pike.git / src / post_modules / Nettle / nettle.cmod

version» Context lines:

pike.git/src/post_modules/Nettle/nettle.cmod:38:    *! @url{http://www.schneier.com/paper-yarrow.html@}, and it uses SHA1 and    *! triple-DES, and has a 160-bit internal state. Nettle implements    *! Yarrow-256, which is similar, but uses SHA256 and AES to get an    *! internal state of 256 bits.    */   PIKECLASS Yarrow   {    CVAR struct yarrow256_ctx ctx;    CVAR struct yarrow_source *sources;    - #ifndef HAVE_STRUCT_YARROW256_CTX_SEED_FILE -  /* NOTE: Nettle 2.0 does not have the automatic seed_file maintenance -  * that Nettle 1.x had. This stuff is needed since it affected -  * the state emitted by random_string(). When Nettle 2.0 is the -  * default, consider implementing this via overloading of the -  * various seeding functions instead, since it does have a bit -  * of overhead. -  * -  * /grubba 2009-07-05 -  */ +     PIKEVAR string seed_file flags ID_PRIVATE|ID_STATIC; - #endif +        DECLARE_STORAGE;    - #ifndef HAVE_STRUCT_YARROW256_CTX_SEED_FILE +     static void pike_generate_seed_file(void)    {    struct pike_string *seed_file =    begin_shared_string(YARROW256_SEED_FILE_SIZE);    yarrow256_random(&THIS->ctx, YARROW256_SEED_FILE_SIZE, STR0(seed_file));    if (THIS->seed_file) {    free_string(THIS->seed_file);    }    THIS->seed_file = end_shared_string(seed_file);    } - #else - #define pike_generate_seed_file() - #endif +        /*! @decl void create(void|int sources)    *! The number of entropy sources that will feed entropy to the    *! random number generator is given as an argument to Yarrow    *! during instantiation.    *! @seealso    *! @[update]    */    PIKEFUN void create(void|int arg)    flags ID_PROTECTED;
pike.git/src/post_modules/Nettle/nettle.cmod:148:    *! @seealso    *! @[seed()], @[random_string()]    */    PIKEFUN string(0..255) get_seed()    optflags OPT_EXTERNAL_DEPEND;    rawtype tDeprecated(tFunc(tNone, tStr8));    {    if( !yarrow256_is_seeded(&THIS->ctx) )    Pike_error("Random generator not seeded.\n");    - #ifdef HAVE_STRUCT_YARROW256_CTX_SEED_FILE -  RETURN make_shared_binary_string(THIS->ctx.seed_file, -  YARROW256_SEED_FILE_SIZE); - #else +     if (THIS->seed_file) {    REF_RETURN THIS->seed_file;    } else {    /*    * It seems somewhat unreasonable to use uninitialized memory here.    * Instead, I think the user should be warned. It really isnt a very    * good source of entropy and may lead to undefined behavior in C.    * Why not simply return 0 in that case?    * /arne    */    struct pike_string *s = begin_shared_string(YARROW256_SEED_FILE_SIZE);    PIKE_MEM_RW_RANGE(s->str, YARROW256_SEED_FILE_SIZE);    s = end_shared_string(s);    RETURN s;    } - #endif /* HAVE_STRUCT_YARROW256_CTX_SEED_FILE */ +     }       /*! @decl int(0..1) is_seeded()    *! Returns 1 if the random generator is seeded and ready    *! to generator output. 0 otherwise.    *! @seealso    *! @[seed]    */    PIKEFUN int(0..1) is_seeded()    optflags OPT_EXTERNAL_DEPEND;