])
AM_CONDITIONAL([USE_ISC_RWLOCK], [test "$enable_pthread_rwlock" != "yes"])
-CRYPTO=OpenSSL
+AC_CHECK_FUNCS_ONCE([arc4random])
#
# OpenSSL/LibreSSL is mandatory
include/isc/dir.h \
include/isc/dnsstream.h \
include/isc/endian.h \
- include/isc/entropy.h \
include/isc/errno.h \
include/isc/error.h \
include/isc/file.h \
counter.c \
crc64.c \
dir.c \
- entropy.c \
errno.c \
errno2result.c \
errno2result.h \
net.c \
netaddr.c \
netscope.c \
- nonce.c \
openssl_shim.c \
openssl_shim.h \
os.c \
+++ /dev/null
-/*
- * Copyright (C) Internet Systems Consortium, Inc. ("ISC")
- *
- * SPDX-License-Identifier: MPL-2.0
- *
- * This Source Code Form is subject to the terms of the Mozilla Public
- * License, v. 2.0. If a copy of the MPL was not distributed with this
- * file, you can obtain one at https://mozilla.org/MPL/2.0/.
- *
- * See the COPYRIGHT file distributed with this work for additional
- * information regarding copyright ownership.
- */
-
-#include <isc/entropy.h>
-#include <isc/types.h>
-#include <isc/util.h>
-#include <isc/uv.h>
-
-void
-isc_entropy_get(void *buf, size_t buflen) {
- int r = uv_random(NULL, NULL, buf, buflen, 0, NULL);
-
- UV_RUNTIME_CHECK(uv_random, r);
-}
#include <stddef.h>
#include <isc/ascii.h>
-#include <isc/entropy.h>
#include <isc/hash.h> /* IWYU pragma: keep */
#include <isc/random.h>
#include <isc/result.h>
*/
uint8_t key[16] = { 1 };
#if !FUZZING_BUILD_MODE_UNSAFE_FOR_PRODUCTION
- isc_entropy_get(key, sizeof(key));
+ isc_random_buf(key, sizeof(key));
#endif /* if FUZZING_BUILD_MODE_UNSAFE_FOR_PRODUCTION */
STATIC_ASSERT(sizeof(key) >= sizeof(isc_hash_key),
"sizeof(key) < sizeof(isc_hash_key)");
#include <isc/ascii.h>
#include <isc/atomic.h>
-#include <isc/entropy.h>
#include <isc/hash.h>
#include <isc/hashmap.h>
#include <isc/magic.h>
+++ /dev/null
-/*
- * Copyright (C) Internet Systems Consortium, Inc. ("ISC")
- *
- * SPDX-License-Identifier: MPL-2.0
- *
- * This Source Code Form is subject to the terms of the Mozilla Public
- * License, v. 2.0. If a copy of the MPL was not distributed with this
- * file, you can obtain one at https://mozilla.org/MPL/2.0/.
- *
- * See the COPYRIGHT file distributed with this work for additional
- * information regarding copyright ownership.
- */
-
-#pragma once
-
-#include <stdlib.h>
-
-#include <isc/lang.h>
-
-/*! \file isc/entropy.h
- * \brief Implements wrapper around CSPRNG cryptographic library calls
- * for getting cryptographically secure pseudo-random numbers.
- *
- * Uses synchronous version of uv_random().
- */
-
-ISC_LANG_BEGINDECLS
-
-void
-isc_entropy_get(void *buf, size_t buflen);
-/*!<
- * \brief Get cryptographically-secure pseudo-random data.
- */
-
-ISC_LANG_ENDDECLS
#include <stdlib.h>
#include <isc/lang.h>
+#include <isc/random.h>
/*! \file isc/nonce.h
* \brief Provides a function for generating an arbitrarily long nonce.
ISC_LANG_BEGINDECLS
-void
-isc_nonce_buf(void *buf, size_t buflen);
+static inline void
+isc_nonce_buf(void *buf, size_t buflen) {
+ isc_random_buf(buf, buflen);
+}
/*!<
* Fill 'buf', up to 'buflen' bytes, with random data from the
* crypto provider's random function.
ISC_LANG_BEGINDECLS
-uint8_t
-isc_random8(void);
-/*!<
- * \brief Returns a single 8-bit random value.
- */
-
-uint16_t
-isc_random16(void);
-/*!<
- * \brief Returns a single 16-bit random value.
