changeset 689:c3de235d9506

/dev/random blocks on busy servers too.
author Matt Johnston <matt@ucc.asn.au>
date Thu, 19 Jul 2012 21:34:27 +0800
parents 650c41a4909a
children 4b47ff154ff6
files gendss.c genrsa.c random.c random.h
diffstat 4 files changed, 0 insertions(+), 21 deletions(-) [+]
line wrap: on
line diff
--- a/gendss.c	Sat Jun 30 22:12:28 2012 +0800
+++ b/gendss.c	Thu Jul 19 21:34:27 2012 +0800
@@ -57,7 +57,6 @@
 	m_mp_init_multi(key->p, key->q, key->g, key->y, key->x, NULL);
 	
 	seedrandom();
-	seedstrongrandom();
 	
 	getq(key);
 	getp(key, size);
--- a/genrsa.c	Sat Jun 30 22:12:28 2012 +0800
+++ b/genrsa.c	Thu Jul 19 21:34:27 2012 +0800
@@ -56,7 +56,6 @@
 			&pminus, &lcm, &qminus, NULL);
 
 	seedrandom();
-	seedstrongrandom();
 
 	if (mp_set_int(key->e, RSA_E) != MP_OKAY) {
 		fprintf(stderr, "RSA generation failed\n");
--- a/random.c	Sat Jun 30 22:12:28 2012 +0800
+++ b/random.c	Thu Jul 19 21:34:27 2012 +0800
@@ -155,24 +155,6 @@
 #endif
 }
 
-/* add entropy from the stronger, blocking source /dev/random. Only used
- * for generating persistent private keys (RSA and DSS) */
-void seedstrongrandom()
-{
-	/* We assume that PRNGD is a strong source, so don't need to do anything here */
-#ifndef DROPBEAR_PRNGD_SOCKET
-	hash_state hs;
-
-	sha1_process(&hs, (void*)hashpool, sizeof(hashpool));
-	if (process_file(&hs, "/dev/random", INIT_SEED_SIZE, 0) 
-			!= DROPBEAR_SUCCESS) {
-		dropbear_exit("Failure reading random device %s", "/dev/random");
-	}
-
-	sha1_done(&hs, hashpool);
-#endif
-}
-
 /* Initialise the prng from /dev/urandom or prngd. This function can
  * be called multiple times */
 void seedrandom() {
--- a/random.h	Sat Jun 30 22:12:28 2012 +0800
+++ b/random.h	Thu Jul 19 21:34:27 2012 +0800
@@ -27,7 +27,6 @@
 
 struct mp_int;
 
-void seedstrongrandom();
 void seedrandom();
 void genrandom(unsigned char* buf, unsigned int len);
 void addrandom(char * buf, unsigned int len);