changeset 1748:34d9d3c022ce

Use Dropbear's random source rather than libtommath's platform
author Matt Johnston <matt@ucc.asn.au>
date Mon, 19 Oct 2020 22:49:19 +0800
parents ff51d5967e2d
children 32307118bc26
files crypto_desc.c libtommath/bn_mp_rand.c libtommath/tommath_class.h
diffstat 3 files changed, 15 insertions(+), 2 deletions(-) [+]
line wrap: on
line diff
--- a/crypto_desc.c	Mon Oct 19 21:38:20 2020 +0800
+++ b/crypto_desc.c	Mon Oct 19 22:49:19 2020 +0800
@@ -3,11 +3,18 @@
 #include "crypto_desc.h"
 #include "ltc_prng.h"
 #include "ecc.h"
+#include "dbrandom.h"
 
 #if DROPBEAR_LTC_PRNG
 	int dropbear_ltc_prng = -1;
 #endif
 
+/* Wrapper for libtommath */
+static mp_err dropbear_rand_source(void* out, size_t size) {
+	genrandom((unsigned char*)out, (unsigned int)size);
+	return MP_OKAY;
+}
+
 
 /* Register the compiled in ciphers.
  * This should be run before using any of the ciphers/hashes */
@@ -67,6 +74,8 @@
 	}
 #endif
 
+	mp_rand_source(dropbear_rand_source);
+
 #if DROPBEAR_ECC
 	ltc_mp = ltm_desc;
 	dropbear_ecc_fill_dp();
--- a/libtommath/bn_mp_rand.c	Mon Oct 19 21:38:20 2020 +0800
+++ b/libtommath/bn_mp_rand.c	Mon Oct 19 22:49:19 2020 +0800
@@ -3,11 +3,13 @@
 /* LibTomMath, multiple-precision integer library -- Tom St Denis */
 /* SPDX-License-Identifier: Unlicense */
 
-mp_err(*s_mp_rand_source)(void *out, size_t size) = s_mp_rand_platform;
+/* Dropbear sets this separately, avoid platform code */
+mp_err(*s_mp_rand_source)(void *out, size_t size) = NULL;
 
 void mp_rand_source(mp_err(*source)(void *out, size_t size))
 {
-   s_mp_rand_source = (source == NULL) ? s_mp_rand_platform : source;
+   /* Dropbear, don't reset to platform if source==NULL */
+   s_mp_rand_source = source;
 }
 
 mp_err mp_rand(mp_int *a, int digits)
--- a/libtommath/tommath_class.h	Mon Oct 19 21:38:20 2020 +0800
+++ b/libtommath/tommath_class.h	Mon Oct 19 22:49:19 2020 +0800
@@ -1316,6 +1316,8 @@
 #undef BN_S_MP_KARATSUBA_SQR_C
 #undef BN_S_MP_TOOM_MUL_C
 #undef BN_S_MP_TOOM_SQR_C
+/* Dropbear uses its own random source */
+#undef BN_S_MP_RAND_PLATFORM_C
 
 #include "dbmalloc.h"
 #define MP_MALLOC    m_malloc