samba-mirror

mirror of https://github.com/samba-team/samba.git synced 2025-01-22 22:04:08 +03:00

65 lines

2.0 KiB

C

Raw Normal View History

lib: Fix whitespace Signed-off-by: Volker Lendecke <vl@samba.org> Reviewed-by: Jeremy Allison <jra@samba.org> 2015-06-23 09:05:56 +02:00			`/*`
first public release of samba4 code (This used to be commit b0510b5428b3461aeb9bbe3cc95f62fc73e2b97f) 2003-08-13 01:53:07 +00:00			`Unix SMB/CIFS implementation.`

			`Functions to create reasonable random numbers for crypto use.`

			`Copyright (C) Jeremy Allison 2001`
lib: Fix whitespace Signed-off-by: Volker Lendecke <vl@samba.org> Reviewed-by: Jeremy Allison <jra@samba.org> 2015-06-23 09:05:56 +02:00
first public release of samba4 code (This used to be commit b0510b5428b3461aeb9bbe3cc95f62fc73e2b97f) 2003-08-13 01:53:07 +00:00			`This program is free software; you can redistribute it and/or modify`
			`it under the terms of the GNU General Public License as published by`
r23792: convert Samba4 to GPLv3 There are still a few tidyups of old FSF addresses to come (in both s3 and s4). More commits soon. (This used to be commit fcf38a38ac691abd0fa51b89dc951a08e89fdafa) 2007-07-10 02:07:03 +00:00			`the Free Software Foundation; either version 3 of the License, or`
first public release of samba4 code (This used to be commit b0510b5428b3461aeb9bbe3cc95f62fc73e2b97f) 2003-08-13 01:53:07 +00:00			`(at your option) any later version.`
lib: Fix whitespace Signed-off-by: Volker Lendecke <vl@samba.org> Reviewed-by: Jeremy Allison <jra@samba.org> 2015-06-23 09:05:56 +02:00
first public release of samba4 code (This used to be commit b0510b5428b3461aeb9bbe3cc95f62fc73e2b97f) 2003-08-13 01:53:07 +00:00			`This program is distributed in the hope that it will be useful,`
			`but WITHOUT ANY WARRANTY; without even the implied warranty of`
			`MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the`
			`GNU General Public License for more details.`
lib: Fix whitespace Signed-off-by: Volker Lendecke <vl@samba.org> Reviewed-by: Jeremy Allison <jra@samba.org> 2015-06-23 09:05:56 +02:00
first public release of samba4 code (This used to be commit b0510b5428b3461aeb9bbe3cc95f62fc73e2b97f) 2003-08-13 01:53:07 +00:00			`You should have received a copy of the GNU General Public License`
r23792: convert Samba4 to GPLv3 There are still a few tidyups of old FSF addresses to come (in both s3 and s4). More commits soon. (This used to be commit fcf38a38ac691abd0fa51b89dc951a08e89fdafa) 2007-07-10 02:07:03 +00:00			`along with this program. If not, see <http://www.gnu.org/licenses/>.`
first public release of samba4 code (This used to be commit b0510b5428b3461aeb9bbe3cc95f62fc73e2b97f) 2003-08-13 01:53:07 +00:00			`*/`

lib: Streamline genrand.c includes Signed-off-by: Volker Lendecke <vl@samba.org> Reviewed-by: Jeremy Allison <jra@samba.org> 2015-06-23 09:28:28 +02:00			`#include "replace.h"`
			`#include "lib/util/genrand.h"`
r25660: Add a new interface 'generate_secret_buffer()', to be used when we require top-quality entropy. We don't want to waste system enropy generating challenges (which simply need to be unpredictable, not secret) or when generating UUIDs. Rework generate_random_buffer() to use /dev/urandom less often, only to seed the existing RC4 based PRNG. (With an exception to ensure we don't waste this setup cost for very small entropy requests). Perhaps we should be using heimdal's code for this instead? This should drasticly reduce our entropy use, particularly in the build farm (automated Samba build on hosts without much other source of entropy). Andrew Bartlett (This used to be commit 6a5630d37191542022f02fae519227b7829ef620) 2007-10-16 01:27:15 +02:00
lib:util: Use GnuTLS random number generator in genrand.c FIPS requires that a random number generator from a certified crypto library is used. Signed-off-by: Andreas Schneider <asn@samba.org> Reviewed-by: Jeremy Allison <jra@samba.org> Autobuild-User(master): Jeremy Allison <jra@samba.org> Autobuild-Date(master): Thu Jul 18 01:30:20 UTC 2019 on sn-devel-184 2019-03-18 17:03:30 +01:00			`#include <gnutls/gnutls.h>`
			`#include <gnutls/crypto.h>`
r25660: Add a new interface 'generate_secret_buffer()', to be used when we require top-quality entropy. We don't want to waste system enropy generating challenges (which simply need to be unpredictable, not secret) or when generating UUIDs. Rework generate_random_buffer() to use /dev/urandom less often, only to seed the existing RC4 based PRNG. (With an exception to ensure we don't waste this setup cost for very small entropy requests). Perhaps we should be using heimdal's code for this instead? This should drasticly reduce our entropy use, particularly in the build farm (automated Samba build on hosts without much other source of entropy). Andrew Bartlett (This used to be commit 6a5630d37191542022f02fae519227b7829ef620) 2007-10-16 01:27:15 +02:00
lib:util: Add better documentation for generate_secret_buffer() Signed-off-by: Andreas Schneider <asn@samba.org> Reviewed-by: Andrew Bartlett <abartlet@samba.org> 2019-07-31 15:38:50 +02:00			`/*`
			`* Details about the GnuTLS CSPRNG:`
			`*`
			`* https://nikmav.blogspot.com/2017/03/improving-by-simplifying-gnutls-prng.html`
			`*/`

