From 9a5a0e37097561741190e83d176053fe3be829a9 Mon Sep 17 00:00:00 2001 From: Sam Hartman Date: Tue, 8 Jan 2002 14:38:44 +0000 Subject: [PATCH] Implement code to get random data from /dev/{random,urandom}. For init_context use /dev/urandom; for database creation use /dev/random if it exists. git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@14087 dc483132-0cff-0310-8789-dd5450dbe970 --- src/kadmin/dbutil/ChangeLog | 4 ++ src/kadmin/dbutil/kdb5_create.c | 9 +++- src/lib/crypto/ChangeLog | 4 ++ src/lib/crypto/prng.c | 92 ++++++++++++++++++++++++++++++++- src/lib/krb5/krb/ChangeLog | 4 ++ src/lib/krb5/krb/init_ctx.c | 4 +- 6 files changed, 114 insertions(+), 3 deletions(-) diff --git a/src/kadmin/dbutil/ChangeLog b/src/kadmin/dbutil/ChangeLog index af9b6c723..de2ba00d7 100644 --- a/src/kadmin/dbutil/ChangeLog +++ b/src/kadmin/dbutil/ChangeLog @@ -1,3 +1,7 @@ +2002-01-08 Sam Hartman + + * kdb5_create.c (kdb5_create): Load strong random data + 2001-10-26 Ezra Peisach * dump.c (dump_db): Pass krb5_boolean instead of char * as diff --git a/src/kadmin/dbutil/kdb5_create.c b/src/kadmin/dbutil/kdb5_create.c index 74210abc2..2c05c2744 100644 --- a/src/kadmin/dbutil/kdb5_create.c +++ b/src/kadmin/dbutil/kdb5_create.c @@ -1,7 +1,7 @@ /* * kadmin/dbutil/kdb5_create.c * - * Copyright 1990,1991,2001 by the Massachusetts Institute of Technology. + * Copyright 1990,1991,2001, 2002 by the Massachusetts Institute of Technology. * All Rights Reserved. * * Export of this software from the United States of America may @@ -197,6 +197,13 @@ void kdb5_create(argc, argv) exit_status++; return; } + printf ("Loading random data\n"); + retval = krb5_c_random_os_entropy (util_context, 1, NULL); + if (retval) { + com_err (argv[0], retval, "Loading random data"); + exit_status++; return; + } + /* assemble & parse the master key name */ if ((retval = krb5_db_setup_mkey_name(util_context, diff --git a/src/lib/crypto/ChangeLog b/src/lib/crypto/ChangeLog index e102e4833..488b4cec3 100644 --- a/src/lib/crypto/ChangeLog +++ b/src/lib/crypto/ChangeLog @@ -1,3 +1,7 @@ +2002-01-08 Sam Hartman + + * prng.c (krb5_c_random_os_entropy): Implement. + 2001-12-05 Ezra Peisach * t_encrypt.c (main): Free memory when finished to test for memory diff --git a/src/lib/crypto/prng.c b/src/lib/crypto/prng.c index f3a6838bd..0f45e6b51 100644 --- a/src/lib/crypto/prng.c +++ b/src/lib/crypto/prng.c @@ -1,5 +1,5 @@ /* - * Copyright (C) 2001 by the Massachusetts Institute of Technology. + * Copyright (C) 2001, 2002 by the Massachusetts Institute of Technology. * All rights reserved. * * @@ -114,3 +114,93 @@ void prng_cleanup (void) if (inited) krb5int_yarrow_final (&y_ctx); inited = 0; } + + +/* + * Routines to get entropy from the OS. For UNIX we try /dev/urandom + * and /dev/random. Currently we don't do anything for pre-OSX Mac and + * Windows. + */ +#if defined(_WIN32) || (defined(TARGET_OS_MAC) && !defined(TARGET_API_MAC_OSX)) + +krb5_error_code KRB5_CALLCONV +krb5_c_random_os_entropy ( + krb5_context context, int strong, int *success) +{ + if (success) + *success = 0; + return 0; +} + +#else /*Windows and non-OSX Mac*/ +#ifdef HAVE_UNISTD_H +#include +#endif +#ifdef HAVE_SYS_STAT_H +#include +#endif + +/* + * Helper function to read entropy from a random device. Takes the + * name of a device, opens it, makes sure it is a device and if so, + * reads entropy. Returns a boolean indicating whether entropy was + * read. + */ + +static int +read_entropy_from_device (krb5_context context, const char *device) +{ + krb5_data data; + struct stat sb; + int fd; + unsigned char buf[YARROW_SLOW_THRESH/8]; + int left; + fd = open (device, O_RDONLY); + if (fd == -1) + return 0; + if (fstat (fd, &sb) == -1) + return 0; + if (S_ISREG(sb.st_mode)) { + close(fd); + return 0; + } + for (left = sizeof (buf); left > 0;) { + size_t count; + count = read (fd, &buf, (unsigned) left); + if (count <= 0) { + close(fd); + return 0; + } + left -= count; + } + close (fd); + data.length = sizeof (buf); + data.data = ( char * ) buf; + if ( krb5_c_random_add_entropy (context, KRB5_C_RANDSOURCE_OSRAND, + &data) != 0) { + return 0; + } + return 1; +} + +krb5_error_code KRB5_CALLCONV +krb5_c_random_os_entropy (krb5_context context, + int strong, int *success) +{ + int unused; + int *oursuccess = success?success:&unused; + *oursuccess = 0; + /* If we are getting strong data then try that first. We aare + guaranteed to cause a reseed of some kind if strong is true and + we have both /dev/random and /dev/urandom. We want the strong + data included in the reseed so we get it first.*/ + if (strong) { + if (read_entropy_from_device (context, "/dev/random")) + *oursuccess = 1; + } + if (read_entropy_from_device (context, "/dev/urandom")) + *oursuccess = 1; + return 0; +} + +#endif /*Windows or pre-OSX Mac*/ diff --git a/src/lib/krb5/krb/ChangeLog b/src/lib/krb5/krb/ChangeLog index 07ce4ed7e..367c173ef 100644 --- a/src/lib/krb5/krb/ChangeLog +++ b/src/lib/krb5/krb/ChangeLog @@ -1,3 +1,7 @@ +2002-01-08 Sam Hartman + + * init_ctx.c (init_common): Use /dev/urandom if present for random data + 2001-12-05 Ezra Peisach * t_ser.c (main): Free context on failure exit route. diff --git a/src/lib/krb5/krb/init_ctx.c b/src/lib/krb5/krb/init_ctx.c index 368c0935b..79a1cb09e 100644 --- a/src/lib/krb5/krb/init_ctx.c +++ b/src/lib/krb5/krb/init_ctx.c @@ -1,7 +1,7 @@ /* * lib/krb5/krb/init_ctx.c * - * Copyright 1994,1999,2000 by the Massachusetts Institute of Technology. + * Copyright 1994,1999,2000, 2002 by the Massachusetts Institute of Technology. * All Rights Reserved. * * Export of this software from the United States of America may @@ -150,6 +150,8 @@ init_common (context, secure) goto cleanup; /* initialize the prng (not well, but passable) */ + if ((retval = krb5_c_random_os_entropy( ctx, 0, NULL)) !=0) + goto cleanup; if ((retval = krb5_crypto_us_timeofday(&seed_data.now, &seed_data.now_usec))) goto cleanup; seed_data.pid = getpid (); -- 2.26.2