pike.git / src / post_modules / Nettle / nettle.cmod

version» Context lines:

pike.git/src/post_modules/Nettle/nettle.cmod:38:    *! @url{http://www.schneier.com/paper-yarrow.html@}, and it uses SHA1 and    *! triple-DES, and has a 160-bit internal state. Nettle implements    *! Yarrow-256, which is similar, but uses SHA256 and AES to get an    *! internal state of 256 bits.    */   PIKECLASS Yarrow   {    CVAR struct yarrow256_ctx ctx;    CVAR struct yarrow_source *sources;    -  PIKEVAR string seed_file flags ID_PRIVATE|ID_STATIC; -  +     DECLARE_STORAGE;    -  static void pike_generate_seed_file(void) -  { -  struct pike_string *seed_file = -  begin_shared_string(YARROW256_SEED_FILE_SIZE); -  yarrow256_random(&THIS->ctx, YARROW256_SEED_FILE_SIZE, STR0(seed_file)); -  if (THIS->seed_file) { -  free_string(THIS->seed_file); -  } -  THIS->seed_file = end_shared_string(seed_file); -  } -  +     /*! @decl void create(void|int sources)    *! The number of entropy sources that will feed entropy to the    *! random number generator is given as an argument to Yarrow    *! during instantiation.    *! @seealso    *! @[update]    */    PIKEFUN void create(void|int arg)    flags ID_PROTECTED;    {
pike.git/src/post_modules/Nettle/nettle.cmod:103:    */    PIKEFUN object seed(string(0..255) data)    optflags OPT_SIDE_EFFECT;    {    if(data->len < YARROW256_SEED_FILE_SIZE)    Pike_error("Seed must be at least %d characters.\n",    YARROW256_SEED_FILE_SIZE);       NO_WIDE_STRING(data);    yarrow256_seed(&THIS->ctx, data->len, STR0(data)); -  pike_generate_seed_file(); +     RETURN this_object();    }       /*! @decl int(0..) min_seed_size()    *! Returns the minimal number of characters that the @[seed]    *! needs to properly seed the random number generator.    *! @seealso    *! @[seed]    */    PIKEFUN int(0..) min_seed_size()    optflags OPT_TRY_OPTIMIZE;    {    RETURN YARROW256_SEED_FILE_SIZE;    }    -  /*! @decl string(0..255) get_seed() -  *! Returns part of the internal state so that it can -  *! be saved for later seeding. -  *! -  *! @seealso -  *! @[seed()], @[random_string()] -  */ -  PIKEFUN string(0..255) get_seed() -  optflags OPT_EXTERNAL_DEPEND; -  rawtype tDeprecated(tFunc(tNone, tStr8)); -  { -  if( !yarrow256_is_seeded(&THIS->ctx) ) -  Pike_error("Random generator not seeded.\n"); -  -  if (THIS->seed_file) { -  REF_RETURN THIS->seed_file; -  } else { -  /* -  * It seems somewhat unreasonable to use uninitialized memory here. -  * Instead, I think the user should be warned. It really isnt a very -  * good source of entropy and may lead to undefined behavior in C. -  * Why not simply return 0 in that case? -  * /arne -  */ -  struct pike_string *s = begin_shared_string(YARROW256_SEED_FILE_SIZE); -  PIKE_MEM_RW_RANGE(s->str, YARROW256_SEED_FILE_SIZE); -  s = end_shared_string(s); -  RETURN s; -  } -  } -  +     /*! @decl int(0..1) is_seeded()    *! Returns 1 if the random generator is seeded and ready    *! to generator output. 0 otherwise.    *! @seealso    *! @[seed]    */    PIKEFUN int(0..1) is_seeded()    optflags OPT_EXTERNAL_DEPEND;    {    RETURN yarrow256_is_seeded(&THIS->ctx);
pike.git/src/post_modules/Nettle/nettle.cmod:182:    *    * * Changes to the yarrow256 interface. The function    * yarrow256_force_reseed has been replaced by the two    * functions yarrow256_fast_reseed and yarrow256_slow_reseed,    * which were previously static.    */    yarrow256_slow_reseed(&THIS->ctx);   #else    yarrow256_force_reseed(&THIS->ctx);   #endif -  pike_generate_seed_file(); +     }       /*! @decl int(0..1) update(string(0..255) data, int source, int entropy)    *! Inject additional entropy into the random number generator.    *!    *! @seealso    *! @[create]    */    PIKEFUN int(0..1) update(string(0..255) data, int source, int entropy)    optflags OPT_SIDE_EFFECT;
pike.git/src/post_modules/Nettle/nettle.cmod:207:    if( !THIS->sources )    Pike_error("This random generator has no sources.\n");    if( source<0 || (unsigned)source>=THIS->ctx.nsources )    Pike_error("Invalid random source.\n");    if( entropy<0 )    Pike_error("Entropy must be positive.\n");    if( entropy>(data->len*8) )    Pike_error("Impossibly large entropy value.\n");    ret = yarrow256_update(&THIS->ctx, source, entropy, data->len,    (const uint8_t *)data->str); -  if (ret) { -  pike_generate_seed_file(); -  } +     RETURN ret;    }       /*! @decl int(0..) needed_sources()    *! The number of sources that must reach the threshold before a    *! slow reseed will happen.    */    PIKEFUN int(0..) needed_sources()    optflags OPT_EXTERNAL_DEPEND;    {
pike.git/src/post_modules/Nettle/nettle.cmod:239:    struct pike_string *rnd;    if(length < 0)    Pike_error("Invalid length, must be positive.\n");    if( !yarrow256_is_seeded(&THIS->ctx) )    Pike_error("Random generator not seeded.\n");    rnd = begin_shared_string(length);    yarrow256_random(&THIS->ctx, length, (uint8_t *)rnd->str);    RETURN end_shared_string(rnd);    }    +  /*! @decl string(0..255) get_seed() +  *! Returns part of the internal state so that it can be saved for +  *! later seeding. This method is deprecated. Instead read the +  *! @[min_seed_size] number of bytes from the @[random_string] +  *! method. +  *! +  *! @seealso +  *! @[seed()], @[random_string()] +  */ +  PIKEFUN string(0..255) get_seed() +  optflags OPT_EXTERNAL_DEPEND; +  rawtype tDeprecated(tFunc(tNone, tStr8)); +  { +  push_int(YARROW256_SEED_FILE_SIZE); +  f_Nettle_Yarrow_random_string(1); +  } +     INIT    {    THIS->sources = NULL;    yarrow256_init(&THIS->ctx, 0, NULL);    }       EXIT    gc_trivial;    {    if( THIS->sources )