gnunet-svn
[Top][All Lists]
Advanced

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[GNUnet-SVN] r26070 - in gnunet/src: core include util


From: gnunet
Subject: [GNUnet-SVN] r26070 - in gnunet/src: core include util
Date: Tue, 12 Feb 2013 00:04:43 +0100

Author: grothoff
Date: 2013-02-12 00:04:43 +0100 (Tue, 12 Feb 2013)
New Revision: 26070

Modified:
   gnunet/src/core/gnunet-service-core.c
   gnunet/src/include/gnunet_crypto_lib.h
   gnunet/src/util/configuration.c
   gnunet/src/util/crypto_ecc.c
   gnunet/src/util/crypto_random.c
   gnunet/src/util/crypto_rsa.c
   gnunet/src/util/gnunet-ecc.c
   gnunet/src/util/gnunet-rsa.c
   gnunet/src/util/test_crypto_aes.c
   gnunet/src/util/test_crypto_aes_weak.c
   gnunet/src/util/test_crypto_ecc.c
   gnunet/src/util/test_crypto_rsa.c
   gnunet/src/util/test_pseudonym.c
Log:
-trying to address #2791

Modified: gnunet/src/core/gnunet-service-core.c
===================================================================
--- gnunet/src/core/gnunet-service-core.c       2013-02-11 18:35:35 UTC (rev 
26069)
+++ gnunet/src/core/gnunet-service-core.c       2013-02-11 23:04:43 UTC (rev 
26070)
@@ -24,6 +24,7 @@
  * @author Christian Grothoff
  */
 #include "platform.h"
+#include <gcrypt.h>
 #include "gnunet_util_lib.h"
 #include "gnunet-service-core.h"
 #include "gnunet-service-core_clients.h"

Modified: gnunet/src/include/gnunet_crypto_lib.h
===================================================================
--- gnunet/src/include/gnunet_crypto_lib.h      2013-02-11 18:35:35 UTC (rev 
26069)
+++ gnunet/src/include/gnunet_crypto_lib.h      2013-02-11 23:04:43 UTC (rev 
26070)
@@ -1342,26 +1342,6 @@
                           *publicKey);
 
 
-/**
- * This function should only be called in testcases
- * where strong entropy gathering is not desired
- * (for example, for hostkey generation).
- */
-void
-GNUNET_CRYPTO_random_disable_entropy_gathering (void);
-
-
-/**
- * Check if we are using weak random number generation.
- *
- * @return GNUNET_YES if weak number generation is on
- *         (thus will return YES if 
'GNUNET_CRYPTO_random_disable_entropy_gathering'
- *          was called previously).
- */
-int
-GNUNET_CRYPTO_random_is_weak (void);
-
-
 #if 0                           /* keep Emacsens' auto-indent happy */
 {
 #endif

Modified: gnunet/src/util/configuration.c
===================================================================
--- gnunet/src/util/configuration.c     2013-02-11 18:35:35 UTC (rev 26069)
+++ gnunet/src/util/configuration.c     2013-02-11 23:04:43 UTC (rev 26070)
@@ -1499,11 +1499,6 @@
       (filename != NULL))
     GNUNET_CONFIGURATION_set_value_string (cfg, "PATHS", "DEFAULTCONFIG",
                                            filename);
-  if ((GNUNET_YES ==
-       GNUNET_CONFIGURATION_have_value (cfg, "TESTING", "WEAKRANDOM")) &&
-      (GNUNET_YES ==
-       GNUNET_CONFIGURATION_get_value_yesno (cfg, "TESTING", "WEAKRANDOM")))
-    GNUNET_CRYPTO_random_disable_entropy_gathering ();
   return GNUNET_OK;
 }
 

