diff options
Diffstat (limited to 'src')
| -rw-r--r-- | src/libstrongswan/plugins/random/random_plugin.c | 13 | ||||
| -rw-r--r-- | src/libstrongswan/plugins/random/random_plugin.h | 5 | ||||
| -rw-r--r-- | src/libstrongswan/plugins/random/random_rng.c | 4 |
3 files changed, 22 insertions, 0 deletions
diff --git a/src/libstrongswan/plugins/random/random_plugin.c b/src/libstrongswan/plugins/random/random_plugin.c index 24c711a69..8ac1ac366 100644 --- a/src/libstrongswan/plugins/random/random_plugin.c +++ b/src/libstrongswan/plugins/random/random_plugin.c @@ -51,6 +51,9 @@ static int dev_random = -1; /** /dev/urandom file descriptor */ static int dev_urandom = -1; +/** Is strong randomness equivalent to true randomness? */ +static bool strong_equals_true = FALSE; + /** * See header. */ @@ -68,6 +71,14 @@ int random_plugin_get_dev_urandom() } /** + * See header. + */ +bool random_plugin_get_strong_equals_true() +{ + return strong_equals_true; +} + +/** * Open a random device file */ static bool open_dev(char *file, int *fd) @@ -131,6 +142,8 @@ plugin_t *random_plugin_create() }, ); + strong_equals_true = lib->settings->get_bool(lib->settings, + "libstrongswan.plugins.random.strong_equals_true", FALSE); urandom_file = lib->settings->get_str(lib->settings, "libstrongswan.plugins.random.urandom", DEV_URANDOM); random_file = lib->settings->get_str(lib->settings, diff --git a/src/libstrongswan/plugins/random/random_plugin.h b/src/libstrongswan/plugins/random/random_plugin.h index c34fa8196..ff79bef0c 100644 --- a/src/libstrongswan/plugins/random/random_plugin.h +++ b/src/libstrongswan/plugins/random/random_plugin.h @@ -49,4 +49,9 @@ int random_plugin_get_dev_random(); */ int random_plugin_get_dev_urandom(); +/** + * Must strong randomness be equivalent to true randomness? + */ +bool random_plugin_get_strong_equals_true(); + #endif /** RANDOM_PLUGIN_H_ @}*/ diff --git a/src/libstrongswan/plugins/random/random_rng.c b/src/libstrongswan/plugins/random/random_rng.c index 568844899..36d5446b8 100644 --- a/src/libstrongswan/plugins/random/random_rng.c +++ b/src/libstrongswan/plugins/random/random_rng.c @@ -99,6 +99,10 @@ random_rng_t *random_rng_create(rng_quality_t quality) this->fd = random_plugin_get_dev_random(); break; case RNG_STRONG: + this->fd = random_plugin_get_strong_equals_true() ? + random_plugin_get_dev_random() : + random_plugin_get_dev_urandom(); + break; case RNG_WEAK: default: this->fd = random_plugin_get_dev_urandom(); |