From 45a1deb88926ce09b38f0822f387242e8bd44231 Mon Sep 17 00:00:00 2001 From: Pekka Riikonen Date: Fri, 15 Feb 2002 17:31:57 +0000 Subject: [PATCH] updates. --- CHANGES | 5 + TODO | 6 - lib/doc/silcrng_intro.html | 171 ++++++++++++++ lib/silccrypt/DIRECTORY | 3 +- lib/silccrypt/silcrng.c | 31 ++- lib/silccrypt/silcrng.h | 455 ++++++++++++++++++++++++------------- 6 files changed, 487 insertions(+), 184 deletions(-) create mode 100644 lib/doc/silcrng_intro.html diff --git a/CHANGES b/CHANGES index 88f84e17..058ff1f3 100644 --- a/CHANGES +++ b/CHANGES @@ -1,3 +1,8 @@ +Fri Feb 15 19:10:20 EET 2002 Pekka Riikonen + + * Create lib/doc/silcrng_intro.html document as introduction + to SILC RNG. ROBOdoc documented lib/silccrypt/silcrng.h. + Fri Feb 15 13:23:03 CET 2002 Johnny Mnemonic * Fixes to the silcd config template. Affected file is diff --git a/TODO b/TODO index 69330dec..00b2f3e2 100644 --- a/TODO +++ b/TODO @@ -1,9 +1,6 @@ TODO/bugs in Irssi SILC client ============================== - o When autoconnect="yes" is set in silc.conf the irssi complains about - unknown chat protocol. - o Rewrite the notify handling in the new Irssi SILC client. o /cumode for unknown nick does not give any error message. @@ -132,9 +129,6 @@ Manual. and naming conventions used in the Toolkit (should not be actually the CodingStyle document, but something more general). - o Move the lib/silccrypt/silcrng.h's "how the RNG works" documentation - to its own html file and link it to the reference manual. - TODO in SILC Protocol ===================== diff --git a/lib/doc/silcrng_intro.html b/lib/doc/silcrng_intro.html new file mode 100644 index 00000000..858a3128 --- /dev/null +++ b/lib/doc/silcrng_intro.html @@ -0,0 +1,171 @@ +Introduction to Random Number Generator + +
 
 
+Overview + +
 
+SILC Random Number Generator is cryptographically strong pseudo random +number generator. It is used to generate all the random numbers needed +in the SILC sessions. All key material and other sources needing random +numbers use this generator. + +
 
+The RNG has a random pool of 1024 bytes of size that provides the actual +random numbers for the application. The pool is initialized when the +RNG is allocated and initialized with silc_rng_alloc and silc_rng_init +functions, respectively. + + +
 
 
+Random Pool Initialization + +
 
+The RNG's random pool is the source of all random output data. The pool is +initialized with silc_rng_init and application can reseed it at any time +by calling the silc_rng_add_noise function. + +
 
+The initializing phase attempts to set the random pool in a state that it +is impossible to learn the input data to the RNG or any random output +data. This is achieved by acquiring noise from various system sources. The +first source is called to provide "soft noise". This noise is various +data from system's processes. The second source is called to provide +"medium noise". This noise is various output data from executed commands. +Usually the commands are Unix `ps' and `ls' commands with various options. +The last source is called to provide "hard noise" and is noise from +system's /dev/random, if it exists. + + +
 
 
+Stirring the Random Pool + +
 
+Every time data is acquired from any source, the pool is stirred. The +stirring process performs an CFB (cipher feedback) encryption with SHA1 +algorithm to the entire random pool. First it acquires an IV (Initial +Vector) from the constant (random) location of the pool and performs +the first CFB pass. Then it acquires a new encryption key from variable +location of the pool and performs the second CFB pass. The encryption +key thus is always acquired from unguessable data. + +
 
+The encryption process to the entire random pool assures that it is +impossible to learn the input data to the random pool without breaking the +encryption process. This would effectively mean breaking the SHA1 hash +function. The encryption process also assures that each random output from +the random pool is secured with cryptographically strong function, the +SHA1 in this case. + +
 
