[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[GNUnet-SVN] r26070 - in gnunet/src: core include util
From: |
gnunet |
Subject: |
[GNUnet-SVN] r26070 - in gnunet/src: core include util |
Date: |
Tue, 12 Feb 2013 00:04:43 +0100 |
Author: grothoff
Date: 2013-02-12 00:04:43 +0100 (Tue, 12 Feb 2013)
New Revision: 26070
Modified:
gnunet/src/core/gnunet-service-core.c
gnunet/src/include/gnunet_crypto_lib.h
gnunet/src/util/configuration.c
gnunet/src/util/crypto_ecc.c
gnunet/src/util/crypto_random.c
gnunet/src/util/crypto_rsa.c
gnunet/src/util/gnunet-ecc.c
gnunet/src/util/gnunet-rsa.c
gnunet/src/util/test_crypto_aes.c
gnunet/src/util/test_crypto_aes_weak.c
gnunet/src/util/test_crypto_ecc.c
gnunet/src/util/test_crypto_rsa.c
gnunet/src/util/test_pseudonym.c
Log:
-trying to address #2791
Modified: gnunet/src/core/gnunet-service-core.c
===================================================================
--- gnunet/src/core/gnunet-service-core.c 2013-02-11 18:35:35 UTC (rev
26069)
+++ gnunet/src/core/gnunet-service-core.c 2013-02-11 23:04:43 UTC (rev
26070)
@@ -24,6 +24,7 @@
* @author Christian Grothoff
*/
#include "platform.h"
+#include <gcrypt.h>
#include "gnunet_util_lib.h"
#include "gnunet-service-core.h"
#include "gnunet-service-core_clients.h"
Modified: gnunet/src/include/gnunet_crypto_lib.h
===================================================================
--- gnunet/src/include/gnunet_crypto_lib.h 2013-02-11 18:35:35 UTC (rev
26069)
+++ gnunet/src/include/gnunet_crypto_lib.h 2013-02-11 23:04:43 UTC (rev
26070)
@@ -1342,26 +1342,6 @@
*publicKey);
-/**
- * This function should only be called in testcases
- * where strong entropy gathering is not desired
- * (for example, for hostkey generation).
- */
-void
-GNUNET_CRYPTO_random_disable_entropy_gathering (void);
-
-
-/**
- * Check if we are using weak random number generation.
- *
- * @return GNUNET_YES if weak number generation is on
- * (thus will return YES if
'GNUNET_CRYPTO_random_disable_entropy_gathering'
- * was called previously).
- */
-int
-GNUNET_CRYPTO_random_is_weak (void);
-
-
#if 0 /* keep Emacsens' auto-indent happy */
{
#endif
Modified: gnunet/src/util/configuration.c
===================================================================
--- gnunet/src/util/configuration.c 2013-02-11 18:35:35 UTC (rev 26069)
+++ gnunet/src/util/configuration.c 2013-02-11 23:04:43 UTC (rev 26070)
@@ -1499,11 +1499,6 @@
(filename != NULL))
GNUNET_CONFIGURATION_set_value_string (cfg, "PATHS", "DEFAULTCONFIG",
filename);
- if ((GNUNET_YES ==
- GNUNET_CONFIGURATION_have_value (cfg, "TESTING", "WEAKRANDOM")) &&
- (GNUNET_YES ==
- GNUNET_CONFIGURATION_get_value_yesno (cfg, "TESTING", "WEAKRANDOM")))
- GNUNET_CRYPTO_random_disable_entropy_gathering ();
return GNUNET_OK;
}
Modified: gnunet/src/util/crypto_ecc.c
===================================================================
--- gnunet/src/util/crypto_ecc.c 2013-02-11 18:35:35 UTC (rev 26069)
+++ gnunet/src/util/crypto_ecc.c 2013-02-11 23:04:43 UTC (rev 26070)
@@ -831,7 +831,6 @@
{
struct GNUNET_CRYPTO_EccKeyGenerationContext *gc;
struct GNUNET_CRYPTO_EccPrivateKey *pk;
- const char *weak_random;
if (NULL != (pk = try_read_key (filename)))
{
@@ -859,10 +858,6 @@
GNUNET_free (gc);
return NULL;
}
- weak_random = NULL;
- if (GNUNET_YES ==
- GNUNET_CRYPTO_random_is_weak ())
- weak_random = "-w";
gc->gnunet_ecc = GNUNET_OS_start_process (GNUNET_NO,
GNUNET_OS_INHERIT_STD_ERR,
NULL,
@@ -870,7 +865,6 @@
"gnunet-ecc",
"gnunet-ecc",
gc->filename,
- weak_random,
NULL);
if (NULL == gc->gnunet_ecc)
{
Modified: gnunet/src/util/crypto_random.c
===================================================================
--- gnunet/src/util/crypto_random.c 2013-02-11 18:35:35 UTC (rev 26069)
+++ gnunet/src/util/crypto_random.c 2013-02-11 23:04:43 UTC (rev 26070)
@@ -35,13 +35,6 @@
#define LOG_STRERROR(kind,syscall) GNUNET_log_from_strerror (kind, "util",
syscall)
-/**
- * GNUNET_YES if we are using a 'weak' (low-entropy) PRNG.
