Skip to content
GitLab
Menu
Projects
Groups
Snippets
Loading...
Help
Help
Support
Community forum
Keyboard shortcuts
?
Submit feedback
Contribute to GitLab
Sign in
Toggle navigation
Menu
Open sidebar
BC
public
external
mbedtls
Commits
66ff70dd
Commit
66ff70dd
authored
Mar 26, 2014
by
Paul Bakker
Browse files
Support for seed file writing and reading in Entropy
parent
766a5d02
Changes
5
Hide whitespace changes
Inline
Side-by-side
Showing
5 changed files
with
94 additions
and
0 deletions
+94
-0
ChangeLog
ChangeLog
+1
-0
include/polarssl/entropy.h
include/polarssl/entropy.h
+30
-0
include/polarssl/error.h
include/polarssl/error.h
+1
-0
library/entropy.c
library/entropy.c
+60
-0
library/error.c
library/error.c
+2
-0
No files found.
ChangeLog
View file @
66ff70dd
...
...
@@ -11,6 +11,7 @@ Features
* Testing script ssl-opt.sh added for testing 'live' ssl option
interoperability against OpenSSL and PolarSSL
* Support for reading EC keys that use SpecifiedECDomain in some cases.
* Entropy module now supports seed writing and reading
Changes
* Deprecated the Memory layer
...
...
include/polarssl/entropy.h
View file @
66ff70dd
...
...
@@ -52,6 +52,7 @@
#define POLARSSL_ERR_ENTROPY_SOURCE_FAILED -0x003C
/**< Critical entropy source failure. */
#define POLARSSL_ERR_ENTROPY_MAX_SOURCES -0x003E
/**< No more sources can be added. */
#define POLARSSL_ERR_ENTROPY_NO_SOURCES_DEFINED -0x0040
/**< No sources have been added to poll. */
#define POLARSSL_ERR_ENTROPY_FILE_IO_ERROR -0x0058
/**< Read/write error in file. */
#if !defined(POLARSSL_CONFIG_OPTIONS)
#define ENTROPY_MAX_SOURCES 20
/**< Maximum number of sources supported */
...
...
@@ -64,6 +65,7 @@
#define ENTROPY_BLOCK_SIZE 32
/**< Block size of entropy accumulator (SHA-256) */
#endif
#define ENTROPY_MAX_SEED_SIZE 1024
/**< Maximum size of seed we read from seed file */
#define ENTROPY_SOURCE_MANUAL ENTROPY_MAX_SOURCES
#ifdef __cplusplus
...
...
@@ -182,6 +184,34 @@ int entropy_func( void *data, unsigned char *output, size_t len );
int
entropy_update_manual
(
entropy_context
*
ctx
,
const
unsigned
char
*
data
,
size_t
len
);
#if defined(POLARSSL_FS_IO)
/**
* \brief Write a seed file
*
* \param ctx Entropy context
* \param path Name of the file
*
* \return 0 if successful,
* POLARSSL_ERR_ENTROPY_FILE_IO_ERROR on file error, or
* POLARSSL_ERR_ENTROPY_SOURCE_FAILED
*/
int
entropy_write_seed_file
(
entropy_context
*
ctx
,
const
char
*
path
);
/**
* \brief Read and update a seed file. Seed is added to this
* instance. No more than ENTROPY_MAX_SEED_SIZE bytes are
* read from the seed file. The rest is ignored.
*
* \param ctx Entropy context
* \param path Name of the file
*
* \return 0 if successful,
* POLARSSL_ERR_ENTROPY_FILE_IO_ERROR on file error,
* POLARSSL_ERR_ENTROPY_SOURCE_FAILED
*/
int
entropy_update_seed_file
(
entropy_context
*
ctx
,
const
char
*
path
);
#endif
#ifdef __cplusplus
}
#endif
...
...
include/polarssl/error.h
View file @
66ff70dd
...
...
