From 664eed2e926f8f572b81e6d7c8e09b7ccbafb908 Mon Sep 17 00:00:00 2001 From: Andreas Schneider Date: Mon, 18 Mar 2019 17:03:30 +0100 Subject: [PATCH] lib:util: Use GnuTLS random number generator in genrand.c FIPS requires that a random number generator from a certified crypto library is used. Signed-off-by: Andreas Schneider Reviewed-by: Jeremy Allison Autobuild-User(master): Jeremy Allison Autobuild-Date(master): Thu Jul 18 01:30:20 UTC 2019 on sn-devel-184 --- lib/util/genrand.c | 31 +++++++------------------------ lib/util/genrand.h | 11 ++++------- lib/util/wscript_build | 2 +- 3 files changed, 12 insertions(+), 32 deletions(-) diff --git a/lib/util/genrand.c b/lib/util/genrand.c index a775535c49e..55997c3dd55 100644 --- a/lib/util/genrand.c +++ b/lib/util/genrand.c @@ -20,35 +20,17 @@ */ #include "replace.h" -#include "system/filesys.h" #include "lib/util/genrand.h" -#include "sys_rw_data.h" -#include "lib/util/blocking.h" -static int urand_fd = -1; +#include +#include -static void open_urandom(void) -{ - if (urand_fd != -1) { - return; - } - urand_fd = open( "/dev/urandom", O_RDONLY,0); - if (urand_fd == -1) { - abort(); - } - smb_set_close_on_exec(urand_fd); -} +/* TODO: Add API for generating nonce or use gnutls_rnd directly everywhere. */ _PUBLIC_ void generate_random_buffer(uint8_t *out, int len) { - ssize_t rw_ret; - - open_urandom(); - - rw_ret = read_data(urand_fd, out, len); - if (rw_ret != len) { - abort(); - } + /* Thread and fork safe random number generator for temporary keys. */ + gnutls_rnd(GNUTLS_RND_RANDOM, out, len); } /* @@ -57,5 +39,6 @@ _PUBLIC_ void generate_random_buffer(uint8_t *out, int len) */ _PUBLIC_ void generate_secret_buffer(uint8_t *out, int len) { - generate_random_buffer(out, len); + /* Thread and fork safe random number generator for long term keys. */ + gnutls_rnd(GNUTLS_RND_KEY, out, len); } diff --git a/lib/util/genrand.h b/lib/util/genrand.h index ef6bbc64157..899ce8badc0 100644 --- a/lib/util/genrand.h +++ b/lib/util/genrand.h @@ -20,14 +20,11 @@ */ /** - Interface to the (hopefully) good crypto random number generator. - Will use our internal PRNG if more than 40 bytes of random generation - has been requested, otherwise tries to read from /dev/random -**/ + * Thread and fork safe random number generator for temporary keys. + */ void generate_random_buffer(uint8_t *out, int len); /** - Interface to the (hopefully) good crypto random number generator. - Will always use /dev/urandom if available. -**/ + * Thread and fork safe random number generator for long term keys. + */ void generate_secret_buffer(uint8_t *out, int len); diff --git a/lib/util/wscript_build b/lib/util/wscript_build index ff1c76e3686..5f005c41e49 100644 --- a/lib/util/wscript_build +++ b/lib/util/wscript_build @@ -104,7 +104,7 @@ else: bld.SAMBA_LIBRARY('genrand', source='genrand.c', - deps='replace socket-blocking sys_rw', + deps='replace gnutls', local_include=False, private_library=True)