detect failed RNG initialization
authorRudolf Polzer <divVerent@alientrap.org>
Fri, 27 Aug 2010 08:33:41 +0000 (10:33 +0200)
committerRudolf Polzer <divVerent@alientrap.org>
Fri, 27 Aug 2010 08:33:41 +0000 (10:33 +0200)
d0_bignum-gmp.c
d0_bignum.h
d0_blind_id.c
d0_blind_id.h

index 4e8a11b..1567d42 100644 (file)
@@ -39,9 +39,10 @@ static d0_bignum_t temp;
 #include <time.h>
 #include <stdio.h>
 
-void d0_bignum_INITIALIZE(void)
+WARN_UNUSED_RESULT BOOL d0_bignum_INITIALIZE(void)
 {
        FILE *f;
+       BOOL ret = 1;
        unsigned char buf[256];
        d0_bignum_init(&temp);
        gmp_randinit_mt(RANDSTATE);
@@ -53,18 +54,25 @@ void d0_bignum_INITIALIZE(void)
                if(CryptAcquireContext(&hCryptProv, NULL, NULL, PROV_RSA_FULL, CRYPT_VERIFYCONTEXT))
                {
                        if(!CryptGenRandom(hCryptProv, sizeof(buf), (PBYTE) &buf[0]))
+                       {
                                fprintf(stderr, "WARNING: could not initialize random number generator (CryptGenRandom failed)\n");
+                               ret = 0;
+                       }
                        CryptReleaseContext(hCryptProv, 0);
                }
-               else
+               else if(CryptAcquireContext(&hCryptProv, NULL, NULL, PROV_RSA_FULL, CRYPT_VERIFYCONTEXT | CRYPT_NEWKEYSET))
                {
-                       if(CryptAcquireContext(&hCryptProv, NULL, NULL, PROV_RSA_FULL, CRYPT_VERIFYCONTEXT | CRYPT_NEWKEYSET))
+                       if(!CryptGenRandom(hCryptProv, sizeof(buf), (PBYTE) &buf[0]))
                        {
-                               if(!CryptGenRandom(hCryptProv, sizeof(buf), (PBYTE) &buf[0]))
-                                       fprintf(stderr, "WARNING: could not initialize random number generator (CryptGenRandom failed)\n");
-                               CryptReleaseContext(hCryptProv, 0);
+                               fprintf(stderr, "WARNING: could not initialize random number generator (CryptGenRandom failed)\n");
+                               ret = 0;
                        }
+                       CryptReleaseContext(hCryptProv, 0);
+               }
+               else
+               {
                        fprintf(stderr, "WARNING: could not initialize random number generator (CryptAcquireContext failed)\n");
+                       ret = 0;
                }
        }
 #else
@@ -75,15 +83,23 @@ void d0_bignum_INITIALIZE(void)
        {
                setbuf(f, NULL);
                if(fread(buf, sizeof(buf), 1, f) != 1)
+               {
                        fprintf(stderr, "WARNING: could not initialize random number generator (read from random device failed)\n");
+                       ret = 0;
+               }
                fclose(f);
        }
        else
+       {
                fprintf(stderr, "WARNING: could not initialize random number generator (no random device found)\n");
+               ret = 0;
+       }
 #endif
 
        mpz_import(temp.z, sizeof(buf), 1, 1, 0, 0, buf);
        gmp_randseed(RANDSTATE, temp.z);
+
+       return ret;
 }
 
 void d0_bignum_SHUTDOWN(void)
index bccaee5..a11360c 100644 (file)
@@ -11,7 +11,7 @@ WARN_UNUSED_RESULT d0_bignum_t *d0_iobuf_read_bignum(d0_iobuf_t *buf, d0_bignum_
 WARN_UNUSED_RESULT ssize_t d0_bignum_export_unsigned(const d0_bignum_t *bignum, void *buf, size_t bufsize); // big endian, return value = number of significant bytes (or -1 on error)
 WARN_UNUSED_RESULT d0_bignum_t *d0_bignum_import_unsigned(d0_bignum_t *bignum, const void *buf, size_t bufsize);
 
-void d0_bignum_INITIALIZE(void);
+WARN_UNUSED_RESULT BOOL d0_bignum_INITIALIZE(void);
 void d0_bignum_SHUTDOWN(void);
 
 WARN_UNUSED_RESULT d0_bignum_t *d0_bignum_new(void);
index 4989e9e..e138642 100644 (file)
@@ -88,9 +88,9 @@ struct d0_blind_id_s
 
 static d0_bignum_t *zero, *one, *four, *temp0, *temp1, *temp2, *temp3, *temp4;
 
-void d0_blind_id_INITIALIZE(void)
+WARN_UNUSED_RESULT BOOL d0_blind_id_INITIALIZE(void)
 {
-       d0_bignum_INITIALIZE();
+       CHECK(d0_bignum_INITIALIZE());
        CHECK_ASSIGN(zero, d0_bignum_int(zero, 0));
        CHECK_ASSIGN(one, d0_bignum_int(one, 1));
        CHECK_ASSIGN(four, d0_bignum_int(four, 4));
@@ -99,8 +99,9 @@ void d0_blind_id_INITIALIZE(void)
        CHECK_ASSIGN(temp2, d0_bignum_int(temp2, 0));
        CHECK_ASSIGN(temp3, d0_bignum_int(temp3, 0));
        CHECK_ASSIGN(temp4, d0_bignum_int(temp4, 0));
+       return 1;
 fail:
-       ;
+       return 0;
 }
 
 void d0_blind_id_SHUTDOWN(void)
index 15768a6..1072ac6 100644 (file)
@@ -38,7 +38,7 @@ EXPORT WARN_UNUSED_RESULT BOOL d0_blind_id_authenticate_with_private_id_generate
 EXPORT WARN_UNUSED_RESULT BOOL d0_blind_id_fingerprint64_public_id(const d0_blind_id_t *ctx, char *outbuf, size_t *outbuflen);
 EXPORT WARN_UNUSED_RESULT BOOL d0_blind_id_sessionkey_public_id(const d0_blind_id_t *ctx, char *outbuf, size_t *outbuflen); // can only be done after successful key exchange, this performs a modpow; key length is limited by SHA_DIGESTSIZE for now; also ONLY valid after successful d0_blind_id_authenticate_with_private_id_verify/d0_blind_id_fingerprint64_public_id
 
-EXPORT void d0_blind_id_INITIALIZE(void);
+EXPORT WARN_UNUSED_RESULT BOOL d0_blind_id_INITIALIZE(void);
 EXPORT void d0_blind_id_SHUTDOWN(void);
 
 EXPORT void d0_blind_id_util_sha256(char *out, const char *in, size_t n);