/usr/share/doc/libgcrypt11-doc/html/Controlling-the-library.html is in libgcrypt11-doc 1.5.3-2ubuntu4.
This file is owned by root:root, with mode 0o644.
The actual contents of the file can be viewed below.
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 106 107 108 109 110 111 112 113 114 115 116 117 118 119 120 121 122 123 124 125 126 127 128 129 130 131 132 133 134 135 136 137 138 139 140 141 142 143 144 145 146 147 148 149 150 151 152 153 154 155 156 157 158 159 160 161 162 163 164 165 166 167 168 169 170 171 172 173 174 175 176 177 178 179 180 181 182 183 184 185 186 187 188 189 190 191 192 193 194 195 196 197 198 199 200 201 202 203 204 205 206 207 208 209 210 211 212 213 214 215 216 217 218 219 220 221 222 223 224 225 226 227 228 229 230 231 232 233 234 235 236 237 238 239 240 241 242 243 244 245 246 247 248 249 250 251 252 253 254 255 256 257 258 259 260 261 262 263 264 265 266 267 268 269 270 271 272 273 274 275 276 277 278 279 280 281 282 283 284 285 286 287 288 289 290 291 292 293 294 295 296 297 298 299 300 301 302 303 304 305 306 307 308 309 310 311 312 313 314 315 316 317 318 319 320 321 322 323 324 325 326 327 328 329 330 331 332 333 334 335 336 337 338 339 340 341 342 343 344 345 346 347 348 349 350 351 352 353 354 355 356 357 358 359 360 | <!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
<html>
<!-- This manual is for Libgcrypt
(version 1.5.3, 17 December 2013),
which is GNU's library of cryptographic building blocks.
Copyright (C) 2000, 2002, 2003, 2004, 2006, 2007, 2008, 2009, 2011 Free Software Foundation, Inc.
Permission is granted to copy, distribute and/or modify this document
under the terms of the GNU General Public License as published by the
Free Software Foundation; either version 2 of the License, or (at your
option) any later version. The text of the license can be found in the
section entitled "GNU General Public License". -->
<!-- Created by GNU Texinfo 5.2, http://www.gnu.org/software/texinfo/ -->
<head>
<title>The Libgcrypt Reference Manual: Controlling the library</title>
<meta name="description" content="The Libgcrypt Reference Manual: Controlling the library">
<meta name="keywords" content="The Libgcrypt Reference Manual: Controlling the library">
<meta name="resource-type" content="document">
<meta name="distribution" content="global">
<meta name="Generator" content="makeinfo">
<meta http-equiv="Content-Type" content="text/html; charset=utf-8">
<link href="index.html#Top" rel="start" title="Top">
<link href="Concept-Index.html#Concept-Index" rel="index" title="Concept Index">
<link href="index.html#SEC_Contents" rel="contents" title="Table of Contents">
<link href="Generalities.html#Generalities" rel="up" title="Generalities">
<link href="Modules.html#Modules" rel="next" title="Modules">
<link href="Generalities.html#Generalities" rel="prev" title="Generalities">
<style type="text/css">
<!--
a.summary-letter {text-decoration: none}
blockquote.smallquotation {font-size: smaller}
div.display {margin-left: 3.2em}
div.example {margin-left: 3.2em}
div.indentedblock {margin-left: 3.2em}
div.lisp {margin-left: 3.2em}
div.smalldisplay {margin-left: 3.2em}
div.smallexample {margin-left: 3.2em}
div.smallindentedblock {margin-left: 3.2em; font-size: smaller}
div.smalllisp {margin-left: 3.2em}
kbd {font-style:oblique}
pre.display {font-family: inherit}
pre.format {font-family: inherit}
pre.menu-comment {font-family: serif}
pre.menu-preformatted {font-family: serif}
pre.smalldisplay {font-family: inherit; font-size: smaller}
pre.smallexample {font-size: smaller}
pre.smallformat {font-family: inherit; font-size: smaller}
pre.smalllisp {font-size: smaller}
span.nocodebreak {white-space:nowrap}
span.nolinebreak {white-space:nowrap}
span.roman {font-family:serif; font-weight:normal}
span.sansserif {font-family:sans-serif; font-weight:normal}
ul.no-bullet {list-style: none}
-->
</style>
</head>
<body lang="en" bgcolor="#FFFFFF" text="#000000" link="#0000FF" vlink="#800080" alink="#FF0000">
<a name="Controlling-the-library"></a>
<div class="header">
<p>
Next: <a href="Modules.html#Modules" accesskey="n" rel="next">Modules</a>, Up: <a href="Generalities.html#Generalities" accesskey="u" rel="up">Generalities</a> [<a href="index.html#SEC_Contents" title="Table of contents" rel="contents">Contents</a>][<a href="Concept-Index.html#Concept-Index" title="Index" rel="index">Index</a>]</p>
</div>
<hr>
<a name="Controlling-the-library-1"></a>
<h3 class="section">3.1 Controlling the library</h3>
<dl>
<dt><a name="index-gcry_005fcontrol"></a>Function: <em>gcry_error_t</em> <strong>gcry_control</strong> <em>(enum gcry_ctl_cmds <var>cmd</var>, ...)</em></dt>
<dd>
<p>This function can be used to influence the general behavior of
Libgcrypt in several ways. Depending on <var>cmd</var>, more
arguments can or have to be provided.