r13840: Mark some functions as public. (This used to be commit 9a188eb1f48a50d92a67a4fc2b3899b90074059a) 2006-03-05 17:15:19 +00:00			`_PUBLIC_ void generate_random_buffer(uint8_t *out, int len)`
first public release of samba4 code (This used to be commit b0510b5428b3461aeb9bbe3cc95f62fc73e2b97f) 2003-08-13 01:53:07 +00:00			`{`
lib:util: Fix documentation for random number functions Signed-off-by: Andreas Schneider <asn@samba.org> Reviewed-by: Alexander Bokovoy <ab@samba.org> 2019-08-12 16:10:20 +02:00			`/* Random number generator for temporary keys. */`
lib:util: Use GnuTLS random number generator in genrand.c FIPS requires that a random number generator from a certified crypto library is used. Signed-off-by: Andreas Schneider <asn@samba.org> Reviewed-by: Jeremy Allison <jra@samba.org> Autobuild-User(master): Jeremy Allison <jra@samba.org> Autobuild-Date(master): Thu Jul 18 01:30:20 UTC 2019 on sn-devel-184 2019-03-18 17:03:30 +01:00			`gnutls_rnd(GNUTLS_RND_RANDOM, out, len);`
first public release of samba4 code (This used to be commit b0510b5428b3461aeb9bbe3cc95f62fc73e2b97f) 2003-08-13 01:53:07 +00:00			`}`

r25660: Add a new interface 'generate_secret_buffer()', to be used when we require top-quality entropy. We don't want to waste system enropy generating challenges (which simply need to be unpredictable, not secret) or when generating UUIDs. Rework generate_random_buffer() to use /dev/urandom less often, only to seed the existing RC4 based PRNG. (With an exception to ensure we don't waste this setup cost for very small entropy requests). Perhaps we should be using heimdal's code for this instead? This should drasticly reduce our entropy use, particularly in the build farm (automated Samba build on hosts without much other source of entropy). Andrew Bartlett (This used to be commit 6a5630d37191542022f02fae519227b7829ef620) 2007-10-16 01:27:15 +02:00			`_PUBLIC_ void generate_secret_buffer(uint8_t *out, int len)`
			`{`
lib:util: Fix documentation for random number functions Signed-off-by: Andreas Schneider <asn@samba.org> Reviewed-by: Alexander Bokovoy <ab@samba.org> 2019-08-12 16:10:20 +02:00			`/*`
			`* Random number generator for long term keys.`
			`*`
			`* The key generator, will re-seed after a fixed amount of bytes is`
lib:util: Add better documentation for generate_secret_buffer() Signed-off-by: Andreas Schneider <asn@samba.org> Reviewed-by: Andrew Bartlett <abartlet@samba.org> 2019-07-31 15:38:50 +02:00			`* generated (typically less than the nonce), and will also re-seed`
			`* based on time, i.e., after few hours of operation without reaching`
			`* the limit for a re-seed. For its re-seed it mixes mixes data obtained`
			`* from the OS random device with the previous key.`
			`*/`
lib:util: Use GnuTLS random number generator in genrand.c FIPS requires that a random number generator from a certified crypto library is used. Signed-off-by: Andreas Schneider <asn@samba.org> Reviewed-by: Jeremy Allison <jra@samba.org> Autobuild-User(master): Jeremy Allison <jra@samba.org> Autobuild-Date(master): Thu Jul 18 01:30:20 UTC 2019 on sn-devel-184 2019-03-18 17:03:30 +01:00			`gnutls_rnd(GNUTLS_RND_KEY, out, len);`
r25660: Add a new interface 'generate_secret_buffer()', to be used when we require top-quality entropy. We don't want to waste system enropy generating challenges (which simply need to be unpredictable, not secret) or when generating UUIDs. Rework generate_random_buffer() to use /dev/urandom less often, only to seed the existing RC4 based PRNG. (With an exception to ensure we don't waste this setup cost for very small entropy requests). Perhaps we should be using heimdal's code for this instead? This should drasticly reduce our entropy use, particularly in the build farm (automated Samba build on hosts without much other source of entropy). Andrew Bartlett (This used to be commit 6a5630d37191542022f02fae519227b7829ef620) 2007-10-16 01:27:15 +02:00			`}`
lib:util: Add generate_nonce_buffer() Signed-off-by: Andreas Schneider <asn@samba.org> Reviewed-by: Andrew Bartlett <abartlet@samba.org> 2019-07-31 15:16:37 +02:00
			`_PUBLIC_ void generate_nonce_buffer(uint8_t *out, int len)`
			`{`
			`/*`
lib:util: Fix documentation for random number functions Signed-off-by: Andreas Schneider <asn@samba.org> Reviewed-by: Alexander Bokovoy <ab@samba.org> 2019-08-12 16:10:20 +02:00			`* Random number generator for nonce and initialization vectors.`
			`*`
lib:util: Add generate_nonce_buffer() Signed-off-by: Andreas Schneider <asn@samba.org> Reviewed-by: Andrew Bartlett <abartlet@samba.org> 2019-07-31 15:16:37 +02:00			`* The nonce generator will reseed after outputting a fixed amount of`
			`* bytes (typically few megabytes), or after few hours of operation`
			`* without reaching the limit has passed.`
			`*/`
			`gnutls_rnd(GNUTLS_RND_NONCE, out, len);`
			`}`

65 lines 2.0 KiB C Raw Normal View History Unescape Escape

65 lines

2.0 KiB

C

Raw Normal View History