+The random pool can be restirred by the application at any point by +calling the silc_rng_add_noise function. This function adds new noise to +the pool and then stirs the entire pool. + + +
 
 
+Stirring Threshholds + +
 
+The random pool has two threshholds that controls when the random pool +needs more new noise and requires restirring. As previously mentioned, the +application may do this by calling the silc_rng_add_noise. However, the +RNG performs this also automatically. + +
 
+The first threshhold gets soft noise from system and stirs the random pool. +The threshhold is reached after 64 bits of random data has been fetched +from the RNG. After the 64 bits, the soft noise acquiring and restirring +process is performed every 8 bits of random output data until the second +threshhold is reached. + +
 
+The second threshhold gets hard noise from system and stirs the random +pool. The threshhold is reached after 160 bits of random output. After the +noise is acquired (from /dev/urandom) the random pool is stirred and the +threshholds are set to zero. The process is repeated again after 64 bits of +output for first threshhold and after 160 bits of output for the second +threshhold. + + +
 
 
+Internal State of the Random Pool + +
 
+The random pool has also internal state that provides several variable +distinct points to the random pool where the data is fetched. The state +changes every 8 bits of output data and it is guaranteed that the fetched +8 bits of data is from distinct location compared to the previous 8 bits. +It is also guaranteed that the internal state never wraps before +restirring the entire random pool. The internal state means that the data +is not fetched linearly from the pool, eg. starting from zero and wrapping +at the end of the pool. The internal state is not dependent of any random +data in the pool. The internal states are initialized (by default the pool +is splitted to four different sections (states)) at the RNG +initialization phase. The state's current position is added linearly and +wraps at the the start of the next state. The states provides the distinct +locations. + + +
 
 
+Security Considerations + +
 
+The security of this random number generator, like of any other RNG's, +depends of the initial state of the RNG. The initial state of the random +number generators must be unknown to an adversary. This means that after +the RNG is initialized it is required that the input data to the RNG and +the output data to the application has no correlation of any kind that +could be used to compromise the acquired random numbers or any future +random numbers. + +
 
+It is, however, clear that the correlation exists but it needs to be +hard to solve for an adversary. To accomplish this the input data to the +random number generator needs to be secret. Usually this is impossible to +achieve. That is why SILC's RNG acquires the noise from three different +sources and provides for the application an interface to add more noise at +any time. The first source ("soft noise") is known to the adversary but +requires exact timing to get all of the input data. However, getting only +partial data is easy. The second source ("medium noise") depends on the +place of execution of the application. Getting at least partial data is +easy but securing for example the user's home directory from outside access +makes it harder. The last source ("hard noise") is considered to be the +most secure source of data. An adversary is not considered to have any +access on this data. This of course greatly depends on the operating system. + +
 
+These three sources are considered to be adequate since the random pool is +relatively large and the output of each bit of the random pool is secured +by cryptographically secure function, the SHA1 in CFB mode encryption. +Furthermore the application may provide other random data, such as random +key strokes or mouse movement to the RNG. However, it is recommended that +the application would not be the single point of source for the RNG, in +either intializing or reseeding phases later in the session. Good solution +is probably to use both, the application's seeds and the RNG's own +sources, equally. + +
 
+The RNG must also assure that any old or future random numbers are not +compromised if an adversary would learn the initial input data (or any +input data for that matter). The SILC's RNG provides good protection for +this even if the some of the input bits would be compromised for old or +future random numbers. The RNG reinitalizes (reseeds) itself using the +threshholds after every 64 and 160 bits of output. This is considered to be +adequate even if some of the bits would get compromised. Also, the +applications that use the RNG usually fetches at least 256 bits from the +RNG. This means that everytime RNG is accessed both of the threshholds are +reached. This should mean that the RNG is never too long in an compromised +state and recovers as fast as possible. + + +
 
