Use predefined salt or one gathered via getrandom

meson.build

@@ -3,11 +3,21 @@ project('iridium', 'c',
   meson_version: '>= 0.40.0',
 )
 
+cc = meson.get_compiler('c')
+
 i18n = import('i18n')
 
 config_h = configuration_data()
 config_h.set_quoted('GETTEXT_PACKAGE', 'iridium')
 config_h.set_quoted('LOCALEDIR', join_paths(get_option('prefix'), get_option('localedir')))
+config_h.set('HAVE_LINUX_RANDOM_H', cc.has_header('linux/random.h'))
+
+salt = get_option('predefined_salt')
+
+if salt != ''
+  config_h.set('HAVE_PREDEFINED_SALT', true)
+  config_h.set_quoted('PREDEFINED_SALT', salt)
+endif
 
 configure_file(
   output: 'iridium-config.h',

meson_options.txt

@@ -0,0 +1,2 @@
+option('predefined_salt', type: 'string',
+       description: 'Hexlified salt for debugging purposes')

src/iridium-crypto.c

@@ -16,6 +16,14 @@
  * along with this program.  If not, see <http://www.gnu.org/licenses/>.
  */
 
+#include "iridium-config.h"
+
+#ifdef HAVE_LINUX_RANDOM_H
+#include <linux/random.h>
+#include <unistd.h>
+#include <sys/syscall.h>
+#endif
+
 #include <stdio.h>
 #include <string.h>
 #include <nettle/aes.h>
@@ -28,6 +36,9 @@
 IridiumAuthParams *
 iridium_crypto_auth_params_new (void)
 {
+#if defined(HAVE_LINUX_RANDOM_H) && !defined(HAVE_PREDEFINED_SALT)
+  guint8 salt[32];
+#endif
   IridiumAuthParams *params;
 
   params = g_new0 (IridiumAuthParams, 1);
@@ -35,7 +46,15 @@ iridium_crypto_auth_params_new (void)
   params->hash = IRIDIUM_CRYPTO_SF_HASH_SHA512;
   params->cost = 101000;
   params->key_size = 512;
-  params->salt = g_strdup ("FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF");
+
+#if defined(HAVE_PREDEFINED_SALT)
+  params->salt = g_strdup (PREDEFINED_SALT);
+#elif defined(HAVE_LINUX_RANDOM_H)
+  syscall(SYS_getrandom, salt, 32, 0);
+  params->salt = iridium_crypto_hexlify(salt, 32);
+#else
+#error "No random source other than getrandom() implemented yet"
+#endif
 
   return params;
 }