diff options
author | Aris Adamantiadis <aris@0xbadc0de.be> | 2015-12-31 10:56:24 +0100 |
---|---|---|
committer | Aris Adamantiadis <aris@0xbadc0de.be> | 2016-09-09 14:27:48 +0200 |
commit | 1add3fbdb9780868474654acd09fdaa6b272914c (patch) | |
tree | 097b1a51c030203480cc95cc2067cfd39809f361 | |
parent | f003d0a556df9bcbd980ebc05434ff4b47d75828 (diff) | |
download | libssh-1add3fbdb9780868474654acd09fdaa6b272914c.tar.gz libssh-1add3fbdb9780868474654acd09fdaa6b272914c.tar.xz libssh-1add3fbdb9780868474654acd09fdaa6b272914c.zip |
bignum: harmonize ssh_get_random
-rw-r--r-- | include/libssh/libcrypto.h | 2 | ||||
-rw-r--r-- | src/dh.c | 30 | ||||
-rw-r--r-- | src/libcrypto.c | 10 | ||||
-rw-r--r-- | src/libgcrypt.c | 10 |
4 files changed, 20 insertions, 32 deletions
diff --git a/include/libssh/libcrypto.h b/include/libssh/libcrypto.h index 6a08837a..883f5530 100644 --- a/include/libssh/libcrypto.h +++ b/include/libssh/libcrypto.h @@ -73,7 +73,7 @@ typedef BN_CTX* bignum_CTX; #define bignum_bn2dec(num) BN_bn2dec(num) #define bignum_dec2bn(bn,data) BN_dec2bn(data,bn) #define bignum_bn2hex(num) BN_bn2hex(num) -#define bignum_rand(rnd, bits, top, bottom) BN_rand(rnd,bits,top,bottom) +#define bignum_rand(rnd, bits) BN_rand(rnd,bits,0,1) #define bignum_ctx_new() BN_CTX_new() #define bignum_ctx_free(num) BN_CTX_free(num) #define bignum_mod_exp(dest,generator,exp,modulo,ctx) BN_mod_exp(dest,generator,exp,modulo,ctx) @@ -121,28 +121,6 @@ static bignum select_p(enum ssh_key_exchange_e type) { return type == SSH_KEX_DH_GROUP14_SHA1 ? p_group14 : p_group1; } -int ssh_get_random(void *where, int len, int strong){ - -#ifdef HAVE_LIBGCRYPT - /* variable not used in gcrypt */ - (void) strong; - /* not using GCRY_VERY_STRONG_RANDOM which is a bit overkill */ - gcry_randomize(where,len,GCRY_STRONG_RANDOM); - - return 1; -#elif defined HAVE_LIBCRYPTO - if (strong) { - return RAND_bytes(where,len); - } else { - return RAND_pseudo_bytes(where,len); - } -#endif - - /* never reached */ - return 1; -} - - /* * This inits the values g and p which are used for DH key agreement * FIXME: Make the function thread safe by adding a semaphore or mutex. @@ -238,11 +216,7 @@ int ssh_dh_generate_x(ssh_session session) { return -1; } -#ifdef HAVE_LIBGCRYPT bignum_rand(session->next_crypto->x, keysize); -#elif defined HAVE_LIBCRYPTO - bignum_rand(session->next_crypto->x, keysize, -1, 0); -#endif /* not harder than this */ #ifdef DEBUG_CRYPTO @@ -265,11 +239,7 @@ int ssh_dh_generate_y(ssh_session session) { return -1; } -#ifdef HAVE_LIBGCRYPT bignum_rand(session->next_crypto->y, keysize); -#elif defined HAVE_LIBCRYPTO - bignum_rand(session->next_crypto->y, keysize, -1, 0); -#endif /* not harder than this */ #ifdef DEBUG_CRYPTO diff --git a/src/libcrypto.c b/src/libcrypto.c index ac950109..203f3a70 100644 --- a/src/libcrypto.c +++ b/src/libcrypto.c @@ -77,6 +77,16 @@ void ssh_reseed(void){ #endif } +int ssh_get_random(void *where, int len, int strong){ + if (strong) { + return RAND_bytes(where,len); + } else { + return RAND_pseudo_bytes(where,len); + } + /* never reached */ + return 1; +} + SHACTX sha1_init(void) { int rc; diff --git a/src/libgcrypt.c b/src/libgcrypt.c index 60f6536c..69f2ddc0 100644 --- a/src/libgcrypt.c +++ b/src/libgcrypt.c @@ -48,7 +48,15 @@ static int alloc_key(struct ssh_cipher_struct *cipher) { } void ssh_reseed(void){ - } +} + +int ssh_get_random(void *where, int len, int strong){ + /* variable not used in gcrypt */ + (void) strong; + /* not using GCRY_VERY_STRONG_RANDOM which is a bit overkill */ + gcry_randomize(where,len,GCRY_STRONG_RANDOM); + return 1; +} SHACTX sha1_init(void) { SHACTX ctx = NULL; |