diff options
| author | defanor <defanor@uberspace.net> | 2023-09-15 21:54:12 +0300 |
|---|---|---|
| committer | defanor <defanor@uberspace.net> | 2023-09-15 21:54:12 +0300 |
| commit | 27999bd847c95bc85b3e860684fed794867677b4 (patch) | |
| tree | 1ee39dedca3658fc24e68fcf1caaa2a10182dd0c | |
| parent | 171dd160a5dab054af7096d52d5c970c4dea566f (diff) | |
Abstract out random generation
Still depending on gcrypt for hashing, but this is a step towards
making that dependency optional.
| -rw-r--r-- | configure.ac | 5 | ||||
| -rw-r--r-- | src/Makefile.am | 6 | ||||
| -rw-r--r-- | src/rexmpp.c | 9 | ||||
| -rw-r--r-- | src/rexmpp_openpgp.c | 5 | ||||
| -rw-r--r-- | src/rexmpp_random.c | 25 | ||||
| -rw-r--r-- | src/rexmpp_random.h | 22 | ||||
| -rw-r--r-- | src/rexmpp_xml_parser.c | 2 |
7 files changed, 67 insertions, 7 deletions
diff --git a/configure.ac b/configure.ac index 656eb7d..270f989 100644 --- a/configure.ac +++ b/configure.ac @@ -38,7 +38,10 @@ AM_CONDITIONAL([USE_RUST], [test "x$with_rust" == "xyes"]) LT_INIT -AM_PATH_LIBGCRYPT +# Libgcrypt + +AM_PATH_LIBGCRYPT([], + [AC_DEFINE([HAVE_GCRYPT], [1], [Libgcrypt is available])]) # libnice (+ glib) and libsrtp for media calls, optional diff --git a/src/Makefile.am b/src/Makefile.am index 5bf0f1a..44b6702 100644 --- a/src/Makefile.am +++ b/src/Makefile.am @@ -15,12 +15,14 @@ librexmpp_la_SOURCES = rexmpp_roster.h rexmpp_roster.c \ rexmpp_base64.h rexmpp_base64.c \ rexmpp_sasl.h rexmpp_sasl.c \ rexmpp_xml.h rexmpp_xml.c \ - rexmpp_utf8.h + rexmpp_utf8.h \ + rexmpp_random.h rexmpp_random.c include_HEADERS = config.h rexmpp_roster.h rexmpp_tcp.h rexmpp_socks.h rexmpp.h \ rexmpp_dns.h rexmpp_tls.h rexmpp_jid.h rexmpp_openpgp.h rexmpp_console.h \ rexmpp_pubsub.h rexmpp_http_upload.h rexmpp_jingle.h rexmpp_base64.h \ - rexmpp_sasl.h rexmpp_xml.h rexmpp_utf8.h rexmpp_xml_parser.h + rexmpp_sasl.h rexmpp_xml.h rexmpp_utf8.h rexmpp_xml_parser.h \ + rexmpp_random.h librexmpp_la_CFLAGS = $(AM_CFLAGS) $(LIBXML2_CFLAGS) $(EXPAT_CFLAGS) \ $(GNUTLS_CFLAGS) $(LIBDANE_CFLAGS) $(OPENSSL_CFLAGS) \ $(GSASL_CFLAGS) $(UNBOUND_CFLAGS) $(CARES_CFLAGS) $(GPGME_CFLAGS) \ diff --git a/src/rexmpp.c b/src/rexmpp.c index 7194d87..beb2762 100644 --- a/src/rexmpp.c +++ b/src/rexmpp.c @@ -17,8 +17,12 @@ #include "config.h" +#ifdef HAVE_GCRYPT #include <gcrypt.h> +#endif +#ifdef USE_UNBOUND #include <unbound.h> +#endif #ifdef HAVE_GPGME #include <gpgme.h> #endif @@ -39,6 +43,7 @@ #include "rexmpp_jingle.h" #include "rexmpp_base64.h" #include "rexmpp_sasl.h" +#include "rexmpp_random.h" struct rexmpp_iq_cacher { rexmpp_iq_callback_t cb; @@ -817,7 +822,7 @@ void rexmpp_schedule_reconnect (rexmpp_t *s) { return; } if (s->reconnect_number == 