From 6605a26a913935f692c4ce270a13b2fc11bad67d Mon Sep 17 00:00:00 2001 From: Werner Koch Date: Fri, 7 May 2004 13:52:11 +0000 Subject: * random.c (initialize): Factored out some code to .. (initialize_basics): .. new function. (_gcry_random_initialize): Just call initialize_basics unless the new arg FULL is set to TRUE. (_gcry_fast_random_poll): Don't do anything unless the random system has been really initialized. * gcrypt.h: Added GCRYCTL_FAST_POLL. (gcry_fast_random_poll): New. * global.c (gcry_control) : Do only basic random subsystem init. (gcry_control) : New. --- ChangeLog | 4 ++++ NEWS | 5 +++++ cipher/ChangeLog | 9 ++++++++ cipher/random.c | 65 +++++++++++++++++++++++++++++++++----------------------- cipher/random.h | 2 +- configure.ac | 4 +++- libgcrypt.txt | 10 ++++----- src/ChangeLog | 8 +++++++ src/gcrypt.h | 12 +++++++++-- src/global.c | 11 +++++++++- 10 files changed, 94 insertions(+), 36 deletions(-) diff --git a/ChangeLog b/ChangeLog index d93e91c5..1d03310a 100644 --- a/ChangeLog +++ b/ChangeLog @@ -1,3 +1,7 @@ +2004-04-21 Werner Koch + + * configure.ac: Don't print a warning if GNU make was not found. + 2004-05-07 Moritz Schulte * THANKS: Updated. diff --git a/NEWS b/NEWS index 18fb64b9..35f958a4 100644 --- a/NEWS +++ b/NEWS @@ -1,6 +1,11 @@ Noteworthy changes in version 1.3.0 (unreleased) ------------------------------------------------ + * Changed the way the RNG gets initialized. This allows to keep it + uninitialized as long as no random numbers are used. To override + this, the new macro gcry_fast_random_poll may be used. It is in + general a good idea to spreard this macro into the application code + to make sure that these polls happen often enough. Noteworthy changes in version 1.2.0 (2004-04-15) diff --git a/cipher/ChangeLog b/cipher/ChangeLog index 060b4974..41ed5c2a 100644 --- a/cipher/ChangeLog +++ b/cipher/ChangeLog @@ -1,3 +1,12 @@ +2004-05-07 Werner Koch + + * random.c (initialize): Factored out some code to .. + (initialize_basics): .. new function. + (_gcry_random_initialize): Just call initialize_basics unless the + new arg FULL is set to TRUE. + (_gcry_fast_random_poll): Don't do anything unless the random + system has been really initialized. + 2004-05-07 Moritz Schulte * ac.c (gcry_ac_open): Do not dereference NULL pointer. Reported diff --git a/cipher/random.c b/cipher/random.c index e0d04a47..9e2878bf 100644 --- a/cipher/random.c +++ b/cipher/random.c @@ -1,5 +1,6 @@ /* random.c - random number generator - * Copyright (C) 1998, 2000, 2001, 2002, 2003 Free Software Foundation, Inc. + * Copyright (C) 1998, 2000, 2001, 2002, 2003, + * 2004 Free Software Foundation, Inc. * * This file is part of Libgcrypt. * @@ -135,22 +136,33 @@ static void *progress_cb_data; /* Note, we assume that this function is used before any concurrent access happens. */ static void -initialize(void) +initialize_basics(void) { + static int initialized; int err; - err = ath_mutex_init (&pool_lock); - if (err) - log_fatal ("failed to create the pool lock: %s\n", strerror (err) ); + if (!initialized) + { + initialized = 1; + err = ath_mutex_init (&pool_lock); + if (err) + log_fatal ("failed to create the pool lock: %s\n", strerror (err) ); + + err = ath_mutex_init (&nonce_buffer_lock); + if (err) + log_fatal ("failed to create the nonce buffer lock: %s\n", + strerror (err) ); + } +} - err = ath_mutex_init (&nonce_buffer_lock); - if (err) - log_fatal ("failed to create the nonce buffer