/*
* cryptsetup kernel RNG access functions
*
- * Copyright (C) 2010 Red Hat, Inc. All rights reserved.
+ * Copyright (C) 2010-2012, Red Hat, Inc. All rights reserved.
*
* This program is free software; you can redistribute it and/or
* modify it under the terms of the GNU General Public License
- * version 2 as published by the Free Software Foundation.
+ * as published by the Free Software Foundation; either version 2
+ * of the License, or (at your option) any later version.
*
* This program is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
*
* You should have received a copy of the GNU General Public License
* along with this program; if not, write to the Free Software
- * Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA
+ * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
*/
#include <stdlib.h>
#include <fcntl.h>
#include <errno.h>
#include <assert.h>
+#include <sys/select.h>
#include "libcryptsetup.h"
#include "internal.h"
#define RANDOM_DEVICE_TIMEOUT 5
/* URANDOM_DEVICE access */
-static int _get_urandom(struct crypt_device *ctx, char *buf, size_t len)
+static int _get_urandom(struct crypt_device *ctx __attribute__((unused)),
+ char *buf, size_t len)
{
int r;
size_t old_len = len;
r = read(urandom_fd, buf, len);
if (r == -1 && errno != EINTR)
return -EINVAL;
- len -= r;
- buf += r;
+ if (r > 0) {
+ len -= r;
+ buf += r;
+ }
}
assert(len == 0);
r = read(random_fd, buf, n);
- if (r == -1 && errno == EINTR)
+ if (r == -1 && errno == EINTR) {
+ r = 0;
continue;
+ }
/* bogus read? */
if(r > (int)n)
return -EINVAL;
/* random device is opened with O_NONBLOCK, EAGAIN is expected */
- if (r == -1 && (errno != EAGAIN || errno != EWOULDBLOCK))
+ if (r == -1 && (errno != EAGAIN && errno != EWOULDBLOCK))
return -EINVAL;
if (r > 0) {
/* Initialisation of both RNG file descriptors is mandatory */
int crypt_random_init(struct crypt_device *ctx)
{
+ if (random_initialised)
+ return 0;
+
/* Used for CRYPT_RND_NORMAL */
if(urandom_fd == -1)
urandom_fd = open(URANDOM_DEVICE, O_RDONLY);
case CRYPT_RND_NORMAL:
status = _get_urandom(ctx, buf, len);
break;
+ case CRYPT_RND_SALT:
+ if (crypt_fips_mode())
+ status = crypt_backend_rng(buf, len, quality, 1);
+ else
+ status = _get_urandom(ctx, buf, len);
+ break;
case CRYPT_RND_KEY:
+ if (crypt_fips_mode()) {
+ status = crypt_backend_rng(buf, len, quality, 1);
+ break;
+ }
rng_type = ctx ? crypt_get_rng_type(ctx) :
crypt_random_default_key_rng();
switch (rng_type) {
return status;
}
-void crypt_random_exit()
+void crypt_random_exit(void)
{
random_initialised = 0;
}
}
-int crypt_random_default_key_rng()
+int crypt_random_default_key_rng(void)
{
if (!strcmp(DEFAULT_RNG, RANDOM_DEVICE))
return CRYPT_RNG_RANDOM;
projects / platform / upstream / cryptsetup.git / blobdiff