- */
-static int weak_random;
-
-
-
/* TODO: ndurner, move this to plibc? */
/* The code is derived from glibc, obviously */
#if MINGW
@@ -237,31 +230,6 @@
/**
- * Check if we are using weak random number generation.
- *
- * @return GNUNET_YES if weak number generation is on
- */
-int
-GNUNET_CRYPTO_random_is_weak ()
-{
- return weak_random;
-}
-
-
-/**
- * This function should only be called in testcases
- * where strong entropy gathering is not desired
- * (for example, for hostkey generation).
- */
-void
-GNUNET_CRYPTO_random_disable_entropy_gathering ()
-{
- weak_random = GNUNET_YES;
- gcry_control (GCRYCTL_ENABLE_QUICK_RANDOM, 0);
-}
-
-
-/**
* Process ID of the "find" process that we use for
* entropy gathering.
*/
@@ -332,10 +300,12 @@
}
-void __attribute__ ((constructor)) GNUNET_CRYPTO_random_init ()
+void __attribute__ ((constructor))
+GNUNET_CRYPTO_random_init ()
{
- gcry_control (GCRYCTL_DISABLE_SECMEM, 0);
- if (!gcry_check_version (NEED_LIBGCRYPT_VERSION))
+ gcry_error_t rc;
+
+ if (! gcry_check_version (NEED_LIBGCRYPT_VERSION))
{
FPRINTF (stderr,
_
@@ -343,6 +313,15 @@
NEED_LIBGCRYPT_VERSION);
GNUNET_abort ();
}
+ if ((rc = gcry_control (GCRYCTL_DISABLE_SECMEM, 0)))
+ FPRINTF (stderr, "Failed to set libgcrypt option %s: %s\n",
"DISABLE_SECMEM",
+ gcry_strerror (rc));
+ /* we only generate ephemeral keys in-process; for those,
+ we are fine with "just" using GCRY_STRONG_RANDOM */
+ if ((rc = gcry_control (GCRYCTL_ENABLE_QUICK_RANDOM, 0)))
+ FPRINTF (stderr, "Failed to set libgcrypt option %s: %s\n",
"ENABLE_QUICK_RANDOM",
+ gcry_strerror (rc));
+
#ifdef GCRYCTL_INITIALIZATION_FINISHED
gcry_control (GCRYCTL_INITIALIZATION_FINISHED, 0);
#endif
@@ -357,7 +336,8 @@
}
-void __attribute__ ((destructor)) GNUNET_CRYPTO_random_fini ()
+void __attribute__ ((destructor))
+GNUNET_CRYPTO_random_fini ()
{
gcry_set_progress_handler (NULL, NULL);
}
Modified: gnunet/src/util/crypto_rsa.c
===================================================================
--- gnunet/src/util/crypto_rsa.c 2013-02-11 18:35:35 UTC (rev 26069)
+++ gnunet/src/util/crypto_rsa.c 2013-02-11 23:04:43 UTC (rev 26070)
@@ -998,7 +998,6 @@
{
struct GNUNET_CRYPTO_RsaKeyGenerationContext *gc;
struct GNUNET_CRYPTO_RsaPrivateKey *pk;
- const char *weak_random;
if (NULL != (pk = try_read_key (filename)))
{
@@ -1026,10 +1025,6 @@
GNUNET_free (gc);
return NULL;
}
- weak_random = NULL;
- if (GNUNET_YES ==
- GNUNET_CRYPTO_random_is_weak ())
- weak_random = "-w";
gc->gnunet_rsa = GNUNET_OS_start_process (GNUNET_NO,
GNUNET_OS_INHERIT_STD_ERR,
NULL,
@@ -1037,7 +1032,6 @@
"gnunet-rsa",
"gnunet-rsa",
gc->filename,
- weak_random,
NULL);
if (NULL == gc->gnunet_rsa)
{
Modified: gnunet/src/util/gnunet-ecc.c
===================================================================
--- gnunet/src/util/gnunet-ecc.c 2013-02-11 18:35:35 UTC (rev 26069)
+++ gnunet/src/util/gnunet-ecc.c 2013-02-11 23:04:43 UTC (rev 26070)
@@ -45,11 +45,6 @@
static int print_short_identity;
/**
- * Use weak random number generator for key generation.
- */
-static int weak_random;
-
-/**
* Option set to create a bunch of keys at once.
*/
static unsigned int make_keys;
@@ -143,8 +138,6 @@
fprintf (stderr, _("No hostkey file specified on command line\n"));
return;
}
- if (0 != weak_random)
- GNUNET_CRYPTO_random_disable_entropy_gathering ();
if (make_keys > 0)
{
create_keys (args[0]);
@@ -208,9 +201,6 @@
{ 's', "print-short-identity", NULL,
gettext_noop ("print the short hash of the public key in ASCII format"),
0, &GNUNET_GETOPT_set_one, &print_short_identity },
- { 'w', "weak-random", NULL,
- gettext_noop ("use insecure, weak random number generator for key
generation (for testing only)"),
- 0, &GNUNET_GETOPT_set_one, &weak_random },
GNUNET_GETOPT_OPTION_END
};
int ret;
Modified: gnunet/src/util/gnunet-rsa.c
===================================================================
--- gnunet/src/util/gnunet-rsa.c 2013-02-11 18:35:35 UTC (rev 26069)
+++ gnunet/src/util/gnunet-rsa.c 2013-02-11 23:04:43 UTC (rev 26070)
@@ -43,12 +43,7 @@
*/
static int print_short_identity;
-/**
- * Use weak random number generator for key generation.