Modified: gnunet/src/util/crypto_ecc.c
===================================================================
--- gnunet/src/util/crypto_ecc.c        2013-02-11 18:35:35 UTC (rev 26069)
+++ gnunet/src/util/crypto_ecc.c        2013-02-11 23:04:43 UTC (rev 26070)
@@ -831,7 +831,6 @@
 {
   struct GNUNET_CRYPTO_EccKeyGenerationContext *gc;
   struct GNUNET_CRYPTO_EccPrivateKey *pk;
-  const char *weak_random;
 
   if (NULL != (pk = try_read_key (filename)))
   {
@@ -859,10 +858,6 @@
     GNUNET_free (gc);
     return NULL;
   }
-  weak_random = NULL;
-  if (GNUNET_YES ==
-      GNUNET_CRYPTO_random_is_weak ())
-    weak_random = "-w";
   gc->gnunet_ecc = GNUNET_OS_start_process (GNUNET_NO,
                                            GNUNET_OS_INHERIT_STD_ERR,
                                            NULL, 
@@ -870,7 +865,6 @@
                                            "gnunet-ecc",
                                            "gnunet-ecc",                       
                    
                                            gc->filename,
-                                           weak_random,
                                            NULL);
   if (NULL == gc->gnunet_ecc)
   {

Modified: gnunet/src/util/crypto_random.c
===================================================================
--- gnunet/src/util/crypto_random.c     2013-02-11 18:35:35 UTC (rev 26069)
+++ gnunet/src/util/crypto_random.c     2013-02-11 23:04:43 UTC (rev 26070)
@@ -35,13 +35,6 @@
 #define LOG_STRERROR(kind,syscall) GNUNET_log_from_strerror (kind, "util", 
syscall)
 
 
-/**
- * GNUNET_YES if we are using a 'weak' (low-entropy) PRNG.
- */ 
-static int weak_random;
-
-
-
 /* TODO: ndurner, move this to plibc? */
 /* The code is derived from glibc, obviously */
 #if MINGW
@@ -237,31 +230,6 @@
 
 
 /**
- * Check if we are using weak random number generation.
- *
- * @return GNUNET_YES if weak number generation is on
- */
-int
-GNUNET_CRYPTO_random_is_weak ()
-{
-  return weak_random;
-}
-
-
-/**
- * This function should only be called in testcases
- * where strong entropy gathering is not desired
- * (for example, for hostkey generation).
- */
-void
-GNUNET_CRYPTO_random_disable_entropy_gathering ()
-{
-  weak_random = GNUNET_YES;
-  gcry_control (GCRYCTL_ENABLE_QUICK_RANDOM, 0);
-}
-
-
-/**
  * Process ID of the "find" process that we use for
  * entropy gathering.
  */
@@ -332,10 +300,12 @@
 }
 
 
-void __attribute__ ((constructor)) GNUNET_CRYPTO_random_init ()
+void __attribute__ ((constructor)) 
+GNUNET_CRYPTO_random_init ()
 {
-  gcry_control (GCRYCTL_DISABLE_SECMEM, 0);
-  if (!gcry_check_version (NEED_LIBGCRYPT_VERSION))
+  gcry_error_t rc;
+
+  if (! gcry_check_version (NEED_LIBGCRYPT_VERSION))
   {
     FPRINTF (stderr,
              _
@@ -343,6 +313,15 @@
              NEED_LIBGCRYPT_VERSION);
     GNUNET_abort ();
   }
+  if ((rc = gcry_control (GCRYCTL_DISABLE_SECMEM, 0)))
+    FPRINTF (stderr, "Failed to set libgcrypt option %s: %s\n", 
"DISABLE_SECMEM",
+            gcry_strerror (rc));
+  /* we only generate ephemeral keys in-process; for those,
+     we are fine with "just" using GCRY_STRONG_RANDOM */
+  if ((rc = gcry_control (GCRYCTL_ENABLE_QUICK_RANDOM, 0)))
+    FPRINTF (stderr,  "Failed to set libgcrypt option %s: %s\n", 
"ENABLE_QUICK_RANDOM",
+            gcry_strerror (rc));
+  
 #ifdef GCRYCTL_INITIALIZATION_FINISHED
   gcry_control (GCRYCTL_INITIALIZATION_FINISHED, 0);
 #endif
@@ -357,7 +336,8 @@
 }
 