 
+Caveat Windows Programmer + +
 
+The caller must be cautios when using this RNG with native WIN32 system. +The RNG most likely is impossible to set in unguessable state just by +using the RNG's input data sources. On WIN32 it is stronly suggested +that caller would add more random noise after the initialization of the +RNG using the silc_rng_add_noise function. For example, random mouse +movements may be used. + diff --git a/lib/silccrypt/DIRECTORY b/lib/silccrypt/DIRECTORY index b52c4f5c..58101e8b 100644 --- a/lib/silccrypt/DIRECTORY +++ b/lib/silccrypt/DIRECTORY @@ -1,11 +1,12 @@ SILC Crypto Library diff --git a/lib/silccrypt/silcrng.c b/lib/silccrypt/silcrng.c index 7e103264..a330e0dc 100644 --- a/lib/silccrypt/silcrng.c +++ b/lib/silccrypt/silcrng.c @@ -1,16 +1,15 @@ /* - silcrng.c + silcrng.c - Author: Pekka Riikonen + Author: Pekka Riikonen - Copyright (C) 1997 - 2001 Pekka Riikonen + Copyright (C) 1997 - 2002 Pekka Riikonen This program is free software; you can redistribute it and/or modify it under the terms of the GNU General Public License as published by - the Free Software Foundation; either version 2 of the License, or - (at your option) any later version. - + the Free Software Foundation; version 2 of the License. + This program is distributed in the hope that it will be useful, but WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the @@ -119,7 +118,7 @@ typedef struct SilcRngStateContext { 64 bits of output and hard noise every 160 bits of output. */ -typedef struct SilcRngObjectStruct { +struct SilcRngStruct { unsigned char pool[SILC_RNG_POOLSIZE]; unsigned char key[64]; SilcRngState state; @@ -127,11 +126,11 @@ typedef struct SilcRngObjectStruct { uint8 threshhold; char *devrandom; int fd_devurandom; -} SilcRngObject; +}; /* Allocates new RNG object. */ -SilcRng silc_rng_alloc() +SilcRng silc_rng_alloc(void) { SilcRng new; @@ -450,7 +449,7 @@ static uint32 silc_rng_get_position(SilcRng rng) /* Returns random byte. */ -unsigned char silc_rng_get_byte(SilcRng rng) +uint8 silc_rng_get_byte(SilcRng rng) { rng->threshhold++; @@ -537,7 +536,7 @@ SilcRng global_rng = NULL; /* Initialize global RNG. If `rng' is provided it is set as the global RNG object (it can be allocated by the application for example). */ -int silc_rng_global_init(SilcRng rng) +bool silc_rng_global_init(SilcRng rng) { if (rng) global_rng = rng; @@ -549,7 +548,7 @@ int silc_rng_global_init(SilcRng rng) /* Uninitialize global RNG */ -int silc_rng_global_uninit() +bool silc_rng_global_uninit(void) { if (global_rng) { silc_rng_free(global_rng); @@ -561,7 +560,7 @@ int silc_rng_global_uninit() /* These are analogous to the functions above. */ -unsigned char silc_rng_global_get_byte() +uint8 silc_rng_global_get_byte(void) { return global_rng ? silc_rng_get_byte(global_rng) : 0; } @@ -569,7 +568,7 @@ unsigned char silc_rng_global_get_byte() /* Return random byte as fast as possible. Reads from /dev/urandom if available. If not then return from normal RNG (not so fast). */ -unsigned char silc_rng_global_get_byte_fast() +uint8 silc_rng_global_get_byte_fast(void) { #ifndef SILC_WIN32 unsigned char buf[1]; @@ -593,12 +592,12 @@ unsigned char silc_rng_global_get_byte_fast() #endif } -uint16 silc_rng_global_get_rn16() +uint16 silc_rng_global_get_rn16(void) { return global_rng ? silc_rng_get_rn16(global_rng) : 0; } -uint32 silc_rng_global_get_rn32() +uint32 silc_rng_global_get_rn32(void) { return global_rng ? silc_rng_get_rn32(global_rng) : 0; } diff --git a/lib/silccrypt/silcrng.h b/lib/silccrypt/silcrng.h index ef52b03a..4e3b3bc4 100644 --- a/lib/silccrypt/silcrng.h +++ b/lib/silccrypt/silcrng.h @@ -1,23 +1,20 @@ /* - silcrng.h - - COPYRIGHT - - Author: Pekka Riikonen - - Copyright (C) 1997 - 2001 Pekka Riikonen - + silcrng.h + + Author: Pekka Riikonen + + Copyright (C) 1997 - 2002 Pekka Riikonen + This program is free software; you can redistribute it and/or modify it under the terms of the GNU General Public License as published by - the Free Software Foundation; either version 2 of the License, or - (at your option) any later