X-Git-Url: http://www.chiark.greenend.org.uk/ucgi/~mdw/git/catacomb/blobdiff_plain/a7a76ebd30d6af9302fa58b4acad09c465cbac78..d6fab4f6ae209afd6799a2974ce2849123965170:/rand/rand.c diff --git a/rand/rand.c b/rand/rand.c index be39d798..ab00e893 100644 --- a/rand/rand.c +++ b/rand/rand.c @@ -35,13 +35,27 @@ #include #include "arena.h" -#include "blowfish-cbc.h" #include "paranoia.h" #define RAND__HACKS #include "rand.h" -#include "rmd160.h" -#include "rmd160-hmac.h" + +#include "noise.h" + +#include "twofish-counter.h" +#include "sha256.h" + +#define CIPHER_CTX twofish_counterctx +#define CIPHER_INIT twofish_counterinit +#define CIPHER_ENCRYPT twofish_counterencrypt +#define CIPHER_IVSZ TWOFISH_BLKSZ +#define CIPHER_KEYSZ TWOFISH_KEYSZ + +#define HASH_CTX sha256_ctx +#define HASH_INIT sha256_init +#define HASH sha256_hash +#define HASH_DONE sha256_done +#define HASH_SZ SHA256_HASHSZ /*----- Static variables --------------------------------------------------*/ @@ -56,13 +70,8 @@ gctx rand_global = { { &gops }, { { 0 }, 0, 0, 0, { 0 }, RAND_SECSZ, 0, - { { 0xb7, 0xb0, 0xb4, 0xdb, 0x59, 0x75, 0x49, 0x32, - 0x1a, 0x8d, 0x4b, 0x86, 0x3a, 0x38, 0xfd, 0x59, - 0xc1, 0x63, 0x66, 0xd9 }, 64, - { 0x91, 0x9a, 0xe6, 0xa1, 0x9d, 0x3a, 0x86, 0xef, - 0xb2, 0xb9, 0xca, 0xfc, 0x26, 0xf8, 0xb1, 0x04, - 0x4a, 0x41, 0xc4, 0x7a }, 64 }, - 0 } + { "Catacomb global random byte pool" }, + &noise_source } }; /*----- Macros ------------------------------------------------------------*/ @@ -98,8 +107,8 @@ void rand_init(rand_pool *r) r->irot = 0; r->ibits = r->obits = 0; r->o = RAND_SECSZ; - r->s = 0; - rmd160_hmacinit(&r->k, 0, 0); + r->s = &noise_source; + rand_key(r, 0, 0); rand_gate(r); } @@ -165,8 +174,18 @@ void rand_seed(rand_pool *r, unsigned bits) void rand_key(rand_pool *r, const void *k, size_t sz) { + HASH_CTX hc; + octet h[HASH_SZ]; + static const char label[] = "Catacomb random pool key"; + RAND_RESOLVE(r); - rmd160_hmacinit(&r->k, k, sz); + + assert(HASH_SZ >= RAND_KEYSZ); + HASH_INIT(&hc); + HASH(&hc, label, sizeof(label)); + if (sz) HASH(&hc, k, sz); + HASH_DONE(&hc, h); + memcpy(r->k.k, h, RAND_KEYSZ); } /* --- @rand_add@ --- * @@ -242,33 +261,28 @@ unsigned rand_goodbits(rand_pool *r) void rand_gate(rand_pool *r) { - octet mac[RMD160_HASHSZ]; + octet h[HASH_SZ]; + HASH_CTX hc; + CIPHER_CTX cc; RAND_RESOLVE(r); TIMER(r); /* --- Hash up all the data in the pool --- */ - { - rmd160_macctx mc; - - rmd160_macinit(&mc, &r->k); - rmd160_machash(&mc, r->pool, sizeof(r->pool)); - rmd160_machash(&mc, r->buf, sizeof(r->buf)); - rmd160_macdone(&mc, mac); - BURN(mc); - } + HASH_INIT(&hc); + HASH(&hc, r->pool, RAND_POOLSZ); + HASH(&hc, r->buf, RAND_BUFSZ); + HASH_DONE(&hc, h); + BURN(hc); /* --- Now mangle all of the data based on the hash --- */ - { - blowfish_cbcctx bc; - - blowfish_cbcinit(&bc, mac, sizeof(mac), 0); - blowfish_cbcencrypt(&bc, r->pool, r->pool, sizeof(r->pool)); - blowfish_cbcencrypt(&bc, r->buf, r->buf, sizeof(r->buf)); - BURN(bc); - } + assert(CIPHER_KEYSZ <= HASH_SZ); + CIPHER_INIT(&cc, h, CIPHER_KEYSZ, 0); + CIPHER_ENCRYPT(&cc, r->pool, r->pool, RAND_POOLSZ); + CIPHER_ENCRYPT(&cc, r->buf, r->buf, RAND_BUFSZ); + BURN(cc); /* --- Reset the various state variables --- */ @@ -296,32 +310,27 @@ void rand_gate(rand_pool *r) void rand_stretch(rand_pool *r) { - octet mac[RMD160_HASHSZ]; + octet h[HASH_SZ]; + HASH_CTX hc; + CIPHER_CTX cc; RAND_RESOLVE(r); TIMER(r); /* --- Hash up all the data in the buffer --- */ - { - rmd160_macctx mc; + HASH_INIT(&hc); + HASH(&hc, r->pool, RAND_POOLSZ); + HASH(&hc, r->buf, RAND_BUFSZ); + HASH_DONE(&hc, h); + BURN(hc); - rmd160_macinit(&mc, &r->k); - rmd160_machash(&mc, r->pool, sizeof(r->pool)); - rmd160_machash(&mc, r->buf, sizeof(r->buf)); - rmd160_macdone(&mc, mac); - BURN(mc); - } + /* --- Now mangle the buffer based on the hash --- */ - /* --- Now mangle the buffer based on that hash --- */ - - { - blowfish_cbcctx bc; - - blowfish_cbcinit(&bc, mac, sizeof(mac), 0); - blowfish_cbcencrypt(&bc, r->buf, r->buf, sizeof(r->buf)); - BURN(bc); - } + assert(CIPHER_KEYSZ < HASH_SZ); + CIPHER_INIT(&cc, h, CIPHER_KEYSZ, 0); + CIPHER_ENCRYPT(&cc, r->buf, r->buf, RAND_BUFSZ); + BURN(cc); /* --- Reset the various state variables --- */