mir/bind
2
0
Fork 0
mirror of https://gitlab.isc.org/isc-projects/bind9 synced 2025-08-30 14:07:59 +00:00
Code Issues Releases Wiki Activity

Use the entropy api

Browse Source
This commit is contained in:
Brian Wellington 2000-06-09 22:34:40 +00:00
parent d4e608c5bc
commit 79d91e9150
8 changed files with 126 additions and 73 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

21
bin/dnssec/dnssec-keygen.c
View File

@ -17,7 +17,7 @@
* PERFORMANCE OF THIS SOFTWARE.
*/
/* $Id: dnssec-keygen.c,v 1.32 2000/06/09 21:30:33 gson Exp $ */
/* $Id: dnssec-keygen.c,v 1.33 2000/06/09 22:34:17 bwelling Exp $ */
#include <config.h>
@ -25,6 +25,7 @@
#include <isc/buffer.h>
#include <isc/commandline.h>
#include <isc/entropy.h>
#include <isc/mem.h>
#include <isc/region.h>
#include <isc/string.h>
@ -89,7 +90,7 @@ main(int argc, char **argv) {
dns_name_t *name;
isc_uint16_t flags = 0;
dns_secalg_t alg;
isc_boolean_t conflict = ISC_FALSE, null_key = ISC_FALSE;
isc_boolean_t conflict = ISC_FALSE, null_key = ISC_FALSE;
isc_mem_t *mctx = NULL;
int ch, rsa_exp = 0, generator = 0, param = 0;
int protocol = -1, size = -1, signatory = 0;
@ -98,6 +99,7 @@ main(int argc, char **argv) {
char filename[255];
isc_buffer_t buf;
isc_log_t *log = NULL;
isc_entropy_t *ectx = NULL;
RUNTIME_CHECK(isc_mem_create(0, 0, &mctx) == ISC_R_SUCCESS);
@ -112,8 +114,6 @@ main(int argc, char **argv) {
usage();
dns_result_register();
dst_result_register();
dst_lib_init(mctx);
while ((ch = isc_commandline_parse(argc, argv,
"a:b:eg:n:t:p:s:hv:")) != -1)
@ -179,6 +179,12 @@ main(int argc, char **argv) {
}
}
setup_entropy(mctx, &ectx);
ret = dst_lib_init(mctx, ectx,
ISC_ENTROPY_BLOCKING | ISC_ENTROPY_GOODONLY);
if (ret != ISC_R_SUCCESS)
fatal("could not initialize dst");
setup_logging(verbose, mctx, &log);
if (argc < isc_commandline_index + 1)
@ -311,8 +317,8 @@ main(int argc, char **argv) {
mctx, &key);
if (ret != ISC_R_SUCCESS) {
fatal("failed to generate key %s/%d: %s\n", name, alg,
dst_result_totext(ret));
fatal("failed to generate key %s/%d: %s\n",
nametostr(name), alg, dst_result_totext(ret));
exit(-1);
}
@ -351,7 +357,7 @@ main(int argc, char **argv) {
ret = dst_key_tofile(key, DST_TYPE_PUBLIC | DST_TYPE_PRIVATE, NULL);
if (ret != ISC_R_SUCCESS)
fatal("failed to write key %s/%s/%d: %s\n", name,
fatal("failed to write key %s/%s/%d: %s\n", nametostr(name),
dst_key_id(key), algtostr(alg), isc_result_totext(ret));
isc_buffer_clear(&buf);
@ -366,6 +372,7 @@ main(int argc, char **argv) {
if (log != NULL)
isc_log_destroy(&log);
cleanup_entropy(&ectx);
dst_lib_destroy();
if (verbose > 10)
isc_mem_stats(mctx, stdout);

