|
 |
b6b438 |
From 45c34e04c2018d839be71371bee594bc4794de2d Mon Sep 17 00:00:00 2001
|
|
|
b6b438 |
From: Andreas Schneider <asn@samba.org>
|
|
|
b6b438 |
Date: Wed, 31 Jul 2019 15:16:37 +0200
|
|
|
b6b438 |
Subject: [PATCH 067/187] lib:util: Add generate_nonce_buffer()
|
|
|
b6b438 |
|
|
|
b6b438 |
Signed-off-by: Andreas Schneider <asn@samba.org>
|
|
|
b6b438 |
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
|
|
|
b6b438 |
(cherry picked from commit 70ff216935acc099b762b527033b6191ba3307d0)
|
|
|
b6b438 |
---
|
|
|
b6b438 |
lib/util/genrand.c | 12 ++++++++++--
|
|
|
b6b438 |
lib/util/genrand.h | 11 +++++++++++
|
|
|
b6b438 |
2 files changed, 21 insertions(+), 2 deletions(-)
|
|
|
b6b438 |
|
|
|
b6b438 |
diff --git a/lib/util/genrand.c b/lib/util/genrand.c
|
|
|
b6b438 |
index 55997c3dd55..76c2cb81962 100644
|
|
|
b6b438 |
--- a/lib/util/genrand.c
|
|
|
b6b438 |
+++ b/lib/util/genrand.c
|
|
|
b6b438 |
@@ -25,8 +25,6 @@
|
|
|
b6b438 |
#include <gnutls/gnutls.h>
|
|
|
b6b438 |
#include <gnutls/crypto.h>
|
|
|
b6b438 |
|
|
|
b6b438 |
-/* TODO: Add API for generating nonce or use gnutls_rnd directly everywhere. */
|
|
|
b6b438 |
-
|
|
|
b6b438 |
_PUBLIC_ void generate_random_buffer(uint8_t *out, int len)
|
|
|
b6b438 |
{
|
|
|
b6b438 |
/* Thread and fork safe random number generator for temporary keys. */
|
|
|
b6b438 |
@@ -42,3 +40,13 @@ _PUBLIC_ void generate_secret_buffer(uint8_t *out, int len)
|
|
|
b6b438 |
/* Thread and fork safe random number generator for long term keys. */
|
|
|
b6b438 |
gnutls_rnd(GNUTLS_RND_KEY, out, len);
|
|
|
b6b438 |
}
|
|
|
b6b438 |
+
|
|
|
b6b438 |
+_PUBLIC_ void generate_nonce_buffer(uint8_t *out, int len)
|
|
|
b6b438 |
+{
|
|
|
b6b438 |
+ /*
|
|
|
b6b438 |
+ * The nonce generator will reseed after outputting a fixed amount of
|
|
|
b6b438 |
+ * bytes (typically few megabytes), or after few hours of operation
|
|
|
b6b438 |
+ * without reaching the limit has passed.
|
|
|
b6b438 |
+ */
|
|
|
b6b438 |
+ gnutls_rnd(GNUTLS_RND_NONCE, out, len);
|
|
|
b6b438 |
+}
|
|
|
b6b438 |
diff --git a/lib/util/genrand.h b/lib/util/genrand.h
|
|
|
b6b438 |
index 899ce8badc0..5af23100596 100644
|
|
|
b6b438 |
--- a/lib/util/genrand.h
|
|
|
b6b438 |
+++ b/lib/util/genrand.h
|
|
|
b6b438 |
@@ -28,3 +28,14 @@ void generate_random_buffer(uint8_t *out, int len);
|
|
|
b6b438 |
* Thread and fork safe random number generator for long term keys.
|
|
|
b6b438 |
*/
|
|
|
b6b438 |
void generate_secret_buffer(uint8_t *out, int len);
|
|
|
b6b438 |
+
|
|
|
b6b438 |
+/**
|
|
|
b6b438 |
+ * @brief Generate random values for a nonce buffer.
|
|
|
b6b438 |
+ *
|
|
|
b6b438 |
+ * This is also known as initialization vector.
|
|
|
b6b438 |
+ *
|
|
|
b6b438 |
+ * @param[in] out A pointer to the buffer to fill with random data.
|
|
|
b6b438 |
+ *
|
|
|
b6b438 |
+ * @param[in] len The size of the buffer to fill.
|
|
|
b6b438 |
+ */
|
|
|
b6b438 |
+void generate_nonce_buffer(uint8_t *out, int len);
|
|
|
b6b438 |
--
|
|
|
b6b438 |
2.23.0
|
|
|
b6b438 |
|