build, lib, ipcpd, irmd: Add support for libgcrypt

This adds support for libgcrypt. If at least version 1.7.0 of
libgcrypt is present, it may be used for secure random number
generation and is used for hashing in the irmd/ipcp.

The hash definitions are moved to the internal hash.h header, and
defined independently of the hashes that are defined as part of the
directory policy for the normal IPCP. The translation is moved from
the IRMd to ipcpd/ipcp.h. The bootstrap call from the IRMd expects the
IPCP to return the correct hash algorithm with a dif_info struct,
which is in line with the behavior of the enroll call.

This also improves how some platform checks in the build system are
handled.

1 files changed, 6 insertions, 5 deletions

diff --git a/src/lib/random.c b/src/lib/random.c
index d6bde0f8..17973695 100644
--- a/src/lib/random.c
+++ b/src/lib/random.c
@@ -21,10 +21,13 @@
  * 02110-1301 USA
  */
 
+#include <ouroboros/config.h>
 #include <ouroboros/random.h>
 
 #if defined(HAVE_SYS_RANDOM)
 #include <sys/random.h>
+#elif defined(HAVE_LIBGCRYPT)
+#include <grypt.h>
 #elif defined(__FreeBSD__)
 #include <stdlib.h>
 #elif defined(HAVE_OPENSSL)
@@ -36,16 +39,14 @@ int random_buffer(void * buf,
                   size_t len)
 {
 #if defined(HAVE_SYS_RANDOM)
-        return getrandom(buf, len, GRND_NONBLOCK); /* also in glibc 2.25 */
+        return getrandom(buf, len, GRND_NONBLOCK); /* glibc 2.25 */
+#elif defined(HAVE_LIBGCRYPT)
+        return gcry_randomize(buf, len, GCRY_STRONG_RANDOM);
 #elif defined(__FreeBSD__)
         return arc4random_buf(buf, len);
 #elif defined(HAVE_OPENSSL)
         if (len > 0 && len < INT_MAX)
                 return RAND_bytes((unsigned char *) buf, (int) len);
         return -1;
-#else
-        (void) buf;
-        (void) len;
-        return -1;
 #endif
 }