10
bin/dnssec/dnssec-makekeyset.c
View File

@ -22,6 +22,7 @@
#include <stdlib.h>
#include <isc/commandline.h>
#include <isc/entropy.h>
#include <isc/mem.h>
#include <isc/string.h>
#include <isc/util.h>
@ -57,6 +58,7 @@ static isc_stdtime_t starttime = 0, endtime = 0, now;
static int ttl = -1;
static isc_mem_t *mctx = NULL;
static isc_entropy_t *ectx = NULL;
static keylist_t keylist;
@ -138,7 +140,6 @@ main(int argc, char *argv[]) {
isc_result_totext(result));
dns_result_register();
dst_lib_init(mctx);
while ((ch = isc_commandline_parse(argc, argv, "s:e:t:v:")) != -1)
{
@ -183,6 +184,12 @@ main(int argc, char *argv[]) {
if (argc < 1)
usage();
setup_entropy(mctx, &ectx);
result = dst_lib_init(mctx, ectx,
ISC_ENTROPY_BLOCKING | ISC_ENTROPY_GOODONLY);
if (result != ISC_R_SUCCESS)
fatal("could not initialize dst");
isc_stdtime_get(&now);
if (startstr != NULL) {
@ -390,6 +397,7 @@ main(int argc, char *argv[]) {
if (log != NULL)
isc_log_destroy(&log);
cleanup_entropy(&ectx);
isc_mem_free(mctx, output);
dst_lib_destroy();

10
bin/dnssec/dnssec-signkey.c
View File

@ -23,6 +23,7 @@
#include <isc/string.h>
#include <isc/commandline.h>
#include <isc/entropy.h>
#include <isc/mem.h>
#include <isc/util.h>
@ -56,6 +57,7 @@ typedef ISC_LIST(keynode_t) keylist_t;
static isc_stdtime_t now;
static isc_mem_t *mctx = NULL;
static isc_entropy_t *ectx = NULL;
static keylist_t keylist;
static void
@ -152,7 +154,6 @@ main(int argc, char *argv[]) {
check_result(result, "isc_mem_create()");
dns_result_register();
dst_lib_init(mctx);
while ((ch = isc_commandline_parse(argc, argv, "v:")) != -1)
{
@ -176,6 +177,12 @@ main(int argc, char *argv[]) {
if (argc < 2)
usage();
setup_entropy(mctx, &ectx);
result = dst_lib_init(mctx, ectx,
ISC_ENTROPY_BLOCKING | ISC_ENTROPY_GOODONLY);
if (result != ISC_R_SUCCESS)
fatal("could not initialize dst");
isc_stdtime_get(&now);
setup_logging(verbose, mctx, &log);
@ -342,6 +349,7 @@ main(int argc, char *argv[]) {
isc_log_destroy(&log);
isc_mem_free(mctx, output);
cleanup_entropy(&ectx);
dst_lib_destroy();
if (verbose > 10)
isc_mem_stats(mctx, stdout);

10
bin/dnssec/dnssec-signzone.c
View File

@ -22,6 +22,7 @@
#include <stdlib.h>
#include <isc/commandline.h>
#include <isc/entropy.h>
#include <isc/mem.h>
#include <isc/string.h>
#include <isc/util.h>
@ -73,6 +74,7 @@ static isc_stdtime_t starttime = 0, endtime = 0, now;
static int cycle = -1;
static isc_boolean_t tryverify = ISC_FALSE;
static isc_mem_t *mctx = NULL;
static isc_entropy_t *ectx = NULL;
static inline void
set_bit(unsigned char *array, unsigned int index, unsigned int bit) {
@ -1216,7 +1218,6 @@ main(int argc, char *argv[]) {
fatal("out of memory");
dns_result_register();
dst_lib_init(mctx);
while ((ch = isc_commandline_parse(argc, argv, "s:e:c:v:o:f:ah"))
!= -1) {
@ -1274,6 +1275,12 @@ main(int argc, char *argv[]) {
}
}
setup_entropy(mctx, &ectx);
result = dst_lib_init(mctx, ectx,
ISC_ENTROPY_BLOCKING | ISC_ENTROPY_GOODONLY);
if (result != ISC_R_SUCCESS)
fatal("could not initialize dst");
isc_stdtime_get(&now);
if (startstr != NULL) {
@ -1412,6 +1419,7 @@ main(int argc, char *argv[]) {
if (log != NULL)
isc_log_destroy(&log);
cleanup_entropy(&ectx);
dst_lib_destroy();
if (verbose > 10)
isc_mem_stats(mctx, stdout);

