Server IP : 103.119.228.120 / Your IP : 18.188.76.209 Web Server : Apache System : Linux v8.techscape8.com 3.10.0-1160.119.1.el7.tuxcare.els2.x86_64 #1 SMP Mon Jul 15 12:09:18 UTC 2024 x86_64 User : nobody ( 99) PHP Version : 5.6.40 Disable Function : shell_exec,symlink,system,exec,proc_get_status,proc_nice,proc_terminate,define_syslog_variables,syslog,openlog,closelog,escapeshellcmd,passthru,ocinum cols,ini_alter,leak,listen,chgrp,apache_note,apache_setenv,debugger_on,debugger_off,ftp_exec,dl,dll,myshellexec,proc_open,socket_bind,proc_close,escapeshellarg,parse_ini_filepopen,fpassthru,exec,passthru,escapeshellarg,escapeshellcmd,proc_close,proc_open,ini_alter,popen,show_source,proc_nice,proc_terminate,proc_get_status,proc_close,pfsockopen,leak,apache_child_terminate,posix_kill,posix_mkfifo,posix_setpgid,posix_setsid,posix_setuid,dl,symlink,shell_exec,system,dl,passthru,escapeshellarg,escapeshellcmd,myshellexec,c99_buff_prepare,c99_sess_put,fpassthru,getdisfunc,fx29exec,fx29exec2,is_windows,disp_freespace,fx29sh_getupdate,fx29_buff_prepare,fx29_sess_put,fx29shexit,fx29fsearch,fx29ftpbrutecheck,fx29sh_tools,fx29sh_about,milw0rm,imagez,sh_name,myshellexec,checkproxyhost,dosyayicek,c99_buff_prepare,c99_sess_put,c99getsource,c99sh_getupdate,c99fsearch,c99shexit,view_perms,posix_getpwuid,posix_getgrgid,posix_kill,parse_perms,parsesort,view_perms_color,set_encoder_input,ls_setcheckboxall,ls_reverse_all,rsg_read,rsg_glob,selfURL,dispsecinfo,unix2DosTime,addFile,system,get_users,view_size,DirFiles,DirFilesWide,DirPrintHTMLHeaders,GetFilesTotal,GetTitles,GetTimeTotal,GetMatchesCount,GetFileMatchesCount,GetResultFiles,fs_copy_dir,fs_copy_obj,fs_move_dir,fs_move_obj,fs_rmdir,SearchText,getmicrotime MySQL : ON | cURL : ON | WGET : ON | Perl : ON | Python : ON | Sudo : ON | Pkexec : ON Directory : /usr/local/ssl/include/bind9/isc/ |
Upload File : |
/* * Copyright (C) Internet Systems Consortium, Inc. ("ISC") * * This Source Code Form is subject to the terms of the Mozilla Public * License, v. 2.0. If a copy of the MPL was not distributed with this * file, You can obtain one at http://mozilla.org/MPL/2.0/. * * See the COPYRIGHT file distributed with this work for additional * information regarding copyright ownership. */ /* $Id: entropy.h,v 1.35 2009/10/19 02:37:08 marka Exp $ */ #ifndef ISC_ENTROPY_H #define ISC_ENTROPY_H 1 /***** ***** Module Info *****/ /*! \file isc/entropy.h * \brief The entropy API * * \li MP: * The entropy object is locked internally. All callbacks into * application-provided functions (for setup, gathering, and * shutdown of sources) are guaranteed to be called with the * entropy API lock held. This means these functions are * not permitted to call back into the entropy API. * * \li Reliability: * No anticipated impact. * * \li Resources: * A buffer, used as an entropy pool. * * \li Security: * While this code is believed to implement good entropy gathering * and distribution, it has not been reviewed by a cryptographic * expert. * Since the added entropy is only as good as the sources used, * this module could hand out bad data and never know it. * * \li Standards: * None. */ /*** *** Imports ***/ #include <stdio.h> #include <isc/lang.h> #include <isc/types.h> /*@{*/ /*% Entropy callback function. */ typedef isc_result_t (*isc_entropystart_t)(isc_entropysource_t *source, void *arg, isc_boolean_t blocking); typedef isc_result_t (*isc_entropyget_t)(isc_entropysource_t *source, void *arg, isc_boolean_t blocking); typedef void (*isc_entropystop_t)(isc_entropysource_t *source, void *arg); /*@}*/ /*** *** Flags. ***/ /*! * \brief * Extract only "good" data; return failure if there is not enough * data available and there are no sources which we can poll to get * data, or those sources are empty. * * */ #define ISC_ENTROPY_GOODONLY 0x00000001U /*! * \brief * Extract as much good data as possible, but if there isn't enough * at hand, return what is available. This flag only makes sense * when used with _GOODONLY. */ #define ISC_ENTROPY_PARTIAL 0x00000002U /*! * \brief * Block the task until data is available. This is contrary to the * ISC task system, where tasks should never block. However, if * this is a special purpose application where blocking a task is * acceptable (say, an offline zone signer) this flag may be set. * This flag only makes sense when used with _GOODONLY, and will * block regardless of the setting for _PARTIAL. */ #define ISC_ENTROPY_BLOCKING 0x00000004U /*! * \brief * Estimate the amount of entropy contained in the sample pool. * If this is not set, the source will be gathered and periodically * mixed into the entropy pool, but no increment in contained entropy * will be assumed. This flag only makes sense on sample sources. */ #define ISC_ENTROPYSOURCE_ESTIMATE 0x00000001U /* * For use with isc_entropy_usebestsource(). */ /*! * \brief * Use the keyboard as the only entropy source. */ #define ISC_ENTROPY_KEYBOARDYES 1 /*! * \brief * Never use the keyboard as an entropy source. */ #define ISC_ENTROPY_KEYBOARDNO 2 /*! * \brief * Use the keyboard as an entropy source only if opening the * random device fails. */ #define ISC_ENTROPY_KEYBOARDMAYBE 3 ISC_LANG_BEGINDECLS /*** *** Functions ***/ isc_result_t isc_entropy_create(isc_mem_t *mctx, isc_entropy_t **entp); /*!