mirror of
https://github.com/zerotier/ZeroTierOne.git
synced 2024-12-24 15:16:40 +00:00
cleanup
This commit is contained in:
parent
e44d7a553f
commit
0db4151492
@ -178,32 +178,32 @@ void Utils::getSecureRandom(void *buf,unsigned int bytes)
|
|||||||
#ifdef __WINDOWS__
|
#ifdef __WINDOWS__
|
||||||
HCRYPTPROV cryptProvider = NULL;
|
HCRYPTPROV cryptProvider = NULL;
|
||||||
if (!CryptAcquireContextA(&cryptProvider,NULL,NULL,PROV_RSA_FULL,CRYPT_VERIFYCONTEXT|CRYPT_SILENT)) {
|
if (!CryptAcquireContextA(&cryptProvider,NULL,NULL,PROV_RSA_FULL,CRYPT_VERIFYCONTEXT|CRYPT_SILENT)) {
|
||||||
fprintf(stderr,"FATAL ERROR: Utils::getSecureRandom() unable to obtain WinCrypt context!\r\n");
|
fprintf(stderr,"FATAL: Utils::getSecureRandom() unable to obtain WinCrypt context!\r\n");
|
||||||
exit(1);
|
exit(1);
|
||||||
}
|
}
|
||||||
if (!CryptGenRandom(cryptProvider,(DWORD)sizeof(randomState),(BYTE *)randomState)) {
|
if (!CryptGenRandom(cryptProvider,(DWORD)sizeof(randomState),(BYTE *)randomState)) {
|
||||||
fprintf(stderr,"FATAL ERROR: Utils::getSecureRandom() CryptGenRandom failed!\r\n");
|
fprintf(stderr,"FATAL: Utils::getSecureRandom() CryptGenRandom failed!\r\n");
|
||||||
exit(1);
|
exit(1);
|
||||||
}
|
}
|
||||||
if (!CryptGenRandom(cryptProvider,(DWORD)sizeof(randomBuf),(BYTE *)randomBuf)) {
|
if (!CryptGenRandom(cryptProvider,(DWORD)sizeof(randomBuf),(BYTE *)randomBuf)) {
|
||||||
fprintf(stderr,"FATAL ERROR: Utils::getSecureRandom() CryptGenRandom failed!\r\n");
|
fprintf(stderr,"FATAL: Utils::getSecureRandom() CryptGenRandom failed!\r\n");
|
||||||
exit(1);
|
exit(1);
|
||||||
}
|
}
|
||||||
CryptReleaseContext(cryptProvider,0);
|
CryptReleaseContext(cryptProvider,0);
|
||||||
#else
|
#else
|
||||||
int devURandomFd = ::open("/dev/urandom",O_RDONLY);
|
int devURandomFd = ::open("/dev/urandom",O_RDONLY);
|
||||||
if (devURandomFd < 0) {
|
if (devURandomFd < 0) {
|
||||||
fprintf(stderr,"FATAL ERROR: Utils::getSecureRandom() unable to open /dev/urandom\n");
|
fprintf(stderr,"FATAL: Utils::getSecureRandom() unable to open /dev/urandom\n");
|
||||||
exit(1);
|
exit(1);
|
||||||
}
|
}
|
||||||
if ((int)::read(devURandomFd,randomState,sizeof(randomState)) != (int)sizeof(randomState)) {
|
if ((int)::read(devURandomFd,randomState,sizeof(randomState)) != (int)sizeof(randomState)) {
|
||||||
::close(devURandomFd);
|
::close(devURandomFd);
|
||||||
fprintf(stderr,"FATAL ERROR: Utils::getSecureRandom() unable to read from /dev/urandom\n");
|
fprintf(stderr,"FATAL: Utils::getSecureRandom() unable to read from /dev/urandom\n");
|
||||||
exit(1);
|
exit(1);
|
||||||
}
|
}
|
||||||
if ((int)::read(devURandomFd,randomBuf,sizeof(randomBuf)) != (int)sizeof(randomBuf)) {
|
if ((int)::read(devURandomFd,randomBuf,sizeof(randomBuf)) != (int)sizeof(randomBuf)) {
|
||||||
::close(devURandomFd);
|
::close(devURandomFd);
|
||||||
fprintf(stderr,"FATAL ERROR: Utils::getSecureRandom() unable to read from /dev/urandom\n");
|
fprintf(stderr,"FATAL: Utils::getSecureRandom() unable to read from /dev/urandom\n");
|
||||||
exit(1);
|
exit(1);
|
||||||
}
|
}
|
||||||
close(devURandomFd);
|
close(devURandomFd);
|
||||||
@ -223,11 +223,11 @@ void Utils::getSecureRandom(void *buf,unsigned int bytes)
|
|||||||
#endif
|
#endif
|
||||||
}
|
}
|
||||||
|
|
||||||
uint8_t h[48];
|
|
||||||
for(unsigned int k=0;k<4;++k) { // treat random state like a 256-bit counter; endian-ness is irrelevant since we just want random
|
for(unsigned int k=0;k<4;++k) { // treat random state like a 256-bit counter; endian-ness is irrelevant since we just want random
|
||||||
if (++randomState[k] != 0)
|
if (++randomState[k] != 0)
|
||||||
break;
|
break;
|
||||||
}
|
}
|
||||||
|
uint8_t h[48];
|
||||||
HMACSHA384((const uint8_t *)randomState,randomBuf,sizeof(randomBuf),h); // compute HMAC on random buffer using state as secret key
|
HMACSHA384((const uint8_t *)randomState,randomBuf,sizeof(randomBuf),h); // compute HMAC on random buffer using state as secret key
|
||||||
AES c(h);
|
AES c(h);
|
||||||
c.ctr(h + 32,randomBuf,sizeof(randomBuf),randomBuf); // encrypt random buffer with AES-CTR using HMAC result as key
|
c.ctr(h + 32,randomBuf,sizeof(randomBuf),randomBuf); // encrypt random buffer with AES-CTR using HMAC result as key
|
||||||
|
Loading…
Reference in New Issue
Block a user