From 45c34e04c2018d839be71371bee594bc4794de2d Mon Sep 17 00:00:00 2001 From: Andreas Schneider Date: Wed, 31 Jul 2019 15:16:37 +0200 Subject: [PATCH 067/187] lib:util: Add generate_nonce_buffer() Signed-off-by: Andreas Schneider Reviewed-by: Andrew Bartlett (cherry picked from commit 70ff216935acc099b762b527033b6191ba3307d0) --- lib/util/genrand.c | 12 ++++++++++-- lib/util/genrand.h | 11 +++++++++++ 2 files changed, 21 insertions(+), 2 deletions(-) diff --git a/lib/util/genrand.c b/lib/util/genrand.c index 55997c3dd55..76c2cb81962 100644 --- a/lib/util/genrand.c +++ b/lib/util/genrand.c @@ -25,8 +25,6 @@ #include #include -/* TODO: Add API for generating nonce or use gnutls_rnd directly everywhere. */ - _PUBLIC_ void generate_random_buffer(uint8_t *out, int len) { /* Thread and fork safe random number generator for temporary keys. */ @@ -42,3 +40,13 @@ _PUBLIC_ void generate_secret_buffer(uint8_t *out, int len) /* Thread and fork safe random number generator for long term keys. */ gnutls_rnd(GNUTLS_RND_KEY, out, len); } + +_PUBLIC_ void generate_nonce_buffer(uint8_t *out, int len) +{ + /* + * The nonce generator will reseed after outputting a fixed amount of + * bytes (typically few megabytes), or after few hours of operation + * without reaching the limit has passed. + */ + gnutls_rnd(GNUTLS_RND_NONCE, out, len); +} diff --git a/lib/util/genrand.h b/lib/util/genrand.h index 899ce8badc0..5af23100596 100644 --- a/lib/util/genrand.h +++ b/lib/util/genrand.h @@ -28,3 +28,14 @@ void generate_random_buffer(uint8_t *out, int len); * Thread and fork safe random number generator for long term keys. */ void generate_secret_buffer(uint8_t *out, int len); + +/** + * @brief Generate random values for a nonce buffer. + * + * This is also known as initialization vector. + * + * @param[in] out A pointer to the buffer to fill with random data. + * + * @param[in] len The size of the buffer to fill. + */ +void generate_nonce_buffer(uint8_t *out, int len); -- 2.23.0