random.c File Reference

Random number generator. More...

#include "utils/includes.h"
#include "utils/common.h"
#include "utils/eloop.h"
#include "crypto/crypto.h"
#include "sha1.h"
#include "random.h"

Macros
#define	POOL_WORDS   32
#define	POOL_WORDS_MASK   (POOL_WORDS - 1)
#define	POOL_TAP1   26
#define	POOL_TAP2   20
#define	POOL_TAP3   14
#define	POOL_TAP4   7
#define	POOL_TAP5   1
#define	EXTRACT_LEN   16
#define	MIN_READY_MARK   2
#define	RANDOM_ENTROPY_SIZE   20
#define	MIN_COLLECT_ENTROPY   1000

Functions
void	random_add_randomness (const void *buf, size_t len)
int	random_get_bytes (void *buf, size_t len)
int	random_pool_ready (void)
void	random_mark_pool_ready (void)
void	random_init (const char *entropy_file)
void	random_deinit (void)

Detailed Description

Random number generator.

This random number generator is used to provide additional entropy to the one provided by the operating system (os_get_random()) for session key generation. The os_get_random() output is expected to be secure and the implementation here is expected to provide only limited protection against cases where os_get_random() cannot provide strong randomness. This implementation shall not be assumed to be secure as the sole source of randomness. The random_get_bytes() function mixes in randomness from os_get_random() and as such, calls to os_get_random() can be replaced with calls to random_get_bytes() without reducing security.

The design here follows partially the design used in the Linux drivers/char/random.c, but the implementation here is simpler and not as strong. This is a compromise to reduce duplicated CPU effort and to avoid extra code/memory size. As pointed out above, os_get_random() needs to be guaranteed to be secure for any of the security assumptions to hold.