Mercurial > dropbear

comparison random.c @ 149:ed9ca2a9705c

Find changesets by keywords (author, files, the commit message), revision number or hash, or revset expression.
Cleaned up the random code, use /dev/random by default, and remove the addrandom() function which wasn't used.
author Matt Johnston <matt@ucc.asn.au>
date Mon, 20 Dec 2004 13:11:15 +0000
parents b0316ce64e4b
children 4bd4fc8023bd
comparison
equal deleted inserted replaced
148:9a1dc9bc17d7 149:ed9ca2a9705c
36 36
37 #define INIT_SEED_SIZE 32 /* 256 bits */ 37 #define INIT_SEED_SIZE 32 /* 256 bits */
38 38
39 static void readrand(unsigned char* buf, unsigned int buflen); 39 static void readrand(unsigned char* buf, unsigned int buflen);
40 40
41 /* The basic setup is we read some data from DEV_URANDOM or PRNGD and hash it 41 /* The basic setup is we read some data from /dev/(u)random or prngd and hash it
42 * into hashpool. To read data, we hash together current hashpool contents, 42 * into hashpool. To read data, we hash together current hashpool contents,
43 * and a counter. We feed more data in by hashing the current pool and new 43 * and a counter. We feed more data in by hashing the current pool and new
44 * data into the pool. 44 * data into the pool.
45 * 45 *
46 * It is important to ensure that counter doesn't wrap around before we 46 * It is important to ensure that counter doesn't wrap around before we
51 static void readrand(unsigned char* buf, unsigned int buflen) { 51 static void readrand(unsigned char* buf, unsigned int buflen) {
52 52
53 int readfd; 53 int readfd;
54 unsigned int readpos; 54 unsigned int readpos;
55 int readlen; 55 int readlen;
56 #ifdef DROPBEAR_EGD 56 #ifdef DROPBEAR_PRNGD_SOCKET
57 struct sockaddr_un egdsock; 57 struct sockaddr_un egdsock;
58 char egdcmd[2]; 58 char egdcmd[2];
59 #endif 59 #endif
60 60
61 #ifdef DROPBEAR_DEV_URANDOM 61 #ifdef DROPBEAR_RANDOM_DEV
62 readfd = open(DEV_URANDOM, O_RDONLY); 62 readfd = open(DROPBEAR_RANDOM_DEV, O_RDONLY);
63 if (readfd < 0) { 63 if (readfd < 0) {
64 dropbear_exit("couldn't open random device"); 64 dropbear_exit("couldn't open random device");
65 } 65 }
66 #endif 66 #endif
67 67
68 #ifdef DROPBEAR_EGD 68 #ifdef DROPBEAR_PRNGD_SOCKET
69 memset((void*)&egdsock, 0x0, sizeof(egdsock)); 69 memset((void*)&egdsock, 0x0, sizeof(egdsock));
70 egdsock.sun_family = AF_UNIX; 70 egdsock.sun_family = AF_UNIX;
71 strlcpy(egdsock.sun_path, DROPBEAR_EGD_SOCKET, 71 strlcpy(egdsock.sun_path, DROPBEAR_EGD_SOCKET,
72 sizeof(egdsock.sun_path)); 72 sizeof(egdsock.sun_path));
73 73
103 } while (readpos < buflen); 103 } while (readpos < buflen);
104 104
105 close (readfd); 105 close (readfd);
106 } 106 }
107 107
108 /* initialise the prng from /dev/urandom or prngd */ 108 /* initialise the prng from /dev/(u)random or prngd */
109 void seedrandom() { 109 void seedrandom() {
110 110
111 unsigned char readbuf[INIT_SEED_SIZE]; 111 unsigned char readbuf[INIT_SEED_SIZE];
112 112
113 hash_state hs; 113 hash_state hs;
157 len -= copylen; 157 len -= copylen;
158 buf += copylen; 158 buf += copylen;
159 } 159 }
160 m_burn(hash, sizeof(hash)); 160 m_burn(hash, sizeof(hash));
161 } 161 }
162
163 /* Adds entropy to the PRNG state. As long as the hash is strong, then we
164 * don't need to worry about entropy being added "diluting" the current
165 * state - it should only make it stronger. */
166 void addrandom(unsigned char* buf, unsigned int len) {
167
168 hash_state hs;
169 if (!donerandinit) {
170 dropbear_exit("seedrandom not done");
171 }
172
173 sha1_init(&hs);
174 sha1_process(&hs, (void*)buf, len);
175 sha1_process(&hs, (void*)hashpool, sizeof(hashpool));
176 sha1_done(&hs, hashpool);
177 counter = 0;
178
179 }