Age | Commit message (Collapse) | Author | Files | Lines |
|
* random/random-csprng.c (faked_rng): Drop variable.
(gather_faked): Drop prototype and function.
(initialize): Drop fallback code.
(_gcry_rngcsprng_is_faked): Change accordingly.
--
The fake entropy gathering function is deemed too dangerous to be
used by accident, and is therefore removed.
This reverts commit 468a5796ffb1a7776db4004d534376c1b981d740.
Signed-off-by: Justus Winter <justus@g10code.com>
|
|
* random/random-csprng.c (getfnc_gather_random): Do return NULL if no
usable entropy gathering function is found. The callsite then
installs the fake gather function.
Signed-off-by: Justus Winter <justus@g10code.com>
|
|
* cipher/cipher-ocb.c: Fix typos.
* cipher/des.c: Likewise.
* cipher/dsa-common.c: Likewise.
* cipher/ecc.c: Likewise.
* cipher/pubkey.c: Likewise.
* cipher/rsa-common.c: Likewise.
* cipher/scrypt.c: Likewise.
* random/random-csprng.c: Likewise.
* random/random-fips.c: Likewise.
* random/rndw32.c: Likewise.
* src/cipher-proto.h: Likewise.
* src/context.c: Likewise.
* src/fips.c: Likewise.
* src/gcrypt.h.in: Likewise.
* src/global.c: Likewise.
* src/sexp.c: Likewise.
* tests/mpitests.c: Likewise.
* tests/t-lock.c: Likewise.
Signed-off-by: Justus Winter <justus@g10code.com>
|
|
* random/random-csprng.c (read_pool): Reduce initial seeding.
--
See discussion starting at
https://lists.gnupg.org/pipermail/gnupg-devel/2015-April/029750.html
and also in May.
Signed-off-by: Werner Koch <wk@gnupg.org>
|
|
* random/random-csprng.c (_gcry_rngcsprng_update_seed_file)
(read_pool): Cast keypool and rndpool to 'unsigned long *' through
'void *'.
--
Patch fixes 'cast increases required alignment' warnings seen on GCC:
random-csprng.c: In function '_gcry_rngcsprng_update_seed_file':
random-csprng.c:867:15: warning: cast increases required alignment of target type [-Wcast-align]
for (i=0,dp=(unsigned long*)keypool, sp=(unsigned long*)rndpool;
^
random-csprng.c:867:43: warning: cast increases required alignment of target type [-Wcast-align]
for (i=0,dp=(unsigned long*)keypool, sp=(unsigned long*)rndpool;
^
random-csprng.c: In function 'read_pool':
random-csprng.c:1023:14: warning: cast increases required alignment of target type [-Wcast-align]
for(i=0,dp=(unsigned long*)keypool, sp=(unsigned long*)rndpool;
^
random-csprng.c:1023:42: warning: cast increases required alignment of target type [-Wcast-align]
for(i=0,dp=(unsigned long*)keypool, sp=(unsigned long*)rndpool;
^
Signed-off-by: Jussi Kivilinna <jussi.kivilinna@iki.fi>
|
|
* configure.ac (NEED_GPG_ERROR_VERSION): Require 1.13.
(gl_LOCK): Remove.
* src/ath.c, src/ath.h: Remove. Remove from all files. Replace all
mutexes by gpgrt based statically initialized locks.
* src/global.c (global_init): Remove ath_init.
(_gcry_vcontrol): Make ath install a dummy function.
(print_config): Remove threads info line.
* doc/gcrypt.texi: Simplify the multi-thread related documentation.
--
The current code does only work on ELF systems with weak symbol
support. In particular no locks were used under Windows. With the
new gpgrt_lock functions from the soon to be released libgpg-error
1.13 we have a better portable scheme which also allows for static
initialized mutexes.
Signed-off-by: Werner Koch <wk@gnupg.org>
|
|
* src/visibility.h: Remove remaining define/undef hacks for symbol
visibility. Add macros to detect the use of the public functions.
Change all affected functions by replacing them by the x-macros.
* src/g10lib.h: Add internal prototypes.
(xtrymalloc, xtrycalloc, xtrymalloc_secure, xtrycalloc_secure)
(xtryrealloc, xtrystrdup, xmalloc, xcalloc, xmalloc_secure)
(xcalloc_secure, xrealloc, xstrdup, xfree): New macros.
--
The use of xmalloc/xtrymalloc/xfree is a more common pattern than the
gcry_free etc. functions. Those functions behave like those defined
by C and thus for better readability we use these macros and not
the underscore prefixed functions.
Signed-off-by: Werner Koch <wk@gnupg.org>
|
|
* src/gcrypt.h.in (GCRYCTL_CLOSE_RANDOM_DEVICE): New.
* src/global.c (_gcry_vcontrol): Call _gcry_random_close_fds.
* random/random.c (_gcry_random_close_fds): New.
* random/random-csprng.c (_gcry_rngcsprng_close_fds): New.
* random/random-fips.c (_gcry_rngfips_close_fds): New.
* random/random-system.c (_gcry_rngsystem_close_fds): New.
* random/rndlinux.c (open_device): Add arg retry.
(_gcry_rndlinux_gather_random): Add mode to close open fds.
* tests/random.c (check_close_random_device): New.
(main): Call new test.
Signed-off-by: Werner Koch <wk@gnupg.org>
|
|
* random/random-csprng.c (_gcry_rngcsprng_create_nonce): Remove.
(nonce_buffer_lock): Remove.
(initialize_basics): Remove init of nonce_buffer_lock.
* random/random.c: Add a few header files.
(nonce_buffer_lock): New.
(_gcry_random_initialize): Init nonce_buffer_lock.
(gcry_create_nonce): Add code from _gcry_rngcsprng_create_nonce.
* random/random-daemon.c (_gcry_daemon_create_nonce): Remove.
--
The nonce generation code is useful for all RNG types and thus it
should be in random.c. The only exception is the fips-mode, which
requires the use of the fips nonce generator.
|
|
This is only a first step. We will need to either implement
pthread_atfork or - better - make use use POSIX RT semaphores.
|
|
Check and install the standard git pre-commit hook.
|
|
|
|
|
|
|
|
|
|
Documentation cleanups.
|
|
FIPS cleanups.
Documentation upodates.
|
|
|
|
FIPS restricted mode. Also some documentation
improvements and other minor enhancements.
See the ChangeLogs. Stay tuned.
|