summaryrefslogtreecommitdiff
path: root/openvpn/src/openvpn/crypto_polarssl.h
diff options
context:
space:
mode:
Diffstat (limited to 'openvpn/src/openvpn/crypto_polarssl.h')
-rw-r--r--openvpn/src/openvpn/crypto_polarssl.h21
1 files changed, 21 insertions, 0 deletions
diff --git a/openvpn/src/openvpn/crypto_polarssl.h b/openvpn/src/openvpn/crypto_polarssl.h
index 358483a9..bfabb91b 100644
--- a/openvpn/src/openvpn/crypto_polarssl.h
+++ b/openvpn/src/openvpn/crypto_polarssl.h
@@ -30,8 +30,10 @@
#ifndef CRYPTO_POLARSSL_H_
#define CRYPTO_POLARSSL_H_
+#include <polarssl/version.h>
#include <polarssl/cipher.h>
#include <polarssl/md.h>
+#include <polarssl/ctr_drbg.h>
/** Generic cipher key type %context. */
typedef cipher_info_t cipher_kt_t;
@@ -71,4 +73,23 @@ typedef md_context_t hmac_ctx_t;
#define SHA_DIGEST_LENGTH 20
#define DES_KEY_LENGTH 8
+/**
+ * Returns a singleton instance of the PolarSSL random number generator.
+ *
+ * For PolarSSL 1.1+, this is the CTR_DRBG random number generator. If it
+ * hasn't been initialised yet, the RNG will be initialised using the default
+ * entropy sources. Aside from the default platform entropy sources, an
+ * additional entropy source, the HAVEGE random number generator will also be
+ * added. During initialisation, a personalisation string will be added based
+ * on the time, the PID, and a pointer to the random context.
+ */
+ctr_drbg_context * rand_ctx_get();
+
+#ifdef ENABLE_PREDICTION_RESISTANCE
+/**
+ * Enable prediction resistance on the random number generator.
+ */
+void rand_ctx_enable_prediction_resistance();
+#endif
+
#endif /* CRYPTO_POLARSSL_H_ */
generated by cgit v1.2.3 (git 2.25.1) at 2024-07-10 16:21:57 +0000