diff options
-rw-r--r-- | openpgp/src/autocrypt.rs | 6 | ||||
-rw-r--r-- | openpgp/src/crypto/aead.rs | 6 | ||||
-rw-r--r-- | openpgp/src/crypto/mod.rs | 9 | ||||
-rw-r--r-- | openpgp/src/crypto/s2k.rs | 3 | ||||
-rw-r--r-- | openpgp/src/crypto/symmetric.rs | 4 | ||||
-rw-r--r-- | openpgp/src/packet/key.rs | 5 | ||||
-rw-r--r-- | openpgp/src/packet/signature/mod.rs | 4 | ||||
-rw-r--r-- | openpgp/src/packet/skesk.rs | 5 | ||||
-rw-r--r-- | openpgp/src/serialize/stream.rs | 7 |
9 files changed, 21 insertions, 28 deletions
diff --git a/openpgp/src/autocrypt.rs b/openpgp/src/autocrypt.rs index 4eafab2c..e2176a35 100644 --- a/openpgp/src/autocrypt.rs +++ b/openpgp/src/autocrypt.rs @@ -400,17 +400,13 @@ impl AutocryptSetupMessage { // Generates a new passcode in "numeric9x4" format. fn passcode_gen() -> Password { - use nettle::{Random, Yarrow}; - // Generate a random passcode. // The passcode consists of 36 digits, which encode // approximately 119 bits of information. 120 bits = 15 // bytes. - let mut rng = Yarrow::default(); - let mut p_as_vec = vec![0; 15]; - rng.random(&mut p_as_vec[..]); + ::crypto::random(&mut p_as_vec[..]); let p = Password::from(p_as_vec); // Turn it into a 128-bit number. diff --git a/openpgp/src/crypto/aead.rs b/openpgp/src/crypto/aead.rs index b6ca09d3..2c16ffc0 100644 --- a/openpgp/src/crypto/aead.rs +++ b/openpgp/src/crypto/aead.rs @@ -754,8 +754,6 @@ mod tests { #[test] fn roundtrip() { use std::io::Cursor; - use nettle::{Random, Yarrow}; - let mut rng = Yarrow::default(); for sym_algo in [SymmetricAlgorithm::AES128, SymmetricAlgorithm::AES192, @@ -768,10 +766,10 @@ mod tests { let version = 1; let chunk_size = 64; let mut key = vec![0; sym_algo.key_size().unwrap()]; - rng.random(&mut key); + ::crypto::random(&mut key); let key: SessionKey = key.into(); let mut iv = vec![0; aead.iv_size().unwrap()]; - rng.random(&mut iv); + ::crypto::random(&mut iv); let mut ciphertext = Vec::new(); { diff --git a/openpgp/src/crypto/mod.rs b/openpgp/src/crypto/mod.rs index 5a6b06c0..6645ecdc 100644 --- a/openpgp/src/crypto/mod.rs +++ b/openpgp/src/crypto/mod.rs @@ -27,6 +27,13 @@ pub use self::asymmetric::{ KeyPair, }; +/// Fills the given buffer with random data. +pub fn random<B: AsMut<[u8]>>(mut buf: B) { + use std::cell::RefCell; + thread_local!(static RNG: RefCell<Yarrow> = Default::default()); + RNG.with(|rng| rng.borrow_mut().random(buf.as_mut())); +} + /// Holds a session key. /// /// The session key is cleared when dropped. @@ -37,7 +44,7 @@ impl SessionKey { /// Creates a new session key. pub fn new(size: usize) -> Self { let mut sk: mem::Protected = vec![0; size].into(); - Yarrow::default().random(&mut sk); + random(&mut sk); Self(sk) } diff --git a/openpgp/src/crypto/s2k.rs b/openpgp/src/crypto/s2k.rs index b3e099e2..b2b95f68 100644 --- a/openpgp/src/crypto/s2k.rs +++ b/openpgp/src/crypto/s2k.rs @@ -14,7 +14,6 @@ use crypto::SessionKey; use std::fmt; -use nettle::{Yarrow, Random}; use quickcheck::{Arbitrary, Gen}; use rand::Rng; @@ -57,7 +56,7 @@ pub enum S2K { impl Default for S2K { fn default() -> Self { let mut salt = [0u8; 8]; - Yarrow::default().random(&mut salt); + ::crypto::random(&mut salt); S2K::Iterated { // SHA2-256, being optimized for implementations on // architectures with a word size of 32 bit, has a more diff --git a/openpgp/src/crypto/symmetric.rs b/openpgp/src/crypto/symmetric.rs index d2a94b15..32183163 100644 --- a/openpgp/src/crypto/symmetric.rs +++ b/openpgp/src/crypto/symmetric.rs @@ -583,8 +583,6 @@ mod tests { #[test] fn roundtrip() { use std::io::Cursor; - use nettle::{Random, Yarrow}; - let