- (djm) [openbsd-compat/bsd-arc4random.c] Discard early keystream, like OpenBSD

ok dtucker@
This commit is contained in:
Damien Miller 2004-07-19 09:30:38 +10:00
parent 0999174755
commit 65df174574
2 changed files with 15 additions and 3 deletions

View File

@ -1,3 +1,7 @@
20040719
- (djm) [openbsd-compat/bsd-arc4random.c] Discard early keystream, like OpenBSD
ok dtucker@
20040717 20040717
- (dtucker) [logintest.c scp.c sftp-server.c sftp.c ssh-add.c ssh-agent.c - (dtucker) [logintest.c scp.c sftp-server.c sftp.c ssh-add.c ssh-agent.c
ssh-keygen.c ssh-keyscan.c ssh-keysign.c ssh-rand-helper.c ssh.c sshd.c ssh-keygen.c ssh-keyscan.c ssh-keysign.c ssh-rand-helper.c ssh.c sshd.c
@ -1527,4 +1531,4 @@
- (djm) Trim deprecated options from INSTALL. Mention UsePAM - (djm) Trim deprecated options from INSTALL. Mention UsePAM
- (djm) Fix quote handling in sftp; Patch from admorten AT umich.edu - (djm) Fix quote handling in sftp; Patch from admorten AT umich.edu
$Id: ChangeLog,v 1.3477 2004/07/17 07:05:14 dtucker Exp $ $Id: ChangeLog,v 1.3478 2004/07/18 23:30:38 djm Exp $

View File

@ -17,7 +17,7 @@
#include "includes.h" #include "includes.h"
#include "log.h" #include "log.h"
RCSID("$Id: bsd-arc4random.c,v 1.8 2004/02/17 05:49:55 djm Exp $"); RCSID("$Id: bsd-arc4random.c,v 1.9 2004/07/18 23:30:40 djm Exp $");
#ifndef HAVE_ARC4RANDOM #ifndef HAVE_ARC4RANDOM
@ -56,13 +56,21 @@ unsigned int arc4random(void)
void arc4random_stir(void) void arc4random_stir(void)
{ {
unsigned char rand_buf[SEED_SIZE]; unsigned char rand_buf[SEED_SIZE];
int i;
memset(&rc4, 0, sizeof(rc4)); memset(&rc4, 0, sizeof(rc4));
if (RAND_bytes(rand_buf, sizeof(rand_buf)) <= 0) if (RAND_bytes(rand_buf, sizeof(rand_buf)) <= 0)
fatal("Couldn't obtain random bytes (error %ld)", fatal("Couldn't obtain random bytes (error %ld)",
ERR_get_error()); ERR_get_error());
RC4_set_key(&rc4, sizeof(rand_buf), rand_buf); RC4_set_key(&rc4, sizeof(rand_buf), rand_buf);
/*
* Discard early keystream, as per recommendations in:
* http://www.wisdom.weizmann.ac.il/~itsik/RC4/Papers/Rc4_ksa.ps
*/
for(i = 0; i <= 256; i += sizeof(rand_buf))
RC4(&rc4, sizeof(rand_buf), rand_buf, rand_buf); RC4(&rc4, sizeof(rand_buf), rand_buf, rand_buf);
memset(rand_buf, 0, sizeof(rand_buf)); memset(rand_buf, 0, sizeof(rand_buf));
rc4_ready = REKEY_BYTES; rc4_ready = REKEY_BYTES;