Hello,

I've added a cryptographic secure pseudo random number generator to git master.

It is located in src/core/random/fortuna. There are easy wrapper function available in src/core/random/cryptorand.h - this is the one that is easiest to use. Please use this if you need cryptographic secure random numbers in your module. The wrapper provides a similar API as fastrand or kam_rand:

/* seed the generator, will also use system randomness */ void cryptorand_seed(const unsigned int seed)

/* generate a 32 bit random number */ unsigned int cryptorand(void)

Motivation for this addition was the issue [1] related to the TLS module and openssl-1.1.

The implementation was based on libfortuna [2]. It was refactored to the Kamailio core and all not necessary parts were removed. It is seeded from the core at startup and also includes automatic time-based reseeding from kernel random sources.

As part of this implementation I also consolidated the existing crypto related code into a new directory: src/core/crypto. This way I could also get rid of the srutils library dependency for several modules.

This changes will not backported in this way to 5.3.0. There will be probably for 5.3. a dedicated copy of the necessary code to the TLS module.

If you notice any issues, please let me know.

Cheers,

Henning

[1] https://github.com/kamailio/kamailio/issues/2077

[2] https://github.com/henningw/libfortuna