- */
-
+#if HAVE_ARC4RANDOM && !defined(__linux__)
+#define isc_random32() arc4random()
+#define isc_random_buf(buf, buflen) arc4random_buf(buf, buflen)
+#define isc_random_uniform(upper_bound) arc4random_uniform(upper_bound)
+#else /* HAVE_ARC4RANDOM && !defined(__linux__) */
uint32_t
isc_random32(void);
/*!<
* when upper_bound is UINT32_MAX/2.
*/
+#endif /* HAVE_ARC4RANDOM && !defined(__linux__) */
+
+static inline uint8_t
+isc_random8(void) {
+ return (uint8_t)isc_random32();
+}
+/*!<
+ * \brief Returns a single 8-bit random value.
+ */
+
+static inline uint16_t
+isc_random16(void) {
+ return (uint16_t)isc_random32();
+}
+/*!<
+ * \brief Returns a single 16-bit random value.
+ */
ISC_LANG_ENDDECLS
+++ /dev/null
-/*
- * Copyright (C) Internet Systems Consortium, Inc. ("ISC")
- *
- * SPDX-License-Identifier: MPL-2.0
- *
- * This Source Code Form is subject to the terms of the Mozilla Public
- * License, v. 2.0. If a copy of the MPL was not distributed with this
- * file, you can obtain one at https://mozilla.org/MPL/2.0/.
- *
- * See the COPYRIGHT file distributed with this work for additional
- * information regarding copyright ownership.
- */
-
-#include <isc/entropy.h>
-#include <isc/nonce.h>
-
-void
-isc_nonce_buf(void *buf, size_t buflen) {
- isc_entropy_get(buf, buflen);
-}
* OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
*/
+#if !HAVE_ARC4RANDOM || defined(__linux__)
+
#include <inttypes.h>
#include <stdio.h>
-#include <isc/entropy.h>
#include <isc/os.h>
#include <isc/random.h>
#include <isc/thread.h>
#include <isc/util.h>
+#include <isc/uv.h>
#define ISC_RANDOM_BUFSIZE (ISC_OS_CACHELINE_SIZE / sizeof(uint32_t))
thread_local static uint32_t isc__random_pool[ISC_RANDOM_BUFSIZE];
thread_local static size_t isc__random_pos = ISC_RANDOM_BUFSIZE;
-static uint32_t
-random_u32(void) {
+uint32_t
+isc_random32(void) {
#if FUZZING_BUILD_MODE_UNSAFE_FOR_PRODUCTION
/*
* A fixed stream of numbers helps with problem reproduction when
#endif /* if FUZZING_BUILD_MODE_UNSAFE_FOR_PRODUCTION */
if (isc__random_pos == ISC_RANDOM_BUFSIZE) {
- isc_entropy_get(isc__random_pool, sizeof(isc__random_pool));
+ isc_random_buf(isc__random_pool, sizeof(isc__random_pool));
isc__random_pos = 0;
}
return isc__random_pool[isc__random_pos++];
}
-uint8_t
-isc_random8(void) {
- return (uint8_t)random_u32();
-}
-
-uint16_t
-isc_random16(void) {
- return (uint16_t)random_u32();
-}
-
-uint32_t
-isc_random32(void) {
- return random_u32();
-}
-
void
isc_random_buf(void *buf, size_t buflen) {
REQUIRE(buflen == 0 || buf != NULL);
return;
}
- isc_entropy_get(buf, buflen);
+ int r = uv_random(NULL, NULL, buf, buflen, 0, NULL);
+ UV_RUNTIME_CHECK(uv_random, r);
}
uint32_t
* integer part (upper 32 bits), and we will use the fraction part
* (lower 32 bits) to determine whether or not we need to resample.
*/
- uint64_t num = (uint64_t)random_u32() * (uint64_t)limit;
+ uint64_t num = (uint64_t)isc_random32() * (uint64_t)limit;
/*
* In the fast path, we avoid doing a division in most cases by
* comparing the fraction part of `num` with the limit, which is
* our valid range, it is superfluous, and we resample.
*/
while ((uint32_t)(num) < residue) {
- num = (uint64_t)random_u32() * (uint64_t)limit;
+ num = (uint64_t)isc_random32() * (uint64_t)limit;
}
}
/*
*/
return (uint32_t)(num >> 32);
}
+
+#endif /* HAVE_ARC4RANDOM && !defined(__linux__) */
projects / thirdparty / bind9.git / commitdiff
