*r->read)( &r->context ); + return (*r->read)( &r->context.c ); } BUG(); return NULL; @@ -408,7 +413,7 @@ md_digest( MD_HANDLE a, int algo, byte *buffer, int buflen ) * the context (extra overhead - should be fixed)*/ context = a->secure ? m_alloc_secure( r->contextsize ) : m_alloc( r->contextsize ); - memcpy( context, r->context, r->contextsize ); + memcpy( context, r->context.c, r->contextsize ); (*r->final)( context ); digest = (*r->read)( context ); diff --git a/cipher/rndegd.c b/cipher/rndegd.c index ef9f6e04b..15aa38d8d 100644 --- a/cipher/rndegd.c +++ b/cipher/rndegd.c @@ -24,11 +24,12 @@ #include <assert.h> #include <errno.h> #include <sys/time.h> -#include <sys/types.h> #include <sys/stat.h> #include <string.h> #include <unistd.h> +#include <sys/types.h> #include <sys/socket.h> +#include <sys/un.h> #include "types.h" #include "util.h" #include "ttyio.h" @@ -40,17 +41,10 @@ #include "i18n.h" #endif -static int gather_random( void (*add)(const void*, size_t, int), int requester, - size_t length, int level ); - -#ifdef IS_MODULE -static void tty_printf(const char *fmt, ... ) -{ - g10_log_info("tty_printf not available (%s)\n", fmt ); -} +#ifndef offsetof +#define offsetof(type, member) ((size_t) &((type *)0)->member) #endif - static int do_write( int fd, void *buf, size_t nbytes ) { @@ -60,7 +54,7 @@ do_write( int fd, void *buf, size_t nbytes ) while( nleft > 0 ) { nwritten = write( fd, buf, nleft); if( nwritten < 0 ) { - if( errno = EINTR ) + if( errno == EINTR ) continue; return -1; } @@ -70,18 +64,6 @@ do_write( int fd, void *buf, size_t nbytes ) return 0; } - my $bytes = shift; - $msg = pack("CC", 0x01, $bytes); - $s->syswrite($msg, length($msg)); - my $nread = $s->sysread($buf, 1); - die unless $nread == 1; - my $count = unpack("C",$buf); - $nread = $s->sysread($buf, $count); - die "didn't get all the entropy" unless $nread == $count; - print "got $count bytes of entropy: ",unpack("H*",$buf),"\n"; - - - static int gather_random( void (*add)(const void*, size_t, int), int requester, @@ -90,7 +72,7 @@ gather_random( void (*add)(const void*, size_t, int), int requester, static int fd = -1; int n; int warn=0; - byte buffer[768]; + byte buffer[256+2]; if( fd == -1 ) { const char *name = "/tmp/entropy"; @@ -100,7 +82,8 @@ gather_random( void (*add)(const void*, size_t, int), int requester, memset( &addr, 0, sizeof addr ); addr.sun_family = AF_UNIX; strcpy( addr.sun_path, name ); /* fixme: check that it is long enough */ - addr_len = strlen(addr.sun_path) + sizeof addr.sun_family; + addr_len = offsetof( struct sockaddr_un, sun_path ) + + strlen( addr.sun_path ); fd = socket(AF_UNIX, SOCK_STREAM, 0); if( fd == -1 ) @@ -111,44 +94,65 @@ gather_random( void (*add)(const void*, size_t, int), int requester, name, strerror(errno) ); } - if( do_write( fd, "\x01", 1 ) == -1 ) - g10_log_fatal("can't write to the EGD: %s\n", strerror(errno) ); while( length ) { fd_set rfds; struct timeval tv; int rc; - + int nbytes; + int cmd; + + nbytes = length < 255? length : 255; + /* send request */ + cmd = level >= 2 ? 2 : 1; + buffer[0] = cmd; + buffer[1] = nbytes; + if( do_write( fd, buffer, 2 ) == -1 ) + g10_log_fatal("can't write to the EGD: %s\n", strerror(errno) ); + /* wait on reply */ FD_ZERO(&rfds); FD_SET(fd, &rfds); tv.tv_sec = 3; tv.tv_usec = 0; if( !(rc=select(fd+1, &rfds, NULL, NULL, &tv)) ) { if( !warn ) - tty_printf( _( + #ifdef IS_MODULE + fprintf( stderr, + #else + tty_printf( + #endif + _( "\n" "Not enough random bytes available. Please do some other work to give\n" "the OS a chance to collect more entropy! (Need %d more bytes)\n"), length ); - warn = 0; /* set to 1 to print onyl one warning */ + warn = 0; /* <--- set to 1 to display the message only once */ continue; } else if( rc == -1 ) { - tty_printf("select() error: %s\n", strerror(errno)); + g10_log_error("select error on EGD: %s\n", strerror(errno)); continue; } + /* collect reply */ do { - int nbytes = length < sizeof(buffer)? length : sizeof(buffer); - n = read(fd, buffer, nbytes ); - if( n >= 0 && n > nbytes ) { - g10_log_error("bogus read from random device (n=%d)\n", n ); - n = nbytes; - } + n = read(fd, buffer, nbytes+2 ); } while( n == -1 && errno == EINTR ); + /* process reply */ if( n == -1 ) - g10_log_fatal("read error on EGD: %s\n", strerror(errno)); - (*add)( buffer, n, requester ); - length -= n; + g10_log_error("read error on EGD: %s\n", strerror(errno)); + else if( n < 2 ) + g10_log_error("bad EGD reply: too short\n"); + else if( buffer[0] != cmd ) + g10_log_error("bad EGD reply: cmd mismatch %d/%d\n", + cmd, *buffer ); + else if( buffer[1] != nbytes ) + g10_log_error("bad EGD reply: count mismatch %d/%d\n", + nbytes, buffer[1] ); + else { + n -= 2; + (*add)( buffer+2, n, requester ); + length -= n; + } } memset(buffer, 0, sizeof(buffer) ); diff --git a/cipher/rndunix.c b/cipher/rndunix.c index 71f75dfc2..145f17fbd 100644 --- a/cipher/rndunix.c +++ b/cipher/rndunix.c @@ -477,13 +477,14 @@ slow_poll(FILE *dbgfp, int dbgall, size_t *nbytes ) /* Try and estimate how much entropy we're getting * from a data source */ - if (dataSources[i].usefulness) + if (dataSources[i].usefulness) { if (dataSources[i].usefulness < 0) total = (dataSources[i].length + 999) / -dataSources[i].usefulness; else total = dataSources[i].length / dataSources[i].usefulness; + } if( dbgfp ) fprintf(dbgfp, "%s %s contributed %d bytes, " |