aboutsummaryrefslogtreecommitdiff
path: root/random/gnupg-random.c
Commit message (Collapse)AuthorAgeFilesLines
* trans: New random translator.Justus Winter2017-06-031-809/+0
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Previously, the Hurd included a translator providing /dev/random and /dev/urandom based on a source copy of the random number generator found in classic GnuPG. The new random translator is using the SHAKE128 algorithm from the SHA-3 family as the underlying cryptographic primitive. Being a sponge construction, it allows the extraction of arbitrary amounts of pseudorandom data. It is continuously fed entropy by hashing system state that is hard to predict. * Makefile (prog-subdirs): Remove 'random'. * NEWS: Update. * random/Makefile: Delete file. * random/TODO: Likewise. * random/gnupg-bithelp.h: Likewise. * random/gnupg-glue.h: Likewise. * random/gnupg-random.c: Likewise. * random/gnupg-random.h: Likewise. * random/gnupg-rmd.h: Likewise. * random/gnupg-rmd160.c: Likewise. * random/random.h: Likewise. * sutils/MAKEDEV.sh (random): Create node. (urandom): The new translator is both secure and non-blocking. Create a link from urandom to random for compatibility with Linux. * trans/Makefile (targets): Add 'random'. * trans/random.c: Move the skeleton of the old random translator here, but replace the PRNG with SHAKE128. Remove all dubious attempts of accounting for entropy. Do not block ever.
* random: Hash continuous areas in the csprng pool.Justus Winter2016-09-061-10/+9
| | | | | | | | | | | | | | | | | | | * random/gnupg-random.c (mix_pool): Store the first hash at the end of the pool. -- This fixes a long standing bug (since 1998) in Libgcrypt and GnuPG. An attacker who obtains 580 bytes of the random number from the standard RNG can trivially predict the next 20 bytes of output. The bug was found and reported by Felix Dörre and Vladimir Klebanov, Karlsruhe Institute of Technology. A paper describing the problem in detail will shortly be published. This is a port of c6dbfe89 from the GnuPG classic branch. CVE-id: CVE-2016-6313
* fix compiler warnings in hurd/randomFlavio Cruz2015-12-291-7/+7
| | | | | | | | | random: Fix compiler warnings. * random/gnupg-random.c: Use byte instead of char. * random/gnupg-rmd.h (rmd160_mixblock): Use byte instead of char. * random/gnupg-rmd.c (rmd160_mixblock): Likewise. * random/gnupg-rmd.c: Place #ifdef __HURD__ earlier to avoid warnings.
* random: fix typoJustus Winter2015-01-041-1/+1
| | | | * random/gnupg-random.c (read_pool): Fix typo in comment.
* misc: Fix typos in comments (found by codespell)Stefan Weil2015-01-031-2/+2
| | | | Signed-off-by: Stefan Weil <sw@weilnetz.de>
* Prepare the random translator to be merged into the Hurd sourcesJustus Winter2014-06-091-0/+810
Move the random translator to its own subdirectory 'random'. This is the last commit to this repository. Development of the random translator will continue in the main Hurd repository.
generated by cgit v1.2.3 (git 2.39.1) at 2025-04-19 13:07:40 +0000