From 4c79a6b345bbcf0383e8aa1204803ab4aa0034b8 Mon Sep 17 00:00:00 2001 From: Tom Yu Date: Wed, 8 Dec 2004 03:25:56 +0000 Subject: [PATCH] pullup from trunk ticket: 2755 version_fixed: 1.4 git-svn-id: svn://anonsvn.mit.edu/krb5/branches/krb5-1-4@16918 dc483132-0cff-0310-8789-dd5450dbe970 --- src/lib/crypto/ChangeLog | 14 +++++ src/lib/crypto/prng.c | 31 +++++------ src/lib/crypto/yarrow/ChangeLog | 25 +++++++++ src/lib/crypto/yarrow/yarrow.c | 94 ++++++++++++++++++++++++++------- src/lib/crypto/yarrow/ylock.h | 8 ++- 5 files changed, 135 insertions(+), 37 deletions(-) diff --git a/src/lib/crypto/ChangeLog b/src/lib/crypto/ChangeLog index baeeb800e..ddcca3230 100644 --- a/src/lib/crypto/ChangeLog +++ b/src/lib/crypto/ChangeLog @@ -1,8 +1,22 @@ +2004-11-17 Ken Raeburn + + * prng.c (do_yarrow_init): Move mutex initialization here. + (krb5int_prng_init): Don't do it here. + 2004-11-15 Sam Hartman * t_prng.expected t_prng.reseedtest-expected : Update expected PRNG test output and confirm that reseeds and gates happen correctly. +2004-10-29 Ken Raeburn + + * prng.c (yarrow_lock): Rename to krb5int_yarrow_lock via macro, + and change to be non-static. + (krb5int_prng_init): Call do_yarrow_init here. + (krb5_c_random_add_entropy): Don't call it here. Don't lock the + mutex, either. + (krb5_c_random_make_octets): Don't lock the mutex. + 2004-06-16 Ken Raeburn * Makefile.in (MAC_SUBDIRS): Don't set. diff --git a/src/lib/crypto/prng.c b/src/lib/crypto/prng.c index f9ea8696d..7656a23aa 100644 --- a/src/lib/crypto/prng.c +++ b/src/lib/crypto/prng.c @@ -31,7 +31,8 @@ #include "yarrow.h" static Yarrow_CTX y_ctx; static int inited, init_error; -static k5_mutex_t yarrow_lock = K5_MUTEX_PARTIAL_INITIALIZER; +#define yarrow_lock krb5int_yarrow_lock +k5_mutex_t yarrow_lock = K5_MUTEX_PARTIAL_INITIALIZER; /* Helper function to estimate entropy based on sample length * and where it comes from. @@ -56,9 +57,13 @@ entropy_estimate (unsigned int randsource, size_t length) return (0); } +static void do_yarrow_init(void); int krb5int_prng_init(void) { - return k5_mutex_finish_init(&yarrow_lock); + do_yarrow_init(); + if (init_error) + return KRB5_CRYPTO_INTERNAL; + return 0; } static void do_yarrow_init(void) @@ -66,6 +71,12 @@ static void do_yarrow_init(void) unsigned i; int yerr; + yerr = k5_mutex_finish_init(&yarrow_lock); + if (yerr) { + init_error = yerr; + return; + } + yerr = krb5int_yarrow_init (&y_ctx, NULL); if ((yerr != YARROW_OK) && (yerr != YARROW_NOT_SEEDED)) { init_error = yerr; @@ -95,21 +106,11 @@ krb5_c_random_add_entropy (krb5_context context, unsigned int randsource, if (yerr) return yerr; /* Now, finally, feed in the data. */ - yerr = k5_mutex_lock(&yarrow_lock); - if (yerr) - return yerr; - if (!inited) - do_yarrow_init(); - if (init_error) { - k5_mutex_unlock(&yarrow_lock); - return KRB5_CRYPTO_INTERNAL; - } yerr = krb5int_yarrow_input (&y_ctx, randsource, data->data, data->length, entropy_estimate (randsource, data->length)); - k5_mutex_unlock(&yarrow_lock); if (yerr != YARROW_OK) - return (KRB5_CRYPTO_INTERNAL); + return (KRB5_CRYPTO_INTERNAL); return (0); } @@ -124,16 +125,12 @@ krb5_c_random_make_octets(krb5_context context, krb5_data *data) { int yerr; assert (inited); - yerr = k5_mutex_lock(&yarrow_lock); - if (yerr) - return