mut rng = Yarrow::default(); for algo in [SymmetricAlgorithm::TripleDES, SymmetricAlgorithm::CAST5, @@ -597,7 +595,7 @@ mod tests { SymmetricAlgorithm::Camellia192, SymmetricAlgorithm::Camellia256].iter() { let mut key = vec![0; algo.key_size().unwrap()]; - rng.random(&mut key); + ::crypto::random(&mut key); let mut ciphertext = Vec::new(); { diff --git a/openpgp/src/packet/key.rs b/openpgp/src/packet/key.rs index e181bacc..5237079e 100644 --- a/openpgp/src/packet/key.rs +++ b/openpgp/src/packet/key.rs @@ -6,7 +6,7 @@ use std::cmp::Ordering; use time; use Error; -use crypto::{mem::Protected, mpis, hash::Hash, KeyPair}; +use crypto::{self, mem::Protected, mpis, hash::Hash, KeyPair}; use packet::Tag; use packet; use Packet; @@ -660,7 +660,6 @@ impl Unencrypted { -> Result<Encrypted> { use std::io::Write; use crypto::symmetric::Encryptor; - use nettle::{Random, Yarrow}; let s2k = S2K::default(); let algo = SymmetricAlgorithm::AES256; @@ -668,7 +667,7 @@ impl Unencrypted { // Ciphertext is preceded by a random block. let mut trash = vec![0u8; algo.block_size()?]; - Yarrow::default().random(&mut trash); + crypto::random(&mut trash); let mut esk = Vec::new(); { diff --git a/openpgp/src/packet/signature/mod.rs b/openpgp/src/packet/signature/mod.rs index 255ee7c7..51667b35 100644 --- a/openpgp/src/packet/signature/mod.rs +++ b/openpgp/src/packet/signature/mod.rs @@ -930,8 +930,8 @@ impl From<Signature4> for super::Signature { #[cfg(test)] mod test { - use nettle::{Random, Yarrow}; use super::*; + use crypto; use crypto::mpis::MPI; use TPK; use parse::Parse; @@ -1080,7 +1080,7 @@ mod test { fn sign_verify() { let hash_algo = HashAlgorithm::SHA512; let mut hash = vec![0; hash_algo.context().unwrap().digest_size()]; - Yarrow::default().random(&mut hash); + crypto::random(&mut hash); for key in &[ "testy-private.pgp", diff --git a/openpgp/src/packet/skesk.rs b/openpgp/src/packet/skesk.rs index ba5bac71..cbc95243 100644 --- a/openpgp/src/packet/skesk.rs +++ b/openpgp/src/packet/skesk.rs @@ -9,9 +9,8 @@ use std::ops::{Deref, DerefMut}; use quickcheck::{Arbitrary, Gen}; -use nettle::{Random, Yarrow}; - use Result; +use crypto; use crypto::s2k::S2K; use Error; use constants::{ @@ -282,7 +281,7 @@ impl SKESK5 { // Derive key and make a cipher. let key = s2k.derive_key(password, cipher.key_size()?)?; let mut iv = vec![0u8; aead.iv_size()?]; - Yarrow::default().random(&mut iv); + crypto::random(&mut iv); let mut ctx = aead.context(cipher, &key, &iv)?; // Prepare associated data. diff --git a/openpgp/src/serialize/stream.rs b/openpgp/src/serialize/stream.rs index 483fc1c2..c715bf2b 100644 --- a/openpgp/src/serialize/stream.rs +++ b/openpgp/src/serialize/stream.rs @@ -13,7 +13,6 @@ use std::fmt; use std::io::{self, Write}; use std::iter; use time; -use nettle::{Yarrow, Random}; use { crypto, @@ -924,8 +923,6 @@ impl<'a> Encryptor<'a> { "Neither recipient keys nor passwords given".into()).into()); } - let mut rng = Yarrow::default(); - struct AEADParameters { algo: AEADAlgorithm, chunk_size: usize, @@ -938,7 +935,7 @@ impl<'a> Encryptor<'a> { .unwrap_or(false) }) { let mut nonce = vec![0; AEADAlgorithm::EAX.iv_size()?]; - rng.random(&mut nonce); + crypto::random(&mut nonce); Some(AEADParameters { algo: AEADAlgorithm::EAX, // Must implement EAX. chunk_size: 4096, // A page, 3 per mille overhead. @@ -1062,7 +1059,7 @@ impl<'a> Encryptor<'a> { // Write the initialization vector, and the quick-check bytes. let mut iv = vec![0; algo.block_size()?]; - rng.random(&mut iv); + crypto::random(&mut iv); encryptor.write_all(&iv)?; encryptor.write_all(&iv[iv.len() - 2..])?; |