aboutsummaryrefslogtreecommitdiff
path: root/src
diff options
context:
space:
mode:
authorAris Adamantiadis <aris@0xbadc0de.be>2015-12-31 10:56:24 +0100
committerAndreas Schneider <asn@cryptomilk.org>2018-07-05 12:09:52 +0200
commit36a727e656a7fcd91722cf2d050fc87d55410b5b (patch)
tree8e9deb057036fc34323b16ab668393d591f6ded6 /src
parent7b9a07c36320480d14de06962c7c0f09682b6df5 (diff)
downloadlibssh-36a727e656a7fcd91722cf2d050fc87d55410b5b.tar.gz
libssh-36a727e656a7fcd91722cf2d050fc87d55410b5b.tar.xz
libssh-36a727e656a7fcd91722cf2d050fc87d55410b5b.zip
bignum: Harmonize ssh_get_random()
Signed-off-by: Aris Adamantiadis <aris@0xbadc0de.be> Reviewed-by: Andreas Schneider <asn@cryptomilk.org>
Diffstat (limited to 'src')
-rw-r--r--src/dh.c43
-rw-r--r--src/libcrypto.c8
-rw-r--r--src/libgcrypt.c13
-rw-r--r--src/libmbedcrypto.c5
4 files changed, 25 insertions, 44 deletions
diff --git a/src/dh.c b/src/dh.c
index f4601868..2be0252d 100644
--- a/src/dh.c
+++ b/src/dh.c
@@ -122,37 +122,6 @@ static bignum select_p(enum ssh_key_exchange_e type) {
return type == SSH_KEX_DH_GROUP14_SHA1 ? p_group14 : p_group1;
}
-int ssh_get_random(void *where, int len, int strong){
-
-#ifdef HAVE_LIBGCRYPT
- /* variable not used in gcrypt */
- (void) strong;
- /* not using GCRY_VERY_STRONG_RANDOM which is a bit overkill */
- gcry_randomize(where,len,GCRY_STRONG_RANDOM);
-
- return 1;
-#elif defined HAVE_LIBCRYPTO
-# if OPENSSL_VERSION_NUMBER > 0x10100000L
- /* variable not used in new libcrypto */
- (void) strong;
-
- return RAND_bytes(where, len);
-# else /* OPENSSL_VERSION_NUMBER */
- if (strong) {
- return RAND_bytes(where,len);
- } else {
- return RAND_pseudo_bytes(where,len);
- }
-# endif /* OPENSSL_VERSION_NUMBER */
-#elif defined HAVE_LIBMBEDCRYPTO
- return ssh_mbedtls_random(where, len, strong);
-#endif
-
- /* never reached */
- return 1;
-}
-
-
/*
* This inits the values g and p which are used for DH key agreement
* FIXME: Make the function thread safe by adding a semaphore or mutex.
@@ -260,13 +229,7 @@ int ssh_dh_generate_x(ssh_session session) {
return -1;
}
-#ifdef HAVE_LIBGCRYPT
bignum_rand(session->next_crypto->x, keysize);
-#elif defined HAVE_LIBCRYPTO
- bignum_rand(session->next_crypto->x, keysize, -1, 0);
-#elif defined HAVE_LIBMBEDCRYPTO
- bignum_rand(session->next_crypto->x, keysize, -1, 0);
-#endif
/* not harder than this */
#ifdef DEBUG_CRYPTO
@@ -289,13 +252,7 @@ int ssh_dh_generate_y(ssh_session session) {
return -1;
}
-#ifdef HAVE_LIBGCRYPT
bignum_rand(session->next_crypto->y, keysize);
-#elif defined HAVE_LIBCRYPTO
- bignum_rand(session->next_crypto->y, keysize, -1, 0);
-#elif defined HAVE_LIBMBEDCRYPTO
- bignum_rand(session->next_crypto->y, keysize, -1, 0);
-#endif
/* not harder than this */
#ifdef DEBUG_CRYPTO
diff --git a/src/libcrypto.c b/src/libcrypto.c
index 2c918916..bde706b8 100644
--- a/src/libcrypto.c
+++ b/src/libcrypto.c
@@ -78,6 +78,14 @@ void ssh_reseed(void){
#endif
}
+int ssh_get_random(void *where, int len, int strong)
+{
+ (void)strong;
+
+ /* Returns -1 when not supported, 0 on error, 1 on success */
+ return !!RAND_bytes(where, len);
+}
+
SHACTX sha1_init(void)
{
int rc;
diff --git a/src/libgcrypt.c b/src/libgcrypt.c
index 4b84cd40..0eed44bb 100644
--- a/src/libgcrypt.c
+++ b/src/libgcrypt.c
@@ -50,7 +50,18 @@ static int alloc_key(struct ssh_cipher_struct *cipher) {
}
void ssh_reseed(void){
- }
+}
+
+int ssh_get_random(void *where, int len, int strong)
+{
+ /* variable not used in gcrypt */
+ (void) strong;
+
+ /* not using GCRY_VERY_STRONG_RANDOM which is a bit overkill */
+ gcry_randomize(where,len,GCRY_STRONG_RANDOM);
+
+ return 1;
+}
SHACTX sha1_init(void) {
SHACTX ctx = NULL;
diff --git a/src/libmbedcrypto.c b/src/libmbedcrypto.c
index aa183f18..03281f47 100644
--- a/src/libmbedcrypto.c
+++ b/src/libmbedcrypto.c
@@ -40,6 +40,11 @@ void ssh_reseed(void)
mbedtls_ctr_drbg_reseed(&ssh_mbedtls_ctr_drbg, NULL, 0);
}
+int ssh_get_random(void *where, int len, int strong)
+{
+ return ssh_mbedtls_random(where, len, strong);
+}
+
SHACTX sha1_init(void)
{
SHACTX ctx = NULL;