yerr; yerr = krb5int_yarrow_output (&y_ctx, data->data, data->length); if (yerr == YARROW_NOT_SEEDED) { yerr = krb5int_yarrow_reseed (&y_ctx, YARROW_SLOW_POOL); if (yerr == YARROW_OK) yerr = krb5int_yarrow_output (&y_ctx, data->data, data->length); } - k5_mutex_unlock(&yarrow_lock); if ( yerr != YARROW_OK) return (KRB5_CRYPTO_INTERNAL); return(0); diff --git a/src/lib/crypto/yarrow/ChangeLog b/src/lib/crypto/yarrow/ChangeLog index 40a60157b..f3e566664 100644 --- a/src/lib/crypto/yarrow/ChangeLog +++ b/src/lib/crypto/yarrow/ChangeLog @@ -1,7 +1,32 @@ +2004-11-22 Ken Raeburn + + * yarrow.c (yarrow_input_maybe_locking): Renamed from + yarrow_input_maybe_locking, made static. New argument indicates + whether or not to do locking. + (krb5int_yarrow_input): New wrapper function. + (yarrow_input_locked): New wrapper function. + (Yarrow_detect_fork): Call yarrow_input_locked. + 2004-11-15 Sam Hartman * ycipher.h: Use AES256 not 3des +2004-11-01 Ken Raeburn + + * yarrow.c (krb5int_yarrow_input, krb5int_yarrow_final): Don't + check for forking here. + (yarrow_output_locked): Split out from krb5int_yarrow_output, + without locking. + (krb5int_yarrow_output): Do locking and call yarrow_output_locked. + (yarrow_gate_locked): New function; uses yarrow_output_locked. + (krb5int_yarrow_output_Block): Use yarrow_gate_locked. + +2004-10-29 Ken Raeburn + + * ylock.h: Include k5-thread.h. + (krb5int_yarrow_lock): Declare. + (LOCK, UNLOCK): Define as macros using the k5_mutex_ macros. + 2004-06-04 Ken Raeburn * yarrow.c (yarrow_str_error): Now const. diff --git a/src/lib/crypto/yarrow/yarrow.c b/src/lib/crypto/yarrow/yarrow.c index c9f418896..a619c5b2e 100644 --- a/src/lib/crypto/yarrow/yarrow.c +++ b/src/lib/crypto/yarrow/yarrow.c @@ -121,6 +121,11 @@ static void krb5int_yarrow_init_Limits(Yarrow_CTX* y) PRNG state */ #ifdef YARROW_DETECT_FORK +static int +yarrow_input_locked( Yarrow_CTX* y, unsigned source_id, + const void *sample, + size_t size, size_t entropy_bits ); + static int Yarrow_detect_fork(Yarrow_CTX *y) { pid_t newpid; @@ -135,12 +140,12 @@ static int Yarrow_detect_fork(Yarrow_CTX *y) * Then we reseed. This doesn't really increase entropy, but does make the * streams distinct assuming we already have good entropy*/ y->pid = newpid; - TRY (krb5int_yarrow_input (y, 0, &newpid, - sizeof (newpid), 0)); - TRY (krb5int_yarrow_input (y, 0, &newpid, - sizeof (newpid), 0)); - TRY (krb5int_yarrow_reseed (y, YARROW_FAST_POOL)); - } + TRY (yarrow_input_locked (y, 0, &newpid, + sizeof (newpid), 0)); + TRY (yarrow_input_locked (y, 0, &newpid, + sizeof (newpid), 0)); + TRY (krb5int_yarrow_reseed (y, YARROW_FAST_POOL)); + } CATCH: EXCEP_RET; @@ -241,10 +246,11 @@ int krb5int_yarrow_init(Yarrow_CTX* y, const char *filename) EXCEP_RET; } -YARROW_DLL -int krb5int_yarrow_input( Yarrow_CTX* y, unsigned source_id, - const void* sample, - size_t size, size_t entropy_bits ) +static +int yarrow_input_maybe_locking( Yarrow_CTX* y, unsigned source_id, + const void* sample, + size_t size, size_t entropy_bits, + int do_lock ) { EXCEP_DECL; int ret; @@ -254,7 +260,6 @@ int krb5int_yarrow_input( Yarrow_CTX* y, unsigned source_id, size_t estimate; if (!y) { THROW( YARROW_BAD_ARG ); } - TRY( Yarrow_detect_fork( y ) ); if (source_id >= y->num_sources) { THROW( YARROW_BAD_SOURCE ); } @@ -265,8 +270,10 @@ int krb5int_yarrow_input( Yarrow_CTX* y, unsigned source_id, THROW( YARROW_BAD_SOURCE ); } - TRY( LOCK() ); - locked = 1; + if (do_lock) { + TRY( LOCK() ); + locked = 1; + } /* hash in the sample */ @@ -331,6 +338,24 @@ int krb5int_yarrow_input( Yarrow_CTX* y, unsigned source_id, EXCEP_RET; } +YARROW_DLL +int krb5int_yarrow_input( Yarrow_CTX* y, unsigned source_id, + const void* sample, + size_t size, size_t entropy_bits ) +{ + return yarrow_input_maybe_locking(y, source_id, sample, size, + entropy_bits, 1); +} + +static int +yarrow_input_locked( Yarrow_CTX* y, unsigned source_id, + const void *sample, + size_t size, size_t entropy_bits ) +{ + return yarrow_input_maybe_locking(y, source_id, sample, size, + entropy_bits, 0); +} + YARROW_DLL int krb5int_yarrow_new_source(Yarrow_CTX* y, unsigned* source_id) { @@ -395,7 +420,7 @@ static int krb5int_yarrow_output_Block( Yarrow_CTX* y, void* out ) if (y->out_count >= y->Pg) { y->out_count = 0; - TRY( krb5int_yarrow_gate( y ) ); + TRY( yarrow_gate_locked( y ) ); /* require new seed after reaching gates_limit */ @@ -478,11 +503,23 @@ int krb5int_yarrow_status( Yarrow_CTX* y, int *num_sources, unsigned *source_id, EXCEP_RET; } +static int yarrow_output_locked(Yarrow_CTX*, void*, size_t); + YARROW_DLL int krb5int_yarrow_output( Yarrow_CTX* y, void* out, size_t size ) { EXCEP_DECL; - int locked = 0; + TRY( LOCK() ); + TRY( yarrow_output_locked(y, out, size)); +CATCH: + UNLOCK(); + EXCEP_RET; +} + +static +int yarrow_output_locked( Yarrow_CTX* y, void* out, size_t size ) +{ + EXCEP_DECL; size_t left; char* outp; size_t use; @@ -495,8 +532,6 @@ int krb5int_yarrow_output( Yarrow_CTX* y, void* out, size_t size ) left = size; outp = out; - TRY( LOCK() ); - if (y->out_left > 0) { use = min(left, y->out_left); @@ -521,8 +556,30 @@ int krb5int_yarrow_output( Yarrow_CTX* y, void* out, size_t size ) } CATCH: - if ( locked ) { TRY( UNLOCK() ); } + EXCEP_RET; +} + +static int yarrow_gate_locked(Yarrow_CTX* y) +{ + EXCEP_DECL; + byte new_K[CIPHER_KEY_SIZE]; + + if (!y) { THROW( YARROW_BAD_ARG ); } + TRACE( printf( "GATE[" ); ); + + /* K <- Next k bits of PRNG output */ + + TRY( yarrow_output_locked(y, new_K, CIPHER_KEY_SIZE) ); + mem_copy(y->K, new_K, CIPHER_KEY_SIZE); + + /* need to resetup the key schedule as the key has changed */ + + TRY (krb5int_yarrow_cipher_init(&y->cipher, y->K)); + + CATCH: + TRACE( printf( "]," ); ); + mem_zero(new_K, sizeof(new_K)); EXCEP_RET; } @@ -837,7 +894,6 @@ int krb5int_yarrow_final(Yarrow_CTX* y) int locked = 0; if (!y) { THROW( YARROW_BAD_ARG ); } - TRY( Yarrow_detect_fork(y) ); TRY( LOCK() ); locked = 1; diff --git a/src/lib/crypto/yarrow/ylock.h b/src/lib/crypto/yarrow/ylock.h index 21d3911b7..9c032dc61 100644 --- a/src/lib/crypto/yarrow/ylock.h +++ b/src/lib/crypto/yarrow/ylock.h @@ -11,8 +11,14 @@ * and YARROW_LOCKING on failure */ - +#if 0 static int LOCK( void ) { return (YARROW_OK); } static int UNLOCK( void ) { return (YARROW_OK); } +#else +#include "k5-thread.h" +extern k5_mutex_t krb5int_yarrow_lock; +#define LOCK() (k5_mutex_lock(&krb5int_yarrow_lock) ? YARROW_LOCKING : YARROW_OK) +#define UNLOCK() (k5_mutex_unlock(&krb5int_yarrow_lock) ? YARROW_LOCKING : YARROW_OK) +#endif #endif /* YLOCK_H */ -- 2.26.2