Remove crypto_get_random() since it's been agreed that libsrtp should…

… not be used as a general purpose crypto library. The RNG provided by libsrtp is old and not current with the latest standards, such as SP800-90.
cisco · Nov 4, 2014 · 339b61d · 339b61d
1 parent c270245
commit 339b61d
Show file tree

Hide file tree

Showing 6 changed files with 3 additions and 264 deletions.
diff --git a/Makefile.in b/Makefile.in
@@ -31,7 +31,6 @@ runtest: build_table_apps test
 	test/roc_driver$(EXE) -v >/dev/null
 	test/replay_driver$(EXE) -v >/dev/null
 	test/dtls_srtp_driver$(EXE) >/dev/null
-	crypto/test/rand_gen_soak$(EXE) -v >/dev/null
 	cd test; $(abspath $(srcdir))/test/rtpw_test.sh >/dev/null	
 ifeq (1, $(USE_OPENSSL))
 	cd test; $(abspath $(srcdir))/test/rtpw_test_gcm.sh >/dev/null	
@@ -140,8 +139,8 @@ endif
 
 crypto_testapp = $(AES_CALC) crypto/test/cipher_driver$(EXE) \
 	crypto/test/datatypes_driver$(EXE) crypto/test/kernel_driver$(EXE) \
-	crypto/test/rand_gen$(EXE) crypto/test/sha1_driver$(EXE) \
-	crypto/test/stat_driver$(EXE) crypto/test/rand_gen_soak$(EXE)
+	crypto/test/sha1_driver$(EXE) \
+	crypto/test/stat_driver$(EXE) 
 
 testapp = $(crypto_testapp) test/srtp_driver$(EXE) test/replay_driver$(EXE) \
 	  test/roc_driver$(EXE) test/rdbx_driver$(EXE) test/rtpw$(EXE) \

diff --git a/crypto/Makefile.in b/crypto/Makefile.in
@@ -46,7 +46,7 @@ endif
 
 testapp = test/cipher_driver$(EXE) test/datatypes_driver$(EXE) \
 	  test/stat_driver$(EXE) test/sha1_driver$(EXE) \
-	  test/kernel_driver$(EXE) $(AES_CALC) test/rand_gen$(EXE) \
+	  test/kernel_driver$(EXE) $(AES_CALC) \
 	  test/env$(EXE)
 
 # data values used to test the aes_calc application for AES-128
@@ -73,7 +73,6 @@ endif
 	test/stat_driver$(EXE) >/dev/null
 	test/sha1_driver$(EXE) -v >/dev/null
 	test/kernel_driver$(EXE) -v >/dev/null
-	test/rand_gen$(EXE) -n 256 >/dev/null
 	@echo "crypto test applications passed."
 
 

diff --git a/crypto/include/crypto_kernel.h b/crypto/include/crypto_kernel.h
@@ -254,27 +254,4 @@ crypto_kernel_alloc_auth(auth_type_id_t id,
 err_status_t
 crypto_kernel_set_debug_module(char *mod_name, int v);
 
-/**
- * @brief writes a random octet string.
- *
- * The function call crypto_get_random(dest, len) writes len octets of
- * random data to the location to which dest points, and returns an
- * error code.  This error code @b must be checked, and if a failure is
- * reported, the data in the buffer @b must @b not be used.
- * 
- * @warning If the return code is not checked, then non-random
- *          data may be in the buffer.  This function will fail
- *          unless it is called after crypto_kernel_init().
- *
- * @return
- *     - err_status_ok    if no problems occured.
- *     - [other]          a problem occured, and no assumptions should
- *                        be made about the contents of the destination
- *                        buffer.
- *
- * @ingroup SRTP
- */
-err_status_t
-crypto_get_random(unsigned char *buffer, unsigned int length);
-
 #endif /* CRYPTO_KERNEL */
diff --git a/crypto/kernel/crypto_kernel.c b/crypto/kernel/crypto_kernel.c
@@ -584,15 +584,3 @@ crypto_kernel_set_debug_module(char *name, int on) {
 
   return err_status_fail;
 }
-
-err_status_t
-crypto_get_random(unsigned char *buffer, unsigned int length) {
-  if (crypto_kernel.state == crypto_kernel_state_secure)
-#ifdef OPENSSL
-    return rand_source_get_octet_string(buffer, length);
-#else
-    return ctr_prng_get_octet_string(buffer, length);
-#endif
-  else
-    return err_status_fail;
-}
diff --git a/crypto/test/rand_gen.c b/crypto/test/rand_gen.c
diff --git a/crypto/test/rand_gen_soak.c b/crypto/test/rand_gen_soak.c