- */
-static int weak_random;
-
/**
* Main function that will be run by the scheduler.
*
@@ -70,8 +65,6 @@
fprintf (stderr, _("No hostkey file specified on command line\n"));
return;
}
- if (0 != weak_random)
- GNUNET_CRYPTO_random_disable_entropy_gathering ();
pk = GNUNET_CRYPTO_rsa_key_create_from_file (args[0]);
if (NULL == pk)
return;
@@ -127,9 +120,6 @@
{ 's', "print-short-identity", NULL,
gettext_noop ("print the short hash of the public key in ASCII format"),
0, &GNUNET_GETOPT_set_one, &print_short_identity },
- { 'w', "weak-random", NULL,
- gettext_noop ("use insecure, weak random number generator for key
generation (for testing only)"),
- 0, &GNUNET_GETOPT_set_one, &weak_random },
GNUNET_GETOPT_OPTION_END
};
int ret;
Modified: gnunet/src/util/test_crypto_aes.c
===================================================================
--- gnunet/src/util/test_crypto_aes.c 2013-02-11 18:35:35 UTC (rev 26069)
+++ gnunet/src/util/test_crypto_aes.c 2013-02-11 23:04:43 UTC (rev 26070)
@@ -147,7 +147,6 @@
int failureCount = 0;
GNUNET_log_setup ("test-crypto-aes", "WARNING", NULL);
- GNUNET_CRYPTO_random_disable_entropy_gathering ();
GNUNET_assert (strlen (INITVALUE) >
sizeof (struct GNUNET_CRYPTO_AesInitializationVector));
failureCount += testSymcipher ();
Modified: gnunet/src/util/test_crypto_aes_weak.c
===================================================================
--- gnunet/src/util/test_crypto_aes_weak.c 2013-02-11 18:35:35 UTC (rev
26069)
+++ gnunet/src/util/test_crypto_aes_weak.c 2013-02-11 23:04:43 UTC (rev
26070)
@@ -175,7 +175,6 @@
int weak_keys;
GNUNET_log_setup ("test-crypto-aes-weak", "WARNING", NULL);
- GNUNET_CRYPTO_random_disable_entropy_gathering ();
if (GENERATE_WEAK_KEYS)
{
weak_keys = getWeakKeys ();
Modified: gnunet/src/util/test_crypto_ecc.c
===================================================================
--- gnunet/src/util/test_crypto_ecc.c 2013-02-11 18:35:35 UTC (rev 26069)
+++ gnunet/src/util/test_crypto_ecc.c 2013-02-11 23:04:43 UTC (rev 26070)
@@ -216,7 +216,6 @@
return 0;
}
GNUNET_log_setup ("test-crypto-ecc", "WARNING", NULL);
- GNUNET_CRYPTO_random_disable_entropy_gathering ();
if (GNUNET_OK != testCreateFromFile ())
failureCount++;
GNUNET_SCHEDULER_run (&test_async_creation, NULL);
Modified: gnunet/src/util/test_crypto_rsa.c
===================================================================
--- gnunet/src/util/test_crypto_rsa.c 2013-02-11 18:35:35 UTC (rev 26069)
+++ gnunet/src/util/test_crypto_rsa.c 2013-02-11 23:04:43 UTC (rev 26070)
@@ -325,7 +325,6 @@
int failureCount = 0;
GNUNET_log_setup ("test-crypto-rsa", "WARNING", NULL);
- GNUNET_CRYPTO_random_disable_entropy_gathering ();
if (GNUNET_OK != testCreateFromFile ())
failureCount++;
GNUNET_SCHEDULER_run (&test_async_creation, NULL);
Modified: gnunet/src/util/test_pseudonym.c
===================================================================
--- gnunet/src/util/test_pseudonym.c 2013-02-11 18:35:35 UTC (rev 26069)
+++ gnunet/src/util/test_pseudonym.c 2013-02-11 23:04:43 UTC (rev 26070)
@@ -112,7 +112,6 @@
GNUNET_log_setup ("test-pseudonym", "WARNING", NULL);
ok = GNUNET_YES;
- GNUNET_CRYPTO_random_disable_entropy_gathering ();
(void) GNUNET_DISK_directory_remove ("/tmp/gnunet-pseudonym-test");
cfg = GNUNET_CONFIGURATION_create ();
if (-1 == GNUNET_CONFIGURATION_parse (cfg, "test_pseudonym_data.conf"))
[Prev in Thread] |
Current Thread |
[Next in Thread] |
- [GNUnet-SVN] r26070 - in gnunet/src: core include util,
gnunet <=