# HG changeset patch # User Matt Johnston # Date 1342704867 -28800 # Node ID c3de235d9506756bb247be031ee295212a7898a7 # Parent 650c41a4909a27578a5533a597058ac6bce25496 /dev/random blocks on busy servers too. diff -r 650c41a4909a -r c3de235d9506 gendss.c --- a/gendss.c Sat Jun 30 22:12:28 2012 +0800 +++ b/gendss.c Thu Jul 19 21:34:27 2012 +0800 @@ -57,7 +57,6 @@ m_mp_init_multi(key->p, key->q, key->g, key->y, key->x, NULL); seedrandom(); - seedstrongrandom(); getq(key); getp(key, size); diff -r 650c41a4909a -r c3de235d9506 genrsa.c --- a/genrsa.c Sat Jun 30 22:12:28 2012 +0800 +++ b/genrsa.c Thu Jul 19 21:34:27 2012 +0800 @@ -56,7 +56,6 @@ &pminus, &lcm, &qminus, NULL); seedrandom(); - seedstrongrandom(); if (mp_set_int(key->e, RSA_E) != MP_OKAY) { fprintf(stderr, "RSA generation failed\n"); diff -r 650c41a4909a -r c3de235d9506 random.c --- a/random.c Sat Jun 30 22:12:28 2012 +0800 +++ b/random.c Thu Jul 19 21:34:27 2012 +0800 @@ -155,24 +155,6 @@ #endif } -/* add entropy from the stronger, blocking source /dev/random. Only used - * for generating persistent private keys (RSA and DSS) */ -void seedstrongrandom() -{ - /* We assume that PRNGD is a strong source, so don't need to do anything here */ -#ifndef DROPBEAR_PRNGD_SOCKET - hash_state hs; - - sha1_process(&hs, (void*)hashpool, sizeof(hashpool)); - if (process_file(&hs, "/dev/random", INIT_SEED_SIZE, 0) - != DROPBEAR_SUCCESS) { - dropbear_exit("Failure reading random device %s", "/dev/random"); - } - - sha1_done(&hs, hashpool); -#endif -} - /* Initialise the prng from /dev/urandom or prngd. This function can * be called multiple times */ void seedrandom() { diff -r 650c41a4909a -r c3de235d9506 random.h --- a/random.h Sat Jun 30 22:12:28 2012 +0800 +++ b/random.h Thu Jul 19 21:34:27 2012 +0800 @@ -27,7 +27,6 @@ struct mp_int; -void seedstrongrandom(); void seedrandom(); void genrandom(unsigned char* buf, unsigned int len); void addrandom(char * buf, unsigned int len);