19
bin/dnssec/dnssectool.c
View File

@ -20,6 +20,7 @@
#include <stdlib.h>
#include <isc/buffer.h>
#include <isc/entropy.h>
#include <isc/string.h>
#include <isc/util.h>
@ -34,6 +35,8 @@
extern int verbose;
extern const char *program;
static isc_entropysource_t *devrandom = NULL;
void
fatal(const char *format, ...) {
va_list args;
@ -165,3 +168,19 @@ setup_logging(int verbose, isc_mem_t *mctx, isc_log_t **logp) {
*logp = log;
}
void
setup_entropy(isc_mem_t *mctx, isc_entropy_t **ectx) {
isc_result_t result;
result = isc_entropy_create(mctx, ectx);
if (result != ISC_R_SUCCESS)
fatal("could not create entropy object");
(void) isc_entropy_createfilesource(*ectx, "/dev/random", 0,
&devrandom);
}
void
cleanup_entropy(isc_entropy_t **ectx) {
if (devrandom != NULL)
isc_entropy_destroysource(&devrandom);
isc_entropy_detach(ectx);
}

6
bin/dnssec/dnssectool.h
View File

@ -39,4 +39,10 @@ algtostr(const dns_secalg_t alg);
void
setup_logging(int verbose, isc_mem_t *mctx, isc_log_t **logp);
void
setup_entropy(isc_mem_t *mctx, isc_entropy_t **ectx);
void
cleanup_entropy(isc_entropy_t **ectx);
#endif /* DNSSEC_DNSSECTOOL_H */

30
bin/tests/dst/dst_test.c
View File

@ -22,6 +22,7 @@
#include <unistd.h> /* XXX */
#include <isc/buffer.h>
#include <isc/entropy.h>
#include <isc/mem.h>
#include <isc/region.h>
#include <isc/string.h> /* Required for HP/UX (and others?) */
@ -212,24 +213,11 @@ generate(int alg, isc_mem_t *mctx) {
dst_key_free(&key);
}
static void
get_random(void) {
unsigned char data[25];
isc_buffer_t databuf;
isc_result_t ret;
unsigned int i;
isc_buffer_init(&databuf, data, sizeof(data));
ret = dst_random_get(sizeof(data), &databuf);
printf("random() returned: %s\n", isc_result_totext(ret));
for (i = 0; i < sizeof data; i++)
printf("%02x ", data[i]);
printf("\n");
}
int
main(void) {
isc_mem_t *mctx = NULL;
isc_entropy_t *ectx = NULL;
isc_entropysource_t *devrandom = NULL;
isc_buffer_t b;
dns_fixedname_t fname;
dns_name_t *name;
@ -240,8 +228,11 @@ main(void) {
getcwd(current, 256);
dns_result_register();
dst_result_register();
dst_lib_init(mctx);
isc_entropy_create(mctx, &ectx);
isc_entropy_createfilesource(ectx, "/dev/random", 0,
&devrandom);
dst_lib_init(mctx, ectx, ISC_ENTROPY_BLOCKING|ISC_ENTROPY_GOODONLY);
dns_fixedname_init(&fname);
name = dns_fixedname_name(&fname);
@ -264,9 +255,10 @@ main(void) {
generate(DST_ALG_DSA, mctx);
generate(DST_ALG_HMACMD5, mctx);
get_random();
dst_lib_destroy();
if (devrandom != NULL)
isc_entropy_destroysource(&devrandom);
isc_entropy_detach(&ectx);
isc_mem_put(mctx, current, 256);
/* isc_mem_stats(mctx, stdout);*/