 
-void __attribute__ ((destructor)) GNUNET_CRYPTO_random_fini ()
+void __attribute__ ((destructor)) 
+GNUNET_CRYPTO_random_fini ()
 {
   gcry_set_progress_handler (NULL, NULL);
 }

Modified: gnunet/src/util/crypto_rsa.c
===================================================================
--- gnunet/src/util/crypto_rsa.c        2013-02-11 18:35:35 UTC (rev 26069)
+++ gnunet/src/util/crypto_rsa.c        2013-02-11 23:04:43 UTC (rev 26070)
@@ -998,7 +998,6 @@
 {
   struct GNUNET_CRYPTO_RsaKeyGenerationContext *gc;
   struct GNUNET_CRYPTO_RsaPrivateKey *pk;
-  const char *weak_random;
 
   if (NULL != (pk = try_read_key (filename)))
   {
@@ -1026,10 +1025,6 @@
     GNUNET_free (gc);
     return NULL;
   }
-  weak_random = NULL;
-  if (GNUNET_YES ==
-      GNUNET_CRYPTO_random_is_weak ())
-    weak_random = "-w";
   gc->gnunet_rsa = GNUNET_OS_start_process (GNUNET_NO,
                                            GNUNET_OS_INHERIT_STD_ERR,
                                            NULL, 
@@ -1037,7 +1032,6 @@
                                            "gnunet-rsa",
                                            "gnunet-rsa",                       
                    
                                            gc->filename,
-                                           weak_random,
                                            NULL);
   if (NULL == gc->gnunet_rsa)
   {

Modified: gnunet/src/util/gnunet-ecc.c
===================================================================
--- gnunet/src/util/gnunet-ecc.c        2013-02-11 18:35:35 UTC (rev 26069)
+++ gnunet/src/util/gnunet-ecc.c        2013-02-11 23:04:43 UTC (rev 26070)
@@ -45,11 +45,6 @@
 static int print_short_identity;
 
 /**
- * Use weak random number generator for key generation.
- */
-static int weak_random;
-
-/**
  * Option set to create a bunch of keys at once.
  */
 static unsigned int make_keys;
@@ -143,8 +138,6 @@
     fprintf (stderr, _("No hostkey file specified on command line\n"));
     return;
   }
-  if (0 != weak_random)    
-    GNUNET_CRYPTO_random_disable_entropy_gathering ();  
   if (make_keys > 0)
   {
     create_keys (args[0]);
@@ -208,9 +201,6 @@
     { 's', "print-short-identity", NULL,
       gettext_noop ("print the short hash of the public key in ASCII format"),
       0, &GNUNET_GETOPT_set_one, &print_short_identity },
-    { 'w', "weak-random", NULL,
-      gettext_noop ("use insecure, weak random number generator for key 
generation (for testing only)"),
-      0, &GNUNET_GETOPT_set_one, &weak_random },
     GNUNET_GETOPT_OPTION_END
   };
   int ret;

Modified: gnunet/src/util/gnunet-rsa.c
===================================================================
--- gnunet/src/util/gnunet-rsa.c        2013-02-11 18:35:35 UTC (rev 26069)
+++ gnunet/src/util/gnunet-rsa.c        2013-02-11 23:04:43 UTC (rev 26070)
@@ -43,12 +43,7 @@
  */
 static int print_short_identity;
 
-/**
- * Use weak random number generator for key generation.
- */
-static int weak_random;
 
-
 /**
  * Main function that will be run by the scheduler.
  *
@@ -70,8 +65,6 @@
     fprintf (stderr, _("No hostkey file specified on command line\n"));
     return;
   }
-  if (0 != weak_random)    
-    GNUNET_CRYPTO_random_disable_entropy_gathering ();  
   pk = GNUNET_CRYPTO_rsa_key_create_from_file (args[0]);
   if (NULL == pk)
     return;
@@ -127,9 +120,6 @@
     { 's', "print-short-identity", NULL,
       gettext_noop ("print the short hash of the public key in ASCII format"),
       0, &GNUNET_GETOPT_set_one, &print_short_identity },
-    { 'w', "weak-random", NULL,
-      gettext_noop ("use insecure, weak random number generator for key 
generation (for testing only)"),
-      0, &GNUNET_GETOPT_set_one, &weak_random },
     GNUNET_GETOPT_OPTION_END
   };
   int ret;