version. - + the Free Software Foundation; version 2 of the License. + This program is distributed in the hope that it will be useful, but WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License for more details. - + */ /****h* silccrypt/SilcRNGAPI @@ -29,173 +26,309 @@ * in the SILC sessions. All key material and other sources needing random * numbers use this generator. * - * The RNG has a random pool of 1024 bytes of size that provides the actual - * random numbers for the application. The pool is initialized when the - * RNG is allocated and initialized with silc_rng_alloc and silc_rng_init - * functions, respectively. - * - * - * Random Pool Initialization - * - * The RNG's random pool is the source of all random output data. The pool is - * initialized with silc_rng_init and application can reseed it at any time - * by calling the silc_rng_add_noise function. - * - * The initializing phase attempts to set the random pool in a state that it - * is impossible to learn the input data to the RNG or any random output - * data. This is achieved by acquiring noise from various system sources. The - * first source is called to provide "soft noise". This noise is various - * data from system's processes. The second source is called to provide - * "medium noise". This noise is various output data from executed commands. - * Usually the commands are Unix `ps' and `ls' commands with various options. - * The last source is called to provide "hard noise" and is noise from - * system's /dev/random, if it exists. - * - * - * Stirring the Random Pool - * - * Every time data is acquired from any source, the pool is stirred. The - * stirring process performs an CFB (cipher feedback) encryption with SHA1 - * algorithm to the entire random pool. First it acquires an IV (Initial - * Vector) from the constant (random) location of the pool and performs - * the first CFB pass. Then it acquires a new encryption key from variable - * location of the pool and performs the second CFB pass. The encryption - * key thus is always acquired from unguessable data. - * - * The encryption process to the entire random pool assures that it is - * impossible to learn the input data to the random pool without breaking the - * encryption process. This would effectively mean breaking the SHA1 hash - * function. The encryption process also assures that each random output from - * the random pool is secured with cryptographically strong function, the - * SHA1 in this case. - * - * The random pool can be restirred by the application at any point by - * calling the silc_rng_add_noise function. This function adds new noise to - * the pool and then stirs the entire pool. - * - * - * Stirring Threshholds - * - * The random pool has two threshholds that controls when the random pool - * needs more new noise and requires restirring. As previously mentioned, the - * application may do this by calling the silc_rng_add_noise. However, the - * RNG performs this also automatically. - * - * The first threshhold gets soft noise from system and stirs the random pool. - * The threshhold is reached after 64 bits of random data has been fetched - * from the RNG. After the 64 bits, the soft noise acquiring and restirring - * process is performed every 8 bits of random output data until the second - * threshhold is reached. - * - * The second threshhold gets hard noise from system and stirs the random - * pool. The threshhold is reached after 160 bits of random output. After the - * noise is acquired (from /dev/urandom) the random pool is stirred and the - * threshholds are set to zero. The process is repeated again after 64 bits of - * output for first threshhold and after 160 bits of output for the second - * threshhold. - * - * - * Internal State of the Random Pool - * - * The random pool has also internal state that provides several variable - * distinct points to the random pool where the data is fetched. The state - * changes every 8 bits of output data and it is guaranteed that the fetched - * 8 bits of data is from distinct location compared to the previous 8 