@@ -66,6 +66,7 @@
* CTR_DBRG 4 0x0034-0x003A
* ENTROPY 3 0x003C-0x0040
* NET 11 0x0042-0x0056
* ENTROPY 1 0x0058-0x0058
* ASN1 7 0x0060-0x006C
* MD2 1 0x0070-0x0070
* MD4 1 0x0072-0x0072
...
...
library/entropy.c
View file @
66ff70dd
...
...
@@ -30,6 +30,10 @@
#include "polarssl/entropy.h"
#include "polarssl/entropy_poll.h"
#if defined(POLARSSL_FS_IO)
#include <stdio.h>
#endif
#if defined(POLARSSL_HAVEGE_C)
#include "polarssl/havege.h"
#endif
...
...
@@ -308,4 +312,60 @@ exit:
return
(
ret
);
}
#if defined(POLARSSL_FS_IO)
int
entropy_write_seed_file
(
entropy_context
*
ctx
,
const
char
*
path
)
{
int
ret
=
POLARSSL_ERR_ENTROPY_FILE_IO_ERROR
;
FILE
*
f
;
unsigned
char
buf
[
ENTROPY_BLOCK_SIZE
];
if
(
(
f
=
fopen
(
path
,
"wb"
)
)
==
NULL
)
return
(
POLARSSL_ERR_ENTROPY_FILE_IO_ERROR
);
if
(
(
ret
=
entropy_func
(
ctx
,
buf
,
ENTROPY_BLOCK_SIZE
)
)
!=
0
)
goto
exit
;
if
(
fwrite
(
buf
,
1
,
ENTROPY_BLOCK_SIZE
,
f
)
!=
ENTROPY_BLOCK_SIZE
)
{
ret
=
POLARSSL_ERR_ENTROPY_FILE_IO_ERROR
;
goto
exit
;
}
ret
=
0
;
exit:
fclose
(
f
);
return
(
ret
);
}
int
entropy_update_seed_file
(
entropy_context
*
ctx
,
const
char
*
path
)
{
FILE
*
f
;
size_t
n
;
unsigned
char
buf
[
ENTROPY_MAX_SEED_SIZE
];
if
(
(
f
=
fopen
(
path
,
"rb"
)
)
==
NULL
)
return
(
POLARSSL_ERR_ENTROPY_FILE_IO_ERROR
);
fseek
(
f
,
0
,
SEEK_END
);
n
=
(
size_t
)
ftell
(
f
);
fseek
(
f
,
0
,
SEEK_SET
);
if
(
n
>
ENTROPY_MAX_SEED_SIZE
)
n
=
ENTROPY_MAX_SEED_SIZE
;
if
(
fread
(
buf
,
1
,
n
,
f
)
!=
n
)
{
fclose
(
f
);
return
(
POLARSSL_ERR_ENTROPY_FILE_IO_ERROR
);
}
fclose
(
f
);
entropy_update_manual
(
ctx
,
buf
,
n
);
return
(
entropy_write_seed_file
(
ctx
,
path
)
);
}
#endif
/* POLARSSL_FS_IO */
#endif
library/error.c
View file @
66ff70dd
...
...
@@ -590,6 +590,8 @@ void polarssl_strerror( int ret, char *buf, size_t buflen )
snprintf
(
buf
,
buflen
,
"ENTROPY - No more sources can be added"
);
if
(
use_ret
==
-
(
POLARSSL_ERR_ENTROPY_NO_SOURCES_DEFINED
)
)
snprintf
(
buf
,
buflen
,
"ENTROPY - No sources have been added to poll"
);
if
(
use_ret
==
-
(
POLARSSL_ERR_ENTROPY_FILE_IO_ERROR
)
)
snprintf
(
buf
,
buflen
,
"ENTROPY - Read/write error in file"
);
#endif
/* POLARSSL_ENTROPY_C */
#if defined(POLARSSL_GCM_C)
...
...
Write
Preview
Markdown
is supported
0%
Try again
or
attach a new file
.
Attach a file
Cancel
You are about to add
0
people
to the discussion. Proceed with caution.
Finish editing this message first!
Cancel
Please
register
or
sign in
to comment