</p>
<dl compact="compact">
<dt><code>GCRYCTL_ENABLE_M_GUARD; Arguments: none</code></dt>
<dd><p>This command enables the built-in memory guard. It must not be used
to activate the memory guard after the memory management has already
been used; therefore it can ONLY be used before
<code>gcry_check_version</code>. Note that the memory guard is NOT used
when the user of the library has set his own memory management
callbacks.
</p>
</dd>
<dt><code>GCRYCTL_ENABLE_QUICK_RANDOM; Arguments: none</code></dt>
<dd><p>This command inhibits the use the very secure random quality level
(<code>GCRY_VERY_STRONG_RANDOM</code>) and degrades all request down to
<code>GCRY_STRONG_RANDOM</code>. In general this is not recommened. However,
for some applications the extra quality random Libgcrypt tries to create
is not justified and this option may help to get better performace.
Please check with a crypto expert whether this option can be used for
your application.
</p>
<p>This option can only be used at initialization time.
</p>
</dd>
<dt><code>GCRYCTL_DUMP_RANDOM_STATS; Arguments: none</code></dt>
<dd><p>This command dumps randum number generator related statistics to the
library’s logging stream.
</p>
</dd>
<dt><code>GCRYCTL_DUMP_MEMORY_STATS; Arguments: none</code></dt>
<dd><p>This command dumps memory managment related statistics to the library’s
logging stream.
</p>
</dd>
<dt><code>GCRYCTL_DUMP_SECMEM_STATS; Arguments: none</code></dt>
<dd><p>This command dumps secure memory manamgent related statistics to the
library’s logging stream.
</p>
</dd>
<dt><code>GCRYCTL_DROP_PRIVS; Arguments: none</code></dt>
<dd><p>This command disables the use of secure memory and drops the priviliges
of the current process. This command has not much use; the suggested way
to disable secure memory is to use <code>GCRYCTL_DISABLE_SECMEM</code> right
after initialization.
</p>
</dd>
<dt><code>GCRYCTL_DISABLE_SECMEM; Arguments: none</code></dt>
<dd><p>This command disables the use of secure memory. If this command is
used in FIPS mode, FIPS mode will be disabled and the function
<code>gcry_fips_mode_active</code> returns false. However, in Enforced FIPS
mode this command has no effect at all.
</p>
<p>Many applications do not require secure memory, so they should disable
it right away. This command should be executed right after
<code>gcry_check_version</code>.
</p>
</dd>
<dt><code>GCRYCTL_INIT_SECMEM; Arguments: int nbytes</code></dt>
<dd><p>This command is used to allocate a pool of secure memory and thus
enabling the use of secure memory. It also drops all extra privileges
the process has (i.e. if it is run as setuid (root)). If the argument
<var>nbytes</var> is 0, secure memory will be disabled. The minimum amount
of secure memory allocated is currently 16384 bytes; you may thus use a
value of 1 to request that default size.
</p>
</dd>
<dt><code>GCRYCTL_TERM_SECMEM; Arguments: none</code></dt>
<dd><p>This command zeroises the secure memory and destroys the handler. The
secure memory pool may not be used anymore after running this command.
If the secure memory pool as already been destroyed, this command has
no effect. Applications might want to run this command from their
exit handler to make sure that the secure memory gets properly
destroyed. This command is not necessarily thread-safe but that
should not be needed in cleanup code. It may be called from a signal
handler.
</p>
</dd>
<dt><code>GCRYCTL_DISABLE_SECMEM_WARN; Arguments: none</code></dt>
<dd><p>Disable warning messages about problems with the secure memory
subsystem. This command should be run right after
<code>gcry_check_version</code>.
</p>
</dd>
<dt><code>GCRYCTL_SUSPEND_SECMEM_WARN; Arguments: none</code></dt>
<dd><p>Postpone warning messages from the secure memory subsystem.
