From 3f77702ee6e9225c31f1a2bb299492554fec4a19 Mon Sep 17 00:00:00 2001
From: gardners <paul@servalproject.org>
Date: Tue, 7 May 2013 14:41:59 +0930
Subject: [PATCH] add nonce generation function to remove strain on
 /dev/urandom on slow embedded devices. Wrote test to make sure that nonces
 are indeed unique.

---
 nonce.c        | 73 ++++++++++++++++++++++++++++++++++++++++++++++++++
 serval.h       |  3 +++
 sourcefiles.mk |  1 +
 3 files changed, 77 insertions(+)
 create mode 100644 nonce.c

diff --git a/nonce.c b/nonce.c
new file mode 100644
index 00000000..d0a09612
--- /dev/null
+++ b/nonce.c
@@ -0,0 +1,73 @@
+/*
+Copyright (C) 2013 Paul Gardner-Stephen, Serval Project.
+ 
+This program is free software; you can redistribute it and/or
+modify it under the terms of the GNU General Public License
+as published by the Free Software Foundation; either version 2
+of the License, or (at your option) any later version.
+ 
+This program is distributed in the hope that it will be useful,
+but WITHOUT ANY WARRANTY; without even the implied warranty of
+MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+GNU General Public License for more details.
+ 
+You should have received a copy of the GNU General Public License
+along with this program; if not, write to the Free Software
+Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA  02110-1301, USA.
+*/
+
+#include "serval.h"
+
+int nonce_initialised=0;
+unsigned char nonce_buffer[128];
+
+int generate_nonce(unsigned char *nonce,int bytes)
+{
+  if (bytes<1||bytes>128) return -1;
+ start:
+  if (!nonce_initialised) {
+    if (urandombytes(nonce_buffer,128))
+      return -1;
+    nonce_initialised=1;
+  }
+
+  // Increment nonce
+  int i;
+  for(i=0;i<128;i++)
+    {
+      unsigned char b=nonce_buffer[i]+1;
+      nonce_buffer[i]=b;
+      if (b) break;
+    }
+  if (i>=128) {
+    nonce_initialised=0;
+    goto start;
+  }
+
+  bcopy(nonce_buffer,nonce,bytes);
+  return 0;
+}
+
+int app_nonce_test(const struct cli_parsed *parsed, void *context)
+{
+  int i,j;
+  unsigned char nonces[0x10001][32];
+  for(i=0;i<0x10001;i++)
+    {
+      if (generate_nonce(&nonces[i][0],32))
+	{
+	  printf("Failed to generate nonce #%d\n",i);
+	  exit(-1);
+	}
+      for(j=0;j<i;j++) {
+	if (!bcmp(&nonces[i][0],&nonces[j][0],32)) {
+	  printf("Nonce #%d is the same as nonce #%d\n",i,j);
+	  exit(-1);
+	}
+      }
+      if (!(random()&0xff)) printf("Nonce #%d = %02x%02x%02x%02x...\n",
+			    i,nonces[i][0],nonces[i][1],nonces[i][2],nonces[i][3]);
+    }
+  printf("Test passed\n");
+  return 0;
+}
diff --git a/serval.h b/serval.h
index c38cc290..8ceb9658 100644
--- a/serval.h
+++ b/serval.h
@@ -675,6 +675,7 @@ int directory_registration();
 int directory_service_init();
 
 struct cli_parsed;
+int app_nonce_test(const struct cli_parsed *parsed, void *context);
 int app_rhizome_direct_sync(const struct cli_parsed *parsed, void *context);
 #ifdef HAVE_VOIPTEST
 int app_pa_phone(const struct cli_parsed *parsed, void *context);
@@ -833,4 +834,6 @@ int link_receive(overlay_mdp_frame *mdp);
 void link_explained(struct subscriber *subscriber);
 void link_interface_down(struct overlay_interface *interface);
 
+int generate_nonce(unsigned char *nonce,int bytes);
+
 #endif // __SERVALD_SERVALD_H
diff --git a/sourcefiles.mk b/sourcefiles.mk
index 00c34a07..e1d0a66b 100644
--- a/sourcefiles.mk
+++ b/sourcefiles.mk
@@ -26,6 +26,7 @@ SERVAL_SOURCES = $(SERVAL_BASE)audiodevices.c \
 	$(SERVAL_BASE)monitor-client.c \
 	$(SERVAL_BASE)monitor-cli.c \
 	$(SERVAL_BASE)net.c \
+	$(SERVAL_BASE)nonce.c \
 	$(SERVAL_BASE)overlay.c \
 	$(SERVAL_BASE)overlay_address.c \
 	$(SERVAL_BASE)overlay_buffer.c \