#include <mLib/sub.h>
#include "arena.h"
-#include "blowfish-cbc.h"
#include "paranoia.h"
#define RAND__HACKS
#include "rand.h"
-#include "rmd160.h"
-#include "rmd160-hmac.h"
+
+#include "noise.h"
+
+#include "twofish-counter.h"
+#include "sha256.h"
+
+#define CIPHER_CTX twofish_counterctx
+#define CIPHER_INIT twofish_counterinit
+#define CIPHER_ENCRYPT twofish_counterencrypt
+#define CIPHER_IVSZ TWOFISH_BLKSZ
+#define CIPHER_KEYSZ TWOFISH_KEYSZ
+
+#define HASH_CTX sha256_ctx
+#define HASH_INIT sha256_init
+#define HASH sha256_hash
+#define HASH_DONE sha256_done
+#define HASH_SZ SHA256_HASHSZ
/*----- Static variables --------------------------------------------------*/
{ &gops },
{ { 0 }, 0, 0, 0,
{ 0 }, RAND_SECSZ, 0,
- { { 0xb7, 0xb0, 0xb4, 0xdb, 0x59, 0x75, 0x49, 0x32,
- 0x1a, 0x8d, 0x4b, 0x86, 0x3a, 0x38, 0xfd, 0x59,
- 0xc1, 0x63, 0x66, 0xd9 }, 64,
- { 0x91, 0x9a, 0xe6, 0xa1, 0x9d, 0x3a, 0x86, 0xef,
- 0xb2, 0xb9, 0xca, 0xfc, 0x26, 0xf8, 0xb1, 0x04,
- 0x4a, 0x41, 0xc4, 0x7a }, 64 },
- 0 }
+ { "Catacomb global random byte pool" },
+ &noise_source }
};
/*----- Macros ------------------------------------------------------------*/
r->irot = 0;
r->ibits = r->obits = 0;
r->o = RAND_SECSZ;
- r->s = 0;
- rmd160_hmacinit(&r->k, 0, 0);
+ r->s = &noise_source;
+ rand_key(r, 0, 0);
rand_gate(r);
}
void rand_key(rand_pool *r, const void *k, size_t sz)
{
+ HASH_CTX hc;
+ octet h[HASH_SZ];
+ static const char label[] = "Catacomb random pool key";
+
RAND_RESOLVE(r);
- rmd160_hmacinit(&r->k, k, sz);
+
+ assert(HASH_SZ >= RAND_KEYSZ);
+ HASH_INIT(&hc);
+ HASH(&hc, label, sizeof(label));
+ if (sz) HASH(&hc, k, sz);
+ HASH_DONE(&hc, h);
+ memcpy(r->k.k, h, RAND_KEYSZ);
}
/* --- @rand_add@ --- *
void rand_gate(rand_pool *r)
{
- octet mac[RMD160_HASHSZ];
+ octet h[HASH_SZ];
+ HASH_CTX hc;
+ CIPHER_CTX cc;
RAND_RESOLVE(r);
TIMER(r);
/* --- Hash up all the data in the pool --- */
- {
- rmd160_macctx mc;
-
- rmd160_macinit(&mc, &r->k);
- rmd160_machash(&mc, r->pool, sizeof(r->pool));
- rmd160_machash(&mc, r->buf, sizeof(r->buf));
- rmd160_macdone(&mc, mac);
- BURN(mc);
- }
+ HASH_INIT(&hc);
+ HASH(&hc, r->pool, RAND_POOLSZ);
+ HASH(&hc, r->buf, RAND_BUFSZ);
+ HASH_DONE(&hc, h);
+ BURN(hc);
/* --- Now mangle all of the data based on the hash --- */
- {
- blowfish_cbcctx bc;
-
- blowfish_cbcinit(&bc, mac, sizeof(mac), 0);
- blowfish_cbcencrypt(&bc, r->pool, r->pool, sizeof(r->pool));
- blowfish_cbcencrypt(&bc, r->buf, r->buf, sizeof(r->buf));
- BURN(bc);
- }
+ assert(CIPHER_KEYSZ <= HASH_SZ);
+ CIPHER_INIT(&cc, h, CIPHER_KEYSZ, 0);
+ CIPHER_ENCRYPT(&cc, r->pool, r->pool, RAND_POOLSZ);
+ CIPHER_ENCRYPT(&cc, r->buf, r->buf, RAND_BUFSZ);
+ BURN(cc);
/* --- Reset the various state variables --- */
void rand_stretch(rand_pool *r)
{
- octet mac[RMD160_HASHSZ];
+ octet h[HASH_SZ];
+ HASH_CTX hc;
+ CIPHER_CTX cc;
RAND_RESOLVE(r);
TIMER(r);
/* --- Hash up all the data in the buffer --- */
- {
- rmd160_macctx mc;
+ HASH_INIT(&hc);
+ HASH(&hc, r->pool, RAND_POOLSZ);
+ HASH(&hc, r->buf, RAND_BUFSZ);
+ HASH_DONE(&hc, h);
+ BURN(hc);
- rmd160_macinit(&mc, &r->k);
- rmd160_machash(&mc, r->pool, sizeof(r->pool));
- rmd160_machash(&mc, r->buf, sizeof(r->buf));
- rmd160_macdone(&mc, mac);
- BURN(mc);
- }
+ /* --- Now mangle the buffer based on the hash --- */
- /* --- Now mangle the buffer based on that hash --- */
-
- {
- blowfish_cbcctx bc;
-
- blowfish_cbcinit(&bc, mac, sizeof(mac), 0);
- blowfish_cbcencrypt(&bc, r->buf, r->buf, sizeof(r->buf));
- BURN(bc);
- }
+ assert(CIPHER_KEYSZ < HASH_SZ);
+ CIPHER_INIT(&cc, h, CIPHER_KEYSZ, 0);
+ CIPHER_ENCRYPT(&cc, r->buf, r->buf, RAND_BUFSZ);
+ BURN(cc);
/* --- Reset the various state variables --- */