bits. - * It is also guaranteed that the internal state never wraps before - * restirring the entire random pool. The internal state means that the data - * is not fetched linearly from the pool, eg. starting from zero and wrapping - * at the end of the pool. The internal state is not dependent of any random - * data in the pool. The internal states are initialized (by default the pool - * is splitted to four different sections (states)) at the RNG - * initialization phase. The state's current position is added linearly and - * wraps at the the start of the next state. The states provides the distinct - * locations. - * - * - * Security Considerations - * - * The security of this random number generator, like of any other RNG's, - * depends of the initial state of the RNG. The initial state of the random - * number generators must be unknown to an adversary. This means that after - * the RNG is initialized it is required that the input data to the RNG and - * the output data to the application has no correlation of any kind that - * could be used to compromise the acquired random numbers or any future - * random numbers. - * - * It is, however, clear that the correlation exists but it needs to be - * hard to solve for an adversary. To accomplish this the input data to the - * random number generator needs to be secret. Usually this is impossible to - * achieve. That is why SILC's RNG acquires the noise from three different - * sources and provides for the application an interface to add more noise at - * any time. The first source ("soft noise") is known to the adversary but - * requires exact timing to get all of the input data. However, getting only - * partial data is easy. The second source ("medium noise") depends on the - * place of execution of the application. Getting at least partial data is - * easy but securing for example the user's home directory from outside access - * makes it harder. The last source ("hard noise") is considered to be the - * most secure source of data. An adversary is not considered to have any - * access on this data. This of course greatly depends on the operating system. - * - * These three sources are considered to be adequate since the random pool is - * relatively large and the output of each bit of the random pool is secured - * by cryptographically secure function, the SHA1 in CFB mode encryption. - * Furthermore the application may provide other random data, such as random - * key strokes or mouse movement to the RNG. However, it is recommended that - * the application would not be the single point of source for the RNG, in - * either intializing or reseeding phases later in the session. Good solution - * is probably to use both, the application's seeds and the RNG's own - * sources, equally. - * - * The RNG must also assure that any old or future random numbers are not - * compromised if an adversary would learn the initial input data (or any - * input data for that matter). The SILC's RNG provides good protection for - * this even if the some of the input bits would be compromised for old or - * future random numbers. The RNG reinitalizes (reseeds) itself using the - * threshholds after every 64 and 160 bits of output. This is considered to be - * adequate even if some of the bits would get compromised. Also, the - * applications that use the RNG usually fetches at least 256 bits from the - * RNG. This means that everytime RNG is accessed both of the threshholds are - * reached. This should mean that the RNG is never too long in an compromised - * state and recovers as fast as possible. - * - * Currently the SILC's RNG does not use random seed files to store some - * random data for future initializing. This is important and must be - * implemented in the future. - * - * The caller must be cautios when using this RNG with native WIN32 system. - * The RNG most likely is impossible to set in unguessable state just by - * using the RNG's input data sources. On WIN32 it is stronly suggested - * that caller would add more random noise after the initialization of the - * RNG