Instead of accessing /dev/urandom use the getrandom syscall. This way we
do not have to keep the file open all the time.
This also fixes a compile error with glibc:
--------
px5g-mbedtls.c: In function '_urandom':
px5g-mbedtls.c:48:9: error: ignoring return value of 'read' declared with attribute 'warn_unused_result' [-Werror=unused-result]
48 | read(urandom_fd, out, len);
| ^~~~~~~~~~~~~~~~~~~~~~~~~~
cc1: all warnings being treated as errors
--------
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
*/
#include <sys/types.h>
*/
#include <sys/types.h>
#include <stdio.h>
#include <stdlib.h>
#include <stdio.h>
#include <stdlib.h>
#include <stdbool.h>
#include <mbedtls/bignum.h>
#include <stdbool.h>
#include <mbedtls/bignum.h>
+#include <mbedtls/entropy.h>
#include <mbedtls/x509_crt.h>
#include <mbedtls/ecp.h>
#include <mbedtls/rsa.h>
#include <mbedtls/x509_crt.h>
#include <mbedtls/ecp.h>
#include <mbedtls/rsa.h>
#define PX5G_COPY "Copyright (c) 2009 Steven Barth <steven@midlink.org>"
#define PX5G_LICENSE "Licensed under the GNU Lesser General Public License v2.1"
#define PX5G_COPY "Copyright (c) 2009 Steven Barth <steven@midlink.org>"
#define PX5G_LICENSE "Licensed under the GNU Lesser General Public License v2.1"
static char buf[16384];
static int _urandom(void *ctx, unsigned char *out, size_t len)
{
static char buf[16384];
static int _urandom(void *ctx, unsigned char *out, size_t len)
{
- read(urandom_fd, out, len);
+ ssize_t ret;
+
+ ret = getrandom(out, len, 0);
+ if (ret < 0 || (size_t)ret != len)
+ return MBEDTLS_ERR_ENTROPY_SOURCE_FAILED;
+
int main(int argc, char *argv[])
{
int main(int argc, char *argv[])
{
- urandom_fd = open("/dev/urandom", O_RDONLY);
-
if (!argv[1]) {
//Usage
} else if (!strcmp(argv[1], "eckey")) {
if (!argv[1]) {
//Usage
} else if (!strcmp(argv[1], "eckey")) {