See <a href="Initializing-the-library.html#sample_002duse_002dsuspend_002dsecmem">the initialization example</a>, on how to
use it.
</p>
</dd>
<dt><code>GCRYCTL_RESUME_SECMEM_WARN; Arguments: none</code></dt>
<dd><p>Resume warning messages from the secure memory subsystem.
See <a href="Initializing-the-library.html#sample_002duse_002dresume_002dsecmem">the initialization example</a>, on how to
use it.
</p>
</dd>
<dt><code>GCRYCTL_USE_SECURE_RNDPOOL; Arguments: none</code></dt>
<dd><p>This command tells the PRNG to store random numbers in secure memory.
This command should be run right after <code>gcry_check_version</code> and not
later than the command GCRYCTL_INIT_SECMEM. Note that in FIPS mode the
secure memory is always used.
</p>
</dd>
<dt><code>GCRYCTL_SET_RANDOM_SEED_FILE; Arguments: const char *filename</code></dt>
<dd><p>This command specifies the file, which is to be used as seed file for
the PRNG. If the seed file is registered prior to initialization of the
PRNG, the seed file’s content (if it exists and seems to be valid) is
fed into the PRNG pool. After the seed file has been registered, the
PRNG can be signalled to write out the PRNG pool’s content into the seed
file with the following command.
</p>
</dd>
<dt><code>GCRYCTL_UPDATE_RANDOM_SEED_FILE; Arguments: none</code></dt>
<dd><p>Write out the PRNG pool’s content into the registered seed file.
</p>
<p>Multiple instances of the applications sharing the same random seed file
can be started in parallel, in which case they will read out the same
pool and then race for updating it (the last update overwrites earlier
updates). They will differentiate only by the weak entropy that is
added in read_seed_file based on the PID and clock, and up to 16 bytes
of weak random non-blockingly. The consequence is that the output of
these different instances is correlated to some extent. In a perfect
attack scenario, the attacker can control (or at least guess) the PID
and clock of the application, and drain the system’s entropy pool to
reduce the "up to 16 bytes" above to 0. Then the dependencies of the
inital states of the pools are completely known. Note that this is not
an issue if random of <code>GCRY_VERY_STRONG_RANDOM</code> quality is
requested as in this case enough extra entropy gets mixed. It is also
not an issue when using Linux (rndlinux driver), because this one
guarantees to read full 16 bytes from /dev/urandom and thus there is no
way for an attacker without kernel access to control these 16 bytes.
</p>
</dd>
<dt><code>GCRYCTL_SET_VERBOSITY; Arguments: int level</code></dt>
<dd><p>This command sets the verbosity of the logging. A level of 0 disables
all extra logging whereas positive numbers enable more verbose logging.
The level may be changed at any time but be aware that no memory
synchronization is done so the effect of this command might not
immediately show up in other threads. This command may even be used
prior to <code>gcry_check_version</code>.
</p>
</dd>
<dt><code>GCRYCTL_SET_DEBUG_FLAGS; Arguments: unsigned int flags</code></dt>
<dd><p>Set the debug flag bits as given by the argument. Be aware that that no
memory synchronization is done so the effect of this command might not
immediately show up in other threads. The debug flags are not
considered part of the API and thus may change without notice. As of
now bit 0 enables debugging of cipher functions and bit 1 debugging of
multi-precision-integers. This command may even be used prior to
<code>gcry_check_version</code>.
</p>
</dd>
<dt><code>GCRYCTL_CLEAR_DEBUG_FLAGS; Arguments: unsigned int flags</code></dt>
<dd><p>Set the debug flag bits as given by the argument. Be aware that that no
memory synchronization is done so the effect of this command might not
immediately show up in other threads. This command may even be used
prior to <code>gcry_check_version</code>.
</p>
</dd>
<dt><code>GCRYCTL_DISABLE_INTERNAL_LOCKING; Arguments: none</code></dt>
<dd><p>This command does nothing. It exists only for backward compatibility.
</p>
</dd>
<dt><code>GCRYCTL_ANY_INITIALIZATION_P; Arguments: none</code></dt>
<dd><p>This command returns true if the library has been basically initialized.
Such a basic initialization happens implicitly with many commands to get
certain internal subsystems running. The common and suggested way to
do this basic intialization is by calling gcry_check_version.
</p>
</dd>
<dt><code>GCRYCTL_INITIALIZATION_FINISHED; Arguments: none</code></dt>
<dd><p>This command tells the library that the application has finished the
intialization.
</p>
</dd>
<dt><code>GCRYCTL_INITIALIZATION_FINISHED_P; Arguments: none</code></dt>
<dd><p>This command returns true if the command<br>
GCRYCTL_INITIALIZATION_FINISHED has already been run.