< * \brief Create a new entropy object. */ void isc_entropy_attach(isc_entropy_t *ent, isc_entropy_t **entp); /*!< * Attaches to an entropy object. */ void isc_entropy_detach(isc_entropy_t **entp); /*!< * \brief Detaches from an entropy object. */ isc_result_t isc_entropy_createfilesource(isc_entropy_t *ent, const char *fname); /*!< * \brief Create a new entropy source from a file. * * The file is assumed to contain good randomness, and will be mixed directly * into the pool with every byte adding 8 bits of entropy. * * The file will be put into non-blocking mode, so it may be a device file, * such as /dev/random. /dev/urandom should not be used here if it can * be avoided, since it will always provide data even if it isn't good. * We will make as much pseudorandom data as we need internally if our * caller asks for it. * * If we hit end-of-file, we will stop reading from this source. Callers * who require strong random data will get failure when our pool drains. * The file will never be opened/read again once EOF is reached. */ void isc_entropy_destroysource(isc_entropysource_t **sourcep); /*!< * \brief Removes an entropy source from the entropy system. */ isc_result_t isc_entropy_createsamplesource(isc_entropy_t *ent, isc_entropysource_t **sourcep); /*!< * \brief Create an entropy source that consists of samples. Each sample is * added to the source via isc_entropy_addsamples(), below. */ isc_result_t isc_entropy_createcallbacksource(isc_entropy_t *ent, isc_entropystart_t start, isc_entropyget_t get, isc_entropystop_t stop, void *arg, isc_entropysource_t **sourcep); /*!< * \brief Create an entropy source that is polled via a callback. * * This would * be used when keyboard input is used, or a GUI input method. It can * also be used to hook in any external entropy source. * * Samples are added via isc_entropy_addcallbacksample(), below. * _addcallbacksample() is the only function which may be called from * within an entropy API callback function. */ void isc_entropy_stopcallbacksources(isc_entropy_t *ent); /*!< * \brief Call the stop functions for callback sources that have had their * start functions called. */ /*@{*/ isc_result_t isc_entropy_addcallbacksample(isc_entropysource_t *source, isc_uint32_t sample, isc_uint32_t extra); isc_result_t isc_entropy_addsample(isc_entropysource_t *source, isc_uint32_t sample, isc_uint32_t extra); /*!< * \brief Add a sample to the sample source. * * The sample MUST be a timestamp * that increases over time, with the exception of wrap-around for * extremely high resolution timers which will quickly wrap-around * a 32-bit integer. * * The "extra" parameter is used only to add a bit more unpredictable * data. It is not used other than included in the hash of samples. * * When in an entropy API callback function, _addcallbacksource() must be * used. At all other times, _addsample() must be used. */ /*@}*/ isc_result_t isc_entropy_getdata(isc_entropy_t *ent, void *data, unsigned int length, unsigned int *returned, unsigned int flags); /*!< * \brief Extract data from the entropy pool. This may load the pool from various * sources. * * Do this by stiring the pool and returning a part of hash as randomness. * Note that no secrets are given away here since parts of the hash are * xored together before returned. * * Honor the request from the caller to only return good data, any data, * etc. */ void isc_entropy_putdata(isc_entropy_t *ent, void *data, unsigned int length, isc_uint32_t entropy); /*!< * \brief Add "length" bytes in "data" to the entropy pool, incrementing the * pool's entropy count by "entropy." * * These bytes will prime the pseudorandom portion even if no entropy is * actually added. */ void isc_entropy_stats(isc_entropy_t *ent, FILE *out); /*!< * \brief Dump some (trivial) stats to the stdio stream "out". */ unsigned int isc_entropy_status(isc_entropy_t *end); /* * Returns the number of bits the pool currently contains. This is just * an estimate. */ isc_result_t isc_entropy_usebestsource(isc_entropy_t *ectx, isc_entropysource_t **source, const char *randomfile, int use_keyboard); /*!< * \brief Use whatever source of entropy is best. * * Notes: *\li If "randomfile" is not NULL, open it with * isc_entropy_createfilesource(). * *\li If "randomfile" is NULL and the system's random device was detected * when the program was configured and built, open that device with * isc_entropy_createfilesource(). * *\li If "use_keyboard" is #ISC_ENTROPY_KEYBOARDYES, then always open * the keyboard as an entropy source (possibly in addition to * "randomfile" or the random device). * *\li If "use_keyboard" is #ISC_ENTROPY_KEYBOARDMAYBE, open the keyboard only * if opening the random file/device fails. A message will be * printed describing the need for keyboard input. * *\li If "use_keyboard" is #ISC_ENTROPY_KEYBOARDNO, the keyboard will * never be opened. * * Returns: *\li #ISC_R_SUCCESS if at least one source of entropy could be started. * *\li #ISC_R_NOENTROPY if use_keyboard is #ISC_ENTROPY_KEYBOARDNO and * there is no random device pathname compiled into the program. * *\li A return code from isc_entropy_createfilesource() or * isc_entropy_createcallbacksource(). */ ISC_LANG_ENDDECLS #endif /* ISC_ENTROPY_H */