diff options
| author | Martin Willi <martin@strongswan.org> | 2008-04-15 05:56:35 +0000 |
|---|---|---|
| committer | Martin Willi <martin@strongswan.org> | 2008-04-15 05:56:35 +0000 |
| commit | 6a365f0740ff683de52751c1c2903b0ddb6a7e0c (patch) | |
| tree | 0b2039f3975676490b4f713ae52db81e747a5314 /src/charon/encoding/payloads/encryption_payload.c | |
| parent | 0644ebd3de62e1df38fce4373460a9d1d2957981 (diff) | |
| download | strongswan-6a365f0740ff683de52751c1c2903b0ddb6a7e0c.tar.bz2 strongswan-6a365f0740ff683de52751c1c2903b0ddb6a7e0c.tar.xz | |
added API for random number generators, served through credential factory
ported randomizer_t to a rng_t on top of /dev/(u)random (plugin random)
Diffstat (limited to 'src/charon/encoding/payloads/encryption_payload.c')
| -rw-r--r-- | src/charon/encoding/payloads/encryption_payload.c | 28 |
1 files changed, 10 insertions, 18 deletions
diff --git a/src/charon/encoding/payloads/encryption_payload.c b/src/charon/encoding/payloads/encryption_payload.c index cdfda3d5e..b74cb0974 100644 --- a/src/charon/encoding/payloads/encryption_payload.c +++ b/src/charon/encoding/payloads/encryption_payload.c @@ -27,7 +27,6 @@ #include <encoding/generator.h> #include <encoding/parser.h> #include <utils/iterator.h> -#include <utils/randomizer.h> #include <crypto/signers/signer.h> @@ -322,7 +321,7 @@ static void generate(private_encryption_payload_t *this) static status_t encrypt(private_encryption_payload_t *this) { chunk_t iv, padding, to_crypt, result; - randomizer_t *randomizer; + rng_t *rng; status_t status; size_t block_size; @@ -333,8 +332,12 @@ static status_t encrypt(private_encryption_payload_t *this) } /* for random data in iv and padding */ - randomizer = randomizer_create(); - + rng = lib->crypto->create_rng(lib->crypto, RNG_WEAK); + if (!rng) + { + DBG1(DBG_ENC, "could not encrypt, no RNG found"); + return FAILED; + } /* build payload chunk */ generate(this); @@ -344,12 +347,7 @@ static status_t encrypt(private_encryption_payload_t *this) /* build padding */ block_size = this->crypter->get_block_size(this->crypter); padding.len = block_size - ((this->decrypted.len + 1) % block_size); - status = randomizer->allocate_pseudo_random_bytes(randomizer, padding.len, &padding); - if (status != SUCCESS) - { - randomizer->destroy(randomizer); - return status; - } + rng->allocate_bytes(rng, padding.len, &padding); /* concatenate payload data, padding, padding len */ to_crypt.len = this->decrypted.len + padding.len + 1; @@ -361,14 +359,8 @@ static status_t encrypt(private_encryption_payload_t *this) /* build iv */ iv.len = block_size; - status = randomizer->allocate_pseudo_random_bytes(randomizer, iv.len, &iv); - randomizer->destroy(randomizer); - if (status != SUCCESS) - { - chunk_free(&to_crypt); - chunk_free(&padding); - return status; - } + rng->allocate_bytes(rng, iv.len, &iv); + rng->destroy(rng); DBG3(DBG_ENC, "data before encryption with padding %B", &to_crypt); |