Browse Source

Provide a RNG for libgfshare

The gfshare_ctx_free function of Libgfshare takes care of
randomizing the memory contents of its context before freeing it.
In order to do that, the gfshare_fill_rand global variable must
be initialized with a randomizing function.
master
Damien Goutte-Gattat 5 years ago
parent
commit
a091be51df
  1. 2
      README.md
  2. 20
      src/secret.c

2
README.md

@ -45,7 +45,7 @@ Gfsecret depends on the following libraries at compile-time:
- [libgfshare](http://www.digital-scurf.org/software/libgfshare), which
implements the secret sharing scheme proper (mandatory);
- [libgcrypt](http://www.gnupg.org/), for the SHA-256 implementation
(mandatory);
and random number generation (mandatory);
- [GIO](http://developer.gnome.org/gio/), to access shares stored on
external volumes (typically USB storage) (optional);
- [libmtp](http://libmtp.sourceforge.net/), to access shares stored on

20
src/secret.c

@ -22,6 +22,7 @@
#include "secret.h"
#include <stdio.h>
#include <stdlib.h>
#include <string.h>
@ -91,6 +92,19 @@
*
*/
/**
* Fills a buffer with random data.
* This function is used internally by libgfshare.
*
* @param buffer The buffer to fill.
* @param len The buffer size.
*/
static void
gfsec_fill_rand(unsigned char *buffer, unsigned int len)
{
gcry_randomize(buffer, len, GCRY_STRONG_RANDOM);
}
/**
* Initializes a new share object.
*
@ -445,6 +459,9 @@ gfsec_secret_combine(gfsec_secret_t *secret)
if ( ! (secret->data = malloc(secret->len)) )
return GFSEC_ERR_SYSTEM_ERROR;
if ( gfshare_fill_rand == NULL )
gfshare_fill_rand = gfsec_fill_rand;
if ( secret->full_share )
memcpy(secret->data, secret->full_share->data, secret->len);
else {
@ -520,6 +537,9 @@ gfsec_secret_split(gfsec_secret_t *secret, unsigned char threshold)
if ( threshold >= n )
return GFSEC_ERR_NOT_ENOUGH_SHARES;
if ( gfshare_fill_rand == NULL )
gfshare_fill_rand = gfsec_fill_rand;
for ( u = v = rc = 0; u < secret->n_shares && rc == 0; u++ ) {
share = secret->shares[u];

Loading…
Cancel
Save