diff options
| author | Joshua Oreman <oremanj@rwcr.net> | 2009-06-29 22:54:16 -0700 |
|---|---|---|
| committer | Marty Connor <mdc@etherboot.org> | 2010-01-05 09:07:33 -0500 |
| commit | 8d08da3a994f318c3d0bf0c70881f1f5b3dcfa4d (patch) | |
| tree | 1170a51def314c2580f8b0fcc064fbffb01b4baf | |
| parent | 6c6db8647b07dd08101ef7d5950eb39cb5eb451a (diff) | |
| download | ipxe-8d08da3a994f318c3d0bf0c70881f1f5b3dcfa4d.tar.gz | |
[crypto] Add a placeholder for a proper random number generator
Currently it just calls random().
Signed-off-by: Marty Connor <mdc@etherboot.org>
| -rw-r--r-- | src/crypto/crandom.c | 55 | ||||
| -rw-r--r-- | src/include/gpxe/crypto.h | 2 |
2 files changed, 57 insertions, 0 deletions
diff --git a/src/crypto/crandom.c b/src/crypto/crandom.c new file mode 100644 index 000000000..9828482e4 --- /dev/null +++ b/src/crypto/crandom.c @@ -0,0 +1,55 @@ +/* + * Copyright (c) 2009 Joshua Oreman <oremanj@rwcr.net>. + * + * This program is free software; you can redistribute it and/or + * modify it under the terms of the GNU General Public License as + * published by the Free Software Foundation; either version 2 of the + * License, or any later version. + * + * This program is distributed in the hope that it will be useful, but + * WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU + * General Public License for more details. + * + * You should have received a copy of the GNU General Public License + * along with this program; if not, write to the Free Software + * Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA. + */ + +FILE_LICENCE ( GPL2_OR_LATER ); + +/** @file + * + * Cryptographically strong random number generator + * + * Currently the cryptographic part is not implemented, and this just + * uses random(). + */ + +#include <gpxe/crypto.h> +#include <stdlib.h> + +/** + * Get cryptographically strong random bytes + * + * @v buf Buffer in which to store random bytes + * @v len Number of random bytes to generate + * + * @b WARNING: This function is currently underimplemented, and does + * not give numbers any stronger than random()! + */ +void get_random_bytes ( void *buf, size_t len ) +{ + u8 *bufp = buf; + + /* + * Somewhat arbitrarily, choose the 0x00FF0000-masked byte + * returned by random() as having good entropy. PRNGs often + * don't provide good entropy in lower bits, and the top byte + * might show a pattern because of sign issues. + */ + + while ( len-- ) { + *bufp++ = ( random() >> 16 ) & 0xFF; + } +} diff --git a/src/include/gpxe/crypto.h b/src/include/gpxe/crypto.h index 751ca05ba..ecda5f6da 100644 --- a/src/include/gpxe/crypto.h +++ b/src/include/gpxe/crypto.h @@ -151,4 +151,6 @@ extern struct digest_algorithm digest_null; extern struct cipher_algorithm cipher_null; extern struct pubkey_algorithm pubkey_null; +void get_random_bytes ( void *buf, size_t len ); + #endif /* _GPXE_CRYPTO_H */ |