diff options
| author | Joe Richey joerichey@google.com <joerichey@google.com> | 2017-05-23 18:41:36 -0700 |
|---|---|---|
| committer | Joe Richey joerichey@google.com <joerichey@google.com> | 2017-05-31 12:37:35 -0700 |
| commit | bc66b8a56ee7ae4f703cf30502aff8b7d68953d0 (patch) | |
| tree | ed58e8e175e3edb86234df5772858adaffe9cab2 /crypto/rand.go | |
| parent | 44c2c7aeda3de09a405ed06aadacbc2c0c7f2a67 (diff) | |
crypto: tests, errors, and descriptor computation
This changes the crypto package so it now builds in light of the changes
to the util and metadata package. This commit also improves the error
handling, adds tests, and makes it so recovery keys now correspond to
Policy keys (as they are used to recover a directory in the absence of
any metadata).
The only feature addition here is the ability to compute descriptors.
For backwards compatibility, we keep the same descriptor algorithm used
before (double SHA512).
Change-Id: Ia2b53c6e85ce65c57595e6823d3c4c92219bc8dc
Diffstat (limited to 'crypto/rand.go')
| -rw-r--r-- | crypto/rand.go | 48 |
1 files changed, 27 insertions, 21 deletions
diff --git a/crypto/rand.go b/crypto/rand.go index d9d4cff..d2948d0 100644 --- a/crypto/rand.go +++ b/crypto/rand.go @@ -21,25 +21,35 @@ package crypto import ( "io" + "log" "golang.org/x/sys/unix" - - "fscrypt/util" ) -/* -RandReader uses the Linux Getrandom() syscall to read random bytes. If the -operating system has insufficient randomness, the read will fail. This is an -improvement over Go's built-in crypto/rand which will still return bytes if the -system has insufficiency entropy (https://github.com/golang/go/issues/19274). +// NewRandomBuffer uses the Linux Getrandom() syscall to create random bytes. If +// the operating system has insufficient randomness, the buffer creation will +// fail. This is an improvement over Go's built-in crypto/rand which will still +// return bytes if the system has insufficiency entropy. +// See: https://github.com/golang/go/issues/19274 +// +// While this syscall was only introduced in Kernel v3.17, it predates the +// introduction of filesystem encryption, so it introduces no additional +// compatibility issues. +func NewRandomBuffer(length int) ([]byte, error) { + buffer := make([]byte, length) + if _, err := io.ReadFull(randReader{}, buffer); err != nil { + return nil, err + } + return buffer, nil +} -While this syscall was only introduced in Kernel v3.17, it predates the -introduction of filesystem encryption, so it introduces no additional -compatibility issues. -*/ -var RandReader io.Reader = randReader{} +// NewRandomKey creates a random key of the specified length. This function uses +// the same random number generation process a NewRandomBuffer. +func NewRandomKey(length int) (*Key, error) { + return NewFixedLengthKeyFromReader(randReader{}, length) +} -// As we just call into Getrandom, no internal data is needed. +// randReader just calls into Getrandom, so no internal data is needed. type randReader struct{} func (r randReader) Read(buffer []byte) (int, error) { @@ -48,15 +58,11 @@ func (r randReader) Read(buffer []byte) (int, error) { case nil: return n, nil case unix.EAGAIN: - return 0, util.SystemErrorF("entropy pool not yet initialized") + return 0, ErrLowEntropy case unix.ENOSYS: - return 0, util.SystemErrorF("getrandom not implemented; kernel must be v3.17 or later") + return 0, ErrRandNotSupported default: - return 0, util.SystemErrorF("cannot get randomness: %v", err) + log.Printf("unix.Getrandom failed: %v", err) + return 0, ErrRandFailed } } - -// NewRandomKey creates a random key (from RandReader) of the specified length. -func NewRandomKey(length int) (*Key, error) { - return NewFixedLengthKeyFromReader(RandReader, length) -} |