From: Tobias Brunner Date: Mon, 25 Jun 2012 12:34:14 +0000 (+0200) Subject: Wrapper functions added to generate non-zero random bytes X-Git-Tag: 5.0.1~341 X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=5668a99a12a47b13a7b1b3f875cc90e9a29b5cac;p=thirdparty%2Fstrongswan.git Wrapper functions added to generate non-zero random bytes --- diff --git a/src/libstrongswan/crypto/rngs/rng.c b/src/libstrongswan/crypto/rngs/rng.c index 67fd76910c..f8fd50d3f1 100644 --- a/src/libstrongswan/crypto/rngs/rng.c +++ b/src/libstrongswan/crypto/rngs/rng.c @@ -1,4 +1,5 @@ /* + * Copyright (C) 2012 Tobias Brunner * Copyright (C) 2008 Martin Willi * Hochschule fuer Technik Rapperswil * @@ -20,3 +21,43 @@ ENUM(rng_quality_names, RNG_WEAK, RNG_TRUE, "RNG_STRONG", "RNG_TRUE", ); + +/* + * Described in header. + */ +bool rng_get_bytes_not_zero(rng_t *rng, size_t len, u_int8_t *buffer, bool all) +{ + u_int8_t *pos = buffer, *check = buffer + (all ? len : min(1, len)); + + if (!rng->get_bytes(rng, len, pos)) + { + return FALSE; + } + + for (; pos < check; pos++) + { + while (*pos == 0) + { + if (!rng->get_bytes(rng, 1, pos)) + { + return FALSE; + } + } + } + return TRUE; +} + +/* + * Described in header. + */ +bool rng_allocate_bytes_not_zero(rng_t *rng, size_t len, chunk_t *chunk, + bool all) +{ + *chunk = chunk_alloc(len); + if (!rng_get_bytes_not_zero(rng, len, chunk->ptr, all)) + { + chunk_clear(chunk); + return FALSE; + } + return TRUE; +} diff --git a/src/libstrongswan/crypto/rngs/rng.h b/src/libstrongswan/crypto/rngs/rng.h index 48ca52dd87..c72509b545 100644 --- a/src/libstrongswan/crypto/rngs/rng.h +++ b/src/libstrongswan/crypto/rngs/rng.h @@ -75,4 +75,31 @@ struct rng_t { void (*destroy) (rng_t *this); }; +/** + * Wrapper around rng_t.get_bytes() ensuring that either all bytes or at least + * the first byte is not zero. + * + * @param rng rng_t object + * @param len number of bytes to get + * @param buffer pointer where the generated bytes will be written + * @param all TRUE if all bytes have to be non-zero + * @return TRUE if bytes successfully written + */ +bool rng_get_bytes_not_zero(rng_t *rng, size_t len, u_int8_t *buffer, bool all); + +/** + * Wrapper around rng_t.allocate_bytes() ensuring that either all bytes or at + * least the first byte is not zero. + * + * @param rng rng_t object + * @param len number of bytes to get + * @param buffer pointer where the generated bytes will be written + * @param all TRUE if all bytes have to be non-zero + * @return TRUE if bytes successfully written + */ +bool rng_allocate_bytes_not_zero(rng_t *rng, size_t len, chunk_t *chunk, + bool all); + + + #endif /** RNG_H_ @}*/