</p>
</dd>
<dt><code>GCRYCTL_SET_THREAD_CBS; Arguments: struct ath_ops *ath_ops</code></dt>
<dd><p>This command registers a thread-callback structure.
See <a href="Multi_002dThreading.html#Multi_002dThreading">Multi-Threading</a>.
</p>
</dd>
<dt><code>GCRYCTL_FAST_POLL; Arguments: none</code></dt>
<dd><p>Run a fast random poll.
</p>
</dd>
<dt><code>GCRYCTL_SET_RNDEGD_SOCKET; Arguments: const char *filename</code></dt>
<dd><p>This command may be used to override the default name of the EGD socket
to connect to. It may be used only during initialization as it is not
thread safe. Changing the socket name again is not supported. The
function may return an error if the given filename is too long for a
local socket name.
</p>
<p>EGD is an alternative random gatherer, used only on systems lacking a
proper random device.
</p>
</dd>
<dt><code>GCRYCTL_PRINT_CONFIG; Arguments: FILE *stream</code></dt>
<dd><p>This command dumps information pertaining to the configuration of the
library to the given stream. If NULL is given for <var>stream</var>, the log
system is used. This command may be used before the intialization has
been finished but not before a <code>gcry_check_version</code>.
</p>
</dd>
<dt><code>GCRYCTL_OPERATIONAL_P; Arguments: none</code></dt>
<dd><p>This command returns true if the library is in an operational state.
This information makes only sense in FIPS mode. In contrast to other
functions, this is a pure test function and won’t put the library into
FIPS mode or change the internal state. This command may be used before
the intialization has been finished but not before a <code>gcry_check_version</code>.
</p>
</dd>
<dt><code>GCRYCTL_FIPS_MODE_P; Arguments: none</code></dt>
<dd><p>This command returns true if the library is in FIPS mode. Note, that
this is no indication about the current state of the library. This
command may be used before the intialization has been finished but not
before a <code>gcry_check_version</code>. An application may use this command or
the convenience macro below to check whether FIPS mode is actually
active.
</p>
<dl>
<dt><a name="index-gcry_005ffips_005fmode_005factive"></a>Function: <em>int</em> <strong>gcry_fips_mode_active</strong> <em>(void)</em></dt>
<dd>
<p>Returns true if the FIPS mode is active. Note that this is
implemented as a macro.
</p></dd></dl>
</dd>
<dt><code>GCRYCTL_FORCE_FIPS_MODE; Arguments: none</code></dt>
<dd><p>Running this command puts the library into FIPS mode. If the library is
already in FIPS mode, a self-test is triggered and thus the library will
be put into operational state. This command may be used before a call
to <code>gcry_check_version</code> and that is actually the recommended way to let an
application switch the library into FIPS mode. Note that Libgcrypt will
reject an attempt to switch to fips mode during or after the intialization.
</p>
</dd>
<dt><code>GCRYCTL_SET_ENFORCED_FIPS_FLAG; Arguments: none</code></dt>
<dd><p>Running this command sets the internal flag that puts the library into
the enforced FIPS mode during the FIPS mode initialization. This command
does not affect the library if the library is not put into the FIPS mode and
it must be used before any other libgcrypt library calls that initialize
the library such as <code>gcry_check_version</code>. Note that Libgcrypt will
reject an attempt to switch to the enforced fips mode during or after
the intialization.
</p>
</dd>
<dt><code>GCRYCTL_SELFTEST; Arguments: none</code></dt>
<dd><p>This may be used at anytime to have the library run all implemented
self-tests. It works in standard and in FIPS mode. Returns 0 on
success or an error code on failure.
</p>
</dd>
<dt><code>GCRYCTL_DISABLE_HWF; Arguments: const char *name</code></dt>
<dd>
<p>Libgcrypt detects certain features of the CPU at startup time. For
performace tests it is sometimes required not to use such a feature.
This option may be used to disabale a certain feature; i.e. Libgcrypt
behaves as if this feature has not been detected. Note that the
detection code might be run if the feature has been disabled. This
command must be used at initialization time; i.e. before calling
<code>gcry_check_version</code>.
</p>
</dd>
</dl>
</dd></dl>
<hr>
<div class="header">
<p>
Next: <a href="Modules.html#Modules" accesskey="n" rel="next">Modules</a>, Up: <a href="Generalities.html#Generalities" accesskey="u" rel="up">Generalities</a> [<a href="index.html#SEC_Contents" title="Table of contents" rel="contents">Contents</a>][<a href="Concept-Index.html#Concept-Index" title="Index" rel="index">Index</a>]</p>
</div>
</body>
</html>
|