93
bin/tests/dst/t_dst.c
View File

@ -29,6 +29,7 @@
#include <unistd.h> /* XXX */
#include <isc/buffer.h>
#include <isc/entropy.h>
#include <isc/mem.h>
#include <isc/region.h>
#include <isc/string.h>
@ -326,47 +327,6 @@ generate(int alg, isc_mem_t *mctx, int size, int *nfails) {
#define DBUFSIZ 25
static void
get_random(int *nfails) {
unsigned char data1[DBUFSIZ];
unsigned char data2[DBUFSIZ];
isc_buffer_t databuf1;
isc_buffer_t databuf2;
isc_result_t ret;
unsigned int i;
isc_buffer_init(&databuf1, data1, sizeof(data1));
ret = dst_random_get(sizeof(data1), &databuf1);
if (ret != ISC_R_SUCCESS) {
t_info("random() returned: %s\n", dst_result_totext(ret));
++*nfails;
return;
}
isc_buffer_init(&databuf2, data2, sizeof(data2));
ret = dst_random_get(sizeof(data2), &databuf2);
if (ret != ISC_R_SUCCESS) {
t_info("random() returned: %s\n", dst_result_totext(ret));
++*nfails;
return;
}
/*
* Weak test, but better than nought.
*/
if (memcmp(data1, data2, DBUFSIZ) == 0) {
t_info("data not random\n");
++*nfails;
}
if (T_debug) {
for (i = 0; i < sizeof(data1); i++)
t_info("data1[%d]: %02x ", i, data1[i]);
for (i = 0; i < sizeof(data2); i++)
t_info("data2[%d]: %02x ", i, data2[i]);
}
}
static const char *a1 =
"the dst module provides the capability to "
"generate, store and retrieve public and private keys, "
@ -376,6 +336,8 @@ static const char *a1 =
static void
t1(void) {
isc_mem_t *mctx;
isc_entropy_t *ectx;
isc_entropysource_t *devrandom;
int nfails;
int nprobs;
int result;
@ -396,7 +358,25 @@ t1(void) {
t_result(T_UNRESOLVED);
return;
}
dst_lib_init(mctx);
ectx = NULL;
isc_result = isc_entropy_create(mctx, &ectx);
if (isc_result != ISC_R_SUCCESS) {
t_info("isc_entropy_create failed %d\n",
isc_result_totext(isc_result));
t_result(T_UNRESOLVED);
return;
}
devrandom = NULL;
isc_entropy_createfilesource(ectx, "/dev/random", 0,
&devrandom);
isc_result = dst_lib_init(mctx, ectx,
ISC_ENTROPY_BLOCKING|ISC_ENTROPY_GOODONLY);
if (isc_result != ISC_R_SUCCESS) {
t_info("dst_lib_init failed %d\n",
isc_result_totext(isc_result));
t_result(T_UNRESOLVED);
return;
}
t_info("testing use of stored keys [1]\n");
@ -435,10 +415,13 @@ t1(void) {
generate(DST_ALG_HMACMD5, mctx, 512, &nfails);
t_info("testing random number sequence generation\n");
get_random(&nfails);
dst_lib_destroy();
if (devrandom != NULL)
isc_entropy_destroysource(&devrandom);
isc_entropy_detach(&ectx);
isc_mem_destroy(&mctx);
result = T_UNRESOLVED;
@ -820,6 +803,8 @@ t2_vfy(char **av) {
int nfails;
int nprobs;
isc_mem_t *mctx;
isc_entropy_t *ectx;
isc_entropysource_t *devrandom;
isc_result_t isc_result;
int result;
@ -849,7 +834,23 @@ t2_vfy(char **av) {
isc_result_totext(isc_result));
return(T_UNRESOLVED);
}
dst_lib_init(mctx);
ectx = NULL;
isc_result = isc_entropy_create(mctx, &ectx);
if (isc_result != ISC_R_SUCCESS) {
t_info("isc_entropy_create failed %d\n",
isc_result_totext(isc_result));
return(T_UNRESOLVED);
}
devrandom = NULL;
isc_entropy_createfilesource(ectx, "/dev/random", 0,
&devrandom);
isc_result = dst_lib_init(mctx, ectx,
ISC_ENTROPY_BLOCKING|ISC_ENTROPY_GOODONLY);
if (isc_result != ISC_R_SUCCESS) {
t_info("dst_lib_init failed %d\n",
isc_result_totext(isc_result));
return(T_UNRESOLVED);
}
t_info("testing %s, %s, %s, %s, %s, %s\n",
datapath, sigpath, keyname, key, alg, exp_result);
@ -860,6 +861,10 @@ t2_vfy(char **av) {
dst_lib_destroy();
if (devrandom != NULL)
isc_entropy_destroysource(&devrandom);
isc_entropy_detach(&ectx);
isc_mem_destroy(&mctx);
result = T_UNRESOLVED;