blob: edb7cd9de8f51e5e4d7fac392dd4617c50df8c17 (
plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
|
/*++
/* NAME
/* tls_seed 3
/* SUMMARY
/* TLS PRNG seeding routines
/* SYNOPSIS
/* #define TLS_INTERNAL
/* #include <tls.h>
/*
/* int tls_ext_seed(nbytes)
/* int nbytes;
/*
/* void tls_int_seed()
/* DESCRIPTION
/* tls_ext_seed() requests the specified number of bytes
/* from the tlsmgr(8) PRNG pool and updates the local PRNG.
/* The result is zero in case of success, -1 otherwise.
/*
/* tls_int_seed() mixes the process ID and time of day into
/* the PRNG pool. This adds a few bits of entropy with each
/* call, provided that the calls aren't made frequently.
/* LICENSE
/* .ad
/* .fi
/* The Secure Mailer license must be distributed with this
/* software.
/* AUTHOR(S)
/* Wietse Venema
/* IBM T.J. Watson Research
/* P.O. Box 704
/* Yorktown Heights, NY 10598, USA
/*--*/
/* System library. */
#include <sys_defs.h>
#include <sys/time.h> /* gettimeofday() */
#include <unistd.h> /* getpid() */
#ifdef USE_TLS
/* OpenSSL library. */
#include <openssl/rand.h> /* RAND_seed() */
/* Utility library. */
#include <msg.h>
#include <vstring.h>
/* TLS library. */
#include <tls_mgr.h>
#define TLS_INTERNAL
#include <tls.h>
/* Application-specific. */
/* tls_int_seed - add entropy to the pool by adding the time and PID */
void tls_int_seed(void)
{
static struct {
pid_t pid;
struct timeval tv;
} randseed;
if (randseed.pid == 0)
randseed.pid = getpid();
GETTIMEOFDAY(&randseed.tv);
RAND_seed(&randseed, sizeof(randseed));
}
/* tls_ext_seed - request entropy from tlsmgr(8) server */
int tls_ext_seed(int nbytes)
{
VSTRING *buf;
int status;
buf = vstring_alloc(nbytes);
status = tls_mgr_seed(buf, nbytes);
RAND_seed(vstring_str(buf), VSTRING_LEN(buf));
vstring_free(buf);
return (status == TLS_MGR_STAT_OK ? 0 : -1);
}
#endif
|
