First stab of PFS design work with PKC security -- may not implement in 1.0.3 but stubbing out.

This commit is contained in:
Adam Ierymenko 2015-05-14 17:41:05 -07:00
parent a8835cd8b3
commit e94518590d
4 changed files with 112 additions and 30 deletions

View file

@ -49,6 +49,7 @@
#include "Utils.hpp"
#include "Mutex.hpp"
#include "Salsa20.hpp"
namespace ZeroTier {
@ -152,6 +153,7 @@ void Utils::getSecureRandom(void *buf,unsigned int bytes)
static HCRYPTPROV cryptProvider = NULL;
static Mutex globalLock;
static Salsa20 s20;
Mutex::Lock _l(globalLock);
@ -161,12 +163,19 @@ void Utils::getSecureRandom(void *buf,unsigned int bytes)
exit(1);
return;
}
char s20key[32];
if (!CryptGenRandom(cryptProvider,(DWORD)sizeof(s20key),(BYTE *)s20key)) {
fprintf(stderr,"FATAL ERROR: Utils::getSecureRandom() CryptGenRandom failed!\r\n");
exit(1);
}
s20.init(s20key,256,s20key,8);
}
if (!CryptGenRandom(cryptProvider,(DWORD)bytes,(BYTE *)buf)) {
fprintf(stderr,"FATAL ERROR: Utils::getSecureRandom() CryptGenRandom failed!\r\n");
exit(1);
}
s20.encrypt(buf,buf,bytes);
#else // not __WINDOWS__