using the silc_rng_add_noise function. For example, random mouse - * movements may be used. + * The interface provides functions for retrieving different size of + * random number and arbitrary length of random data buffers. The interface + * also defines Global RNG API which makes it possible to call any + * RNG API function without specific RNG context. * ***/ #ifndef SILCRNG_H #define SILCRNG_H -/* Forward declaration. Actual object is in source file. */ -typedef struct SilcRngObjectStruct *SilcRng; +/****s* silccrypt/SilcRNGAPI/SilcRng + * + * NAME + * + * typedef struct SilcRngStruct *SilcRng; + * + * DESCRIPTION + * + * This context is the actual Random Number Generator and is allocated + * by silc_rng_alloc and given as argument usually to all silc_rng_* + * functions. It is freed by the silc_rng_free function. The RNG is + * initialized by calling the silc_rng_init function. + * + ***/ +typedef struct SilcRngStruct *SilcRng; /* Prototypes */ -SilcRng silc_rng_alloc(); + +/****f* silccrypt/SilcRNGAPI/silc_rng_alloc + * + * SYNOPSIS + * + * SilcRng silc_rng_alloc(void); + * + * DESCRIPTION + * + * Allocates new SILC random number generator and returns context to + * it. After the RNG is allocated it must be initialized by calling + * silc_rng_init before it actually can be used to produce any random + * number. This function returns NULL if RNG could not allocated. + * + ***/ +SilcRng silc_rng_alloc(void); + +/****f* silccrypt/SilcRNGAPI/silc_rng_free + * + * SYNOPSIS + * + * void silc_rng_free(SilcRng rng); + * + * DESCRIPTION + * + * Frees the random number generator and destroys the random number + * pool. + * + ***/ void silc_rng_free(SilcRng rng); + +/****f* silccrypt/SilcRNGAPI/silc_rng_init + * + * SYNOPSIS + * + * void silc_rng_init(SilcRng rng); + * + * DESCRIPTION + * + * This function is used to initialize the random number generator. + * This is the function that must be called after the RNG is allocated + * by calling silc_rng_alloc. RNG cannot be used before this function + * is called. + * + * NOTES + * + * This function may be slow since it will acquire secret noise from + * the environment in an attempt to set the RNG in unguessable state. + * + ***/ void silc_rng_init(SilcRng rng); -unsigned char silc_rng_get_byte(SilcRng rng); + +/****f* silccrypt/SilcRNGAPI/silc_rng_get_byte + * + * SYNOPSIS + * + * uint8 silc_rng_get_byte(SilcRng rng); + * + * DESCRIPTION + * + * Returns one 8-bit random byte from the random number generator. + * + ***/ +uint8 silc_rng_get_byte(SilcRng rng); + +/****f* silccrypt/SilcRNGAPI/silc_rng_get_rn16 + * + * SYNOPSIS + * + * uint16 silc_rng_get_rn16(SilcRng rng); + * + * DESCRIPTION + * + * Returns one 16-bit random number from the random number generator. + * + ***/ uint16 silc_rng_get_rn16(SilcRng rng); + +/****f* silccrypt/SilcRNGAPI/silc_rng_get_rn32 + * + * SYNOPSIS + * + * uint32 silc_rng_get_rn32(SilcRng rng); + * + * DESCRIPTION + * + * Returns one 32-bit random number from the random number generator. + * + ***/ uint32 silc_rng_get_rn32(SilcRng rng); + +/****f* silccrypt/SilcRNGAPI/silc_rng_get_rn_string + * + * SYNOPSIS + * + * unsigned char *silc_rng_get_rn_string(SilcRng rng, uint32 len); + * + * DESCRIPTION + * + * Returns random string in HEX form of the length of `len' bytes. + * The caller must free returned data buffer. + * + ***/ unsigned char *silc_rng_get_rn_string(SilcRng rng, uint32 len); + +/****f* silccrypt/SilcRNGAPI/silc_rng_get_rn_data + * + * SYNOPSIS + * + * unsigned char *silc_rng_get_rn_data(SilcRng rng, uint32 len); + * + * DESCRIPTION + * + * Returns random binary data of the length of `len' bytes. The + * caller must free returned data buffer. + * + ***/ unsigned char *silc_rng_get_rn_data(SilcRng rng, uint32 len); + +/****f* silccrypt/SilcRNGAPI/silc_rng_add_noise + * + * SYNOPSIS + * + * void silc_rng_add_noise(SilcRng rng, unsigned char *buffer, uint32 len); + * + * DESCRIPTION + * + * Add the data buffer indicated by `buffer' of length of `len' bytes + * as noise to the random number generator. The random number generator + * is