Modified: gnunet/src/util/test_crypto_aes.c
===================================================================
--- gnunet/src/util/test_crypto_aes.c   2013-02-11 18:35:35 UTC (rev 26069)
+++ gnunet/src/util/test_crypto_aes.c   2013-02-11 23:04:43 UTC (rev 26070)
@@ -147,7 +147,6 @@
   int failureCount = 0;
 
   GNUNET_log_setup ("test-crypto-aes", "WARNING", NULL);
-  GNUNET_CRYPTO_random_disable_entropy_gathering ();
   GNUNET_assert (strlen (INITVALUE) >
                  sizeof (struct GNUNET_CRYPTO_AesInitializationVector));
   failureCount += testSymcipher ();

Modified: gnunet/src/util/test_crypto_aes_weak.c
===================================================================
--- gnunet/src/util/test_crypto_aes_weak.c      2013-02-11 18:35:35 UTC (rev 
26069)
+++ gnunet/src/util/test_crypto_aes_weak.c      2013-02-11 23:04:43 UTC (rev 
26070)
@@ -175,7 +175,6 @@
   int weak_keys;
 
   GNUNET_log_setup ("test-crypto-aes-weak", "WARNING", NULL);
-  GNUNET_CRYPTO_random_disable_entropy_gathering ();
   if (GENERATE_WEAK_KEYS)
   {
     weak_keys = getWeakKeys ();

Modified: gnunet/src/util/test_crypto_ecc.c
===================================================================
--- gnunet/src/util/test_crypto_ecc.c   2013-02-11 18:35:35 UTC (rev 26069)
+++ gnunet/src/util/test_crypto_ecc.c   2013-02-11 23:04:43 UTC (rev 26070)
@@ -216,7 +216,6 @@
     return 0;
   }
   GNUNET_log_setup ("test-crypto-ecc", "WARNING", NULL);
-  GNUNET_CRYPTO_random_disable_entropy_gathering ();
   if (GNUNET_OK != testCreateFromFile ())
     failureCount++;
   GNUNET_SCHEDULER_run (&test_async_creation, NULL);

Modified: gnunet/src/util/test_crypto_rsa.c
===================================================================
--- gnunet/src/util/test_crypto_rsa.c   2013-02-11 18:35:35 UTC (rev 26069)
+++ gnunet/src/util/test_crypto_rsa.c   2013-02-11 23:04:43 UTC (rev 26070)
@@ -325,7 +325,6 @@
   int failureCount = 0;
 
   GNUNET_log_setup ("test-crypto-rsa", "WARNING", NULL);
-  GNUNET_CRYPTO_random_disable_entropy_gathering ();
   if (GNUNET_OK != testCreateFromFile ())
     failureCount++;
   GNUNET_SCHEDULER_run (&test_async_creation, NULL);

Modified: gnunet/src/util/test_pseudonym.c
===================================================================
--- gnunet/src/util/test_pseudonym.c    2013-02-11 18:35:35 UTC (rev 26069)
+++ gnunet/src/util/test_pseudonym.c    2013-02-11 23:04:43 UTC (rev 26070)
@@ -112,7 +112,6 @@
 
   GNUNET_log_setup ("test-pseudonym", "WARNING", NULL);
   ok = GNUNET_YES;
-  GNUNET_CRYPTO_random_disable_entropy_gathering ();
   (void) GNUNET_DISK_directory_remove ("/tmp/gnunet-pseudonym-test");
   cfg = GNUNET_CONFIGURATION_create ();
   if (-1 == GNUNET_CONFIGURATION_parse (cfg, "test_pseudonym_data.conf"))




reply via email to

[Prev in Thread] Current Thread [Next in Thread]