0) { - gcry_create_nonce((char*)&s->reconnect_seconds, sizeof(time_t)); + rexmpp_random_buf((char*)&s->reconnect_seconds, sizeof(time_t)); if (s->reconnect_seconds < 0) { s->reconnect_seconds = - s->reconnect_seconds; } @@ -852,7 +857,7 @@ char *rexmpp_gen_id (rexmpp_t *s) { (void)s; char buf_raw[18], *buf_base64 = NULL; size_t buf_base64_len = 0; - gcry_create_nonce(buf_raw, 18); + rexmpp_random_buf(buf_raw, 18); rexmpp_base64_to(buf_raw, 18, &buf_base64, &buf_base64_len); return buf_base64; } diff --git a/src/rexmpp_openpgp.c b/src/rexmpp_openpgp.c index c11d031..4ef7335 100644 --- a/src/rexmpp_openpgp.c +++ b/src/rexmpp_openpgp.c @@ -55,6 +55,7 @@ Possible future improvements: #include "rexmpp_jid.h" #include "rexmpp_pubsub.h" #include "rexmpp_base64.h" +#include "rexmpp_random.h" #ifdef HAVE_GPGME @@ -739,9 +740,9 @@ char *rexmpp_openpgp_payload (rexmpp_t *s, /* A random-length random-content padding. */ char *rand_str, rand[256]; - gcry_create_nonce(rand, 1); + rexmpp_random_buf(rand, 1); size_t rand_str_len = 0, rand_len = (unsigned char)rand[0] % (255 - 16) + 16; - gcry_create_nonce(rand, rand_len); + rexmpp_random_buf(rand, rand_len); rexmpp_base64_to(rand, rand_len, &rand_str, &rand_str_len); rexmpp_xml_t *rpad = diff --git a/src/rexmpp_random.c b/src/rexmpp_random.c new file mode 100644 index 0000000..8efabd3 --- /dev/null +++ b/src/rexmpp_random.c @@ -0,0 +1,25 @@ +/** + @file rexmpp_random.c + @brief Random generation + @author defanor <defanor@uberspace.net> + @date 2023 + @copyright MIT license. +*/ + +#include "config.h" + +#ifdef HAVE_GCRYPT +#include <gcrypt.h> +#else +#define _GNU_SOURCE +#include <stdlib.h> +#endif + + +void rexmpp_random_buf (void *buf, size_t len) { +#ifdef HAVE_GCRYPT + gcry_create_nonce(buf, len); +#else + arc4random_buf(buf, len); +#endif +} diff --git a/src/rexmpp_random.h b/src/rexmpp_random.h new file mode 100644 index 0000000..1b21001 --- /dev/null +++ b/src/rexmpp_random.h @@ -0,0 +1,22 @@ +/** + @file rexmpp_random.h + @brief Random generation + @author defanor <defanor@uberspace.net> + @date 2023 + @copyright MIT license. +*/ + +#ifndef REXMPP_RANDOM_H +#define REXMPP_RANDOM_H + +/** + @brief Fills a buffer with cryptographically-secure random data. + @param[out] buf A buffer to write into. + @param[in] len The number of bytes to fill. + + Uses arc4random_buf or gcry_create_nonce, depending on what is + available. +*/ +void rexmpp_random_buf (void *buf, size_t len); + +#endif diff --git a/src/rexmpp_xml_parser.c b/src/rexmpp_xml_parser.c index b2eaf8b..e00c70c 100644 --- a/src/rexmpp_xml_parser.c +++ b/src/rexmpp_xml_parser.c @@ -6,6 +6,8 @@ @copyright MIT license. */ +#include <string.h> + #include "rexmpp.h" #include "rexmpp_xml.h" #include "rexmpp_xml_parser.h" |