1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
|
/*
* rand.go - Reader used to generate secure random data for fscrypt.
*
* Copyright 2017 Google Inc.
* Author: Joe Richey (joerichey@google.com)
*
* Licensed under the Apache License, Version 2.0 (the "License"); you may not
* use this file except in compliance with the License. You may obtain a copy of
* the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
* WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
* License for the specific language governing permissions and limitations under
* the License.
*/
package crypto
import (
"io"
"github.com/pkg/errors"
"golang.org/x/sys/unix"
)
// NewRandomBuffer uses the Linux Getrandom() syscall to create random bytes. If
// the operating system has insufficient randomness, the buffer creation will
// fail. This is an improvement over Go's built-in crypto/rand which will still
// return bytes if the system has insufficiency entropy.
// See: https://github.com/golang/go/issues/19274
//
// While this syscall was only introduced in Kernel v3.17, it predates the
// introduction of filesystem encryption, so it introduces no additional
// compatibility issues.
func NewRandomBuffer(length int) ([]byte, error) {
buffer := make([]byte, length)
if _, err := io.ReadFull(randReader{}, buffer); err != nil {
return nil, err
}
return buffer, nil
}
// NewRandomKey creates a random key of the specified length. This function uses
// the same random number generation process as NewRandomBuffer.
func NewRandomKey(length int) (*Key, error) {
return NewFixedLengthKeyFromReader(randReader{}, length)
}
// NewRandomPassphrase creates a random passphrase of the specified length
// containing random alphabetic characters.
func NewRandomPassphrase(length int) (*Key, error) {
chars := []byte("abcdefghijklmnopqrstuvwxyz")
passphrase, err := NewBlankKey(length)
if err != nil {
return nil, err
}
for i := 0; i < length; {
// Get some random bytes.
raw, err := NewRandomKey((length - i) * 2)
if err != nil {
return nil, err
}
// Translate the random bytes into random characters.
for _, b := range raw.data {
if int(b) >= 256-(256%len(chars)) {
// Avoid bias towards the first characters in the list.
continue
}
c := chars[int(b)%len(chars)]
passphrase.data[i] = c
i++
if i == length {
break
}
}
raw.Wipe()
}
return passphrase, nil
}
// randReader just calls into Getrandom, so no internal data is needed.
type randReader struct{}
func (r randReader) Read(buffer []byte) (int, error) {
n, err := unix.Getrandom(buffer, unix.GRND_NONBLOCK)
switch err {
case nil:
return n, nil
case unix.EAGAIN:
err = errors.New("insufficient entropy in pool")
case unix.ENOSYS:
err = errors.New("kernel must be v3.17 or later")
}
return 0, errors.Wrap(err, "getrandom() failed")
}
|
