From 4b2b0cc15d51d7916a939de06a7e83d8042211dc Mon Sep 17 00:00:00 2001 From: Max Date: Mon, 10 Jul 2017 14:32:48 +0200 Subject: Add function to generate random identifier The function is a wrapper on top of getrandom() (if available via glibc) or corresponding syscall. If neither is available than failure is always returned. It's intended to generate small random data good enough for session identifiers and keys. To generate long-term cryptographic keys it's better to use special crypto libraries (like GnuTLS for example) instead. As an example it's used to replace old insecure random number generator in osmo-auc-gen utility. Change-Id: I0241b814ea4c4ce1458f7ad76e31d390383c2048 Related: OS#1694 --- utils/osmo-auc-gen.c | 14 ++++++-------- 1 file changed, 6 insertions(+), 8 deletions(-) (limited to 'utils') diff --git a/utils/osmo-auc-gen.c b/utils/osmo-auc-gen.c index 1f5c8386..9d1215c8 100644 --- a/utils/osmo-auc-gen.c +++ b/utils/osmo-auc-gen.c @@ -34,6 +34,7 @@ #include #include +#include static void dump_triplets_dat(struct osmo_auth_vector *vec) { @@ -247,14 +248,11 @@ int main(int argc, char **argv) } if (!rand_is_set) { - int i; - printf("WARNING: We're using really weak random numbers!\n\n"); - srand(time(NULL)); - - for (i = 0; i < 4; ++i) { - uint32_t r; - r = rand(); - memcpy(&_rand[i*4], &r, 4); + rc = osmo_get_rand_id(_rand, 16); + if (rc < 0) { + fprintf(stderr, "\nError: unable to obtain secure random numbers: %s!\n", + strerror(-rc)); + exit(3); } } -- cgit v1.2.3