restirred (reseeded) when this function is called. + * + ***/ void silc_rng_add_noise(SilcRng rng, unsigned char *buffer, uint32 len); -int silc_rng_global_init(SilcRng rng); -int silc_rng_global_uninit(); -unsigned char silc_rng_global_get_byte(); -unsigned char silc_rng_global_get_byte_fast(); -uint16 silc_rng_global_get_rn16(); -uint32 silc_rng_global_get_rn32(); +/****f* silccrypt/SilcRNGAPI/silc_rng_global_init + * + * SYNOPSIS + * + * bool silc_rng_global_init(SilcRng rng); + * + * DESCRIPTION + * + * This function sets the `rng' if non-NULL as global RNG context. + * When any of the silc_rng_global_* functions is called the `rng' is + * used as RNG. If `rng' is NULL this will allocate new RNG as global + * RNG. The application in this case must free it later by calling + * silc_rng_global_uninit. Returns TRUE after Global RNG is initialized. + * + * NOTES + * + * If `rng' was non-NULL, the silc_rng_init must have been called for + * the `rng' already. + * + * This function can be used to define the `rng' as global RNG and then + * use silc_rng_global_* functions easily without need to provide + * the RNG as argument. + * + ***/ +bool silc_rng_global_init(SilcRng rng); + +/****f* silccrypt/SilcRNGAPI/silc_rng_global_uninit + * + * SYNOPSIS + * + * bool silc_rng_global_uninit(void); + * + * DESCRIPTION + * + * Uninitialized the Global RNG object and frees it. This should not + * be called if silc_rng_global_init was called with non-NULL RNG. + * + ***/ +bool silc_rng_global_uninit(void); + +/****f* silccrypt/SilcRNGAPI/silc_rng_global_get_byte + * + * SYNOPSIS + * + * uint8 silc_rng_global_get_byte(void); + * + * DESCRIPTION + * + * Returns one 8-bit random byte from the random number generator. + * + ***/ +uint8 silc_rng_global_get_byte(void); + +/****f* silccrypt/SilcRNGAPI/silc_rng_global_get_byte_fast + * + * SYNOPSIS + * + * uint8 silc_rng_global_get_byte_fast(void); + * + * DESCRIPTION + * + * Returns one 8-bit random byte from the random number generator as + * fast as possible. + * + * NOTES + * + * This will read the data from /dev/urandom if it is available in the + * operating system, since this may be faster than retrieving a byte + * from the SILC RNG. If /dev/urandom is not available this will take + * the byte from SILC RNG and is effectively same as silc_rng_get_byte. + * + ***/ +uint8 silc_rng_global_get_byte_fast(void); + +/****f* silccrypt/SilcRNGAPI/silc_rng_global_get_rn16 + * + * SYNOPSIS + * + * uint16 silc_rng_global_get_rn16(void); + * + * DESCRIPTION + * + * Returns one 16-bit random number from the random number generator. + * + ***/ +uint16 silc_rng_global_get_rn16(void); + +/****f* silccrypt/SilcRNGAPI/silc_rng_global_get_rn32 + * + * SYNOPSIS + * + * uint32 silc_rng_global_get_rn32(void); + * + * DESCRIPTION + * + * Returns one 32-bit random number from the random number generator. + * + ***/ +uint32 silc_rng_global_get_rn32(void); + +/****f* silccrypt/SilcRNGAPI/silc_rng_global_get_rn_string + * + * SYNOPSIS + * + * unsigned char *silc_rng_global_get_rn_string(uint32 len); + * + * DESCRIPTION + * + * Returns random string in HEX form of the length of `len' bytes. + * The caller must free returned data buffer. + * + ***/ unsigned char *silc_rng_global_get_rn_string(uint32 len); + +/****f* silccrypt/SilcRNGAPI/silc_rng_global_get_rn_data + * + * SYNOPSIS + * + * unsigned char *silc_rng_global_get_rn_data(uint32 len); + * + * DESCRIPTION + * + * Returns random binary data of the length of `len' bytes. The + * caller must free returned data buffer. + * + ***/ unsigned char *silc_rng_global_get_rn_data(uint32 len); + +/****f* silccrypt/SilcRNGAPI/silc_rng_global_add_noise + * + * SYNOPSIS + * + * void silc_rng_global_add_noise(unsigned char *buffer, uint32 len); + * + * DESCRIPTION + * + * Add the data buffer indicated by `buffer' of length of `len' bytes + * as noise to the random number generator. The random number generator + * is restirred (reseeded) when this function is called. + * + ***/ + void silc_rng_global_add_noise(unsigned char *buffer, uint32 len); #endif -- 2.24.0