lock: %s\n", - strerror (err) ); - + +static void +initialize(void) +{ + initialize_basics (); /* The data buffer is allocated somewhat larger, so that we can use - this extra space (which is allocated in secure memory) as a - temporary hash buffer */ + this extra space (which is allocated in secure memory) as a + temporary hash buffer */ rndpool = secure_alloc ? gcry_xcalloc_secure(1,POOLSIZE+BLOCKLEN) : gcry_xcalloc(1,POOLSIZE+BLOCKLEN); keypool = secure_alloc ? gcry_xcalloc_secure(1,POOLSIZE+BLOCKLEN) @@ -180,14 +192,16 @@ _gcry_random_progress (const char *what, int printchar, int current, int total) } -/* Initialize this random subsystem. This function merely calls the - initialize and does not do anything more. Doing this is not really - required but when running in a threaded environment we might get a - race condition otherwise. */ +/* Initialize this random subsystem. If FULL is false, this function + merely calls the initialize and does not do anything more. Doing + this is not really required but when running in a threaded + environment we might get a race condition otherwise. */ void -_gcry_random_initialize () +_gcry_random_initialize (int full) { - if (!is_initialized) + if (!full) + initialize_basics (); + else if (!is_initialized) initialize (); } @@ -974,20 +988,19 @@ do_fast_random_poll (void) /* The fast random pool function as called at some places in libgcrypt. This is merely a wrapper to make sure that this module - is initalized and to look the pool. */ + is initalized and to look the pool. Note, that this function is a + NOP unless a random function has been used or _gcry_initialize (1) + has been used. We use this hack so that the internal use of this + function in cipher_open and md_open won't start filling up the + radnom pool, even if no random will be required by the process. */ void _gcry_fast_random_poll (void) { int err; - /* We have to make sure that the intialization is done because this - gatherer might be called before any other functions and it is not - sufficient to initialize it within do_fast_random_pool because we - want to use the mutex here. FIXME: Whe should initialize the - mutex using a global constructor independent from the - initialization of the pool. */ if (!is_initialized) - initialize (); + return; + err = ath_mutex_lock (&pool_lock); if (err) log_fatal ("failed to acquire the pool lock: %s\n", strerror (err)); diff --git a/cipher/random.h b/cipher/random.h index 5d0f8bfc..29076b98 100644 --- a/cipher/random.h +++ b/cipher/random.h @@ -22,7 +22,7 @@ #include "types.h" -void _gcry_random_initialize (void); +void _gcry_random_initialize (int full); void _gcry_register_random_progress (void (*cb)(void *,const char*,int,int,int), void *cb_data ); void _gcry_random_dump_stats(void); diff --git a/configure.ac b/configure.ac index 3fb3f829..42724c46 100644 --- a/configure.ac +++ b/configure.ac @@ -600,7 +600,9 @@ fi AM_CONDITIONAL(CROSS_COMPILING, test x$cross_compiling = xyes) -GNUPG_CHECK_GNUMAKE +# We don't check for GNU make anymore - automake should not have the +# old flaws anymore. +#GNUPG_CHECK_GNUMAKE AC_ARG_ENABLE(gcc-warnings, AC_HELP_STRING([--enable-gcc-warnings], diff --git a/libgcrypt.txt b/libgcrypt.txt index 41c051d9..7c09b7e6 100644 --- a/libgcrypt.txt +++ b/libgcrypt.txt @@ -35,9 +35,9 @@ random numbers and a lot of supporting functions. %%license-verified-on: 2001-04-23 -%%maintainer: Werner Koch +%%maintainer: Moritz Schulte -%%updated: 2002-12-23 +%%updated: 2004-04-15 %%keywords: encryption, public key, digital signature, hash, libgcrypt @@ -54,13 +54,13 @@ random numbers and a lot of supporting functions. %%doc: Programmer reference in Texinfo, Postscript, HTML included %%developers: Matthew Skala, Michael Roth, Niklas Hernaeus, Remi -Guyomarch, Simon Josefsson, Werner Koch . +Guyomarch, Simon Josefsson, Werner Koch, Moritz Schulte. %%contributors: %%sponsors: -%%source-tarball: ftp://ftp.gnupg.org/gcrypt/alpha/libgcrypt/libgcrypt-1.1.11.tar.gz +%%source-tarball: ftp://ftp.gnupg.org/gcrypt/libgcrypt/ %%source-info: @@ -88,7 +88,7 @@ Guyomarch, Simon Josefsson, Werner Koch . %%source-prerequisites: -%%version: 1.1.11 released 2002-12-21 +%%version: 1.2.0 released 2004-04-15 %%announce-list: diff --git a/src/ChangeLog b/src/ChangeLog index c8b25966..fef6cb3a 100644 --- a/src/ChangeLog +++ b/src/ChangeLog @@ -1,3 +1,11 @@ +2004-05-07 Werner Koch + + * gcrypt.h: Added GCRYCTL_FAST_POLL. + (gcry_fast_random_poll): New. + * global.c (gcry_control) : Do only basic + random subsystem init. + (gcry_control) : New. + 2004-04-22 Marcus Brinkmann * libgcrypt.m4: Quote first argument to AC_DEFUN. diff --git a/src/gcrypt.h b/src/gcrypt.h index 49ac53f9..07f0cc01 100644 --- a/src/gcrypt.h +++ b/src/gcrypt.h @@ -46,7 +46,7 @@ extern "C" { autoconf (using the AM_PATH_GCRYPT macro) check that this header matches the installed library. Note: Do not edit the next line as configure may fix the string here. */ -#define GCRYPT_VERSION "1.2.0" +#define GCRYPT_VERSION "1.3.0-cvs" /* Internal: We can't use the convenience macros for the multi precision integer functions when building this library. */ @@ -325,7 +325,8 @@ enum gcry_ctl_cmds GCRYCTL_ENABLE_QUICK_RANDOM = 44, GCRYCTL_SET_RANDOM_SEED_FILE = 45, GCRYCTL_UPDATE_RANDOM_SEED_FILE = 46, - GCRYCTL_SET_THREAD_CBS = 47 + GCRYCTL_SET_THREAD_CBS = 47, + GCRYCTL_FAST_POLL = 48 }; /* Perform various operations defined by CMD. */ @@ -1319,6 +1320,12 @@ void gcry_randomize (unsigned char *buffer, size_t length, gcry_error_t gcry_random_add_bytes (const void *buffer, size_t length, int quality); +/* If random numbers are used in an application, this macro should be + called from time to time so that new stuff gets added to the + internal pool of the RNG. */ +#define gcry_fast_random_poll() gcry_control (GCRYCTL_FAST_POLL, NULL) + + /* Return NBYTES of allocated random using a random numbers of quality LEVEL. */ void *gcry_random_bytes (size_t nbytes, enum gcry_random_level level) @@ -1342,6 +1349,7 @@ void gcry_create_nonce (unsigned char *buffer, size_t length); + /* Prime interface. */ /* Mode values passed to a gcry_prime_check_func_t. */ diff --git a/src/global.c b/src/global.c index 9e7165b2..3dd2c098 100644 --- a/src/global.c +++ b/src/global.c @@ -263,7 +263,9 @@ gcry_control (enum gcry_ctl_cmds cmd, ...) if (! init_finished) { global_init (); - _gcry_random_initialize (); + /* Do only a basic ranom initialization, i.e. inti the + mutexes. */ + _gcry_random_initialize (0); init_finished = 1; } break; @@ -272,6 +274,13 @@ gcry_control (enum gcry_ctl_cmds cmd, ...) err = ath_install (va_arg (arg_ptr, void *), any_init_done); break; + case GCRYCTL_FAST_POLL: + /* We need to do make sure that the random pool is really + initialized so that the poll fucntion is not a NOP. */ + _gcry_random_initialize (1); + _gcry_fast_random_poll (); + break; + default: err = GPG_ERR_INV_OP; } -- cgit v1.2.1