diff options
author | Damien Miller <djm@mindrot.org> | 2004-07-19 09:30:38 +1000 |
---|---|---|
committer | Damien Miller <djm@mindrot.org> | 2004-07-19 09:30:38 +1000 |
commit | 65df1745743a2f0f5b6647a223f781bb153e6449 (patch) | |
tree | 3f1c71e3edcc46a81f8372826cba961aa464eb2d | |
parent | 0999174755bbc5b50d65bfa95e0b322ffd12337c (diff) |
- (djm) [openbsd-compat/bsd-arc4random.c] Discard early keystream, like OpenBSD
ok dtucker@
-rw-r--r-- | ChangeLog | 6 | ||||
-rw-r--r-- | openbsd-compat/bsd-arc4random.c | 12 |
2 files changed, 15 insertions, 3 deletions
@@ -1,3 +1,7 @@ +20040719 + - (djm) [openbsd-compat/bsd-arc4random.c] Discard early keystream, like OpenBSD + ok dtucker@ + 20040717 - (dtucker) [logintest.c scp.c sftp-server.c sftp.c ssh-add.c ssh-agent.c ssh-keygen.c ssh-keyscan.c ssh-keysign.c ssh-rand-helper.c ssh.c sshd.c @@ -1527,4 +1531,4 @@ - (djm) Trim deprecated options from INSTALL. Mention UsePAM - (djm) Fix quote handling in sftp; Patch from admorten AT umich.edu -$Id: ChangeLog,v 1.3477 2004/07/17 07:05:14 dtucker Exp $ +$Id: ChangeLog,v 1.3478 2004/07/18 23:30:38 djm Exp $ diff --git a/openbsd-compat/bsd-arc4random.c b/openbsd-compat/bsd-arc4random.c index 22003ff0..5284e1af 100644 --- a/openbsd-compat/bsd-arc4random.c +++ b/openbsd-compat/bsd-arc4random.c @@ -17,7 +17,7 @@ #include "includes.h" #include "log.h" -RCSID("$Id: bsd-arc4random.c,v 1.8 2004/02/17 05:49:55 djm Exp $"); +RCSID("$Id: bsd-arc4random.c,v 1.9 2004/07/18 23:30:40 djm Exp $"); #ifndef HAVE_ARC4RANDOM @@ -56,13 +56,21 @@ unsigned int arc4random(void) void arc4random_stir(void) { unsigned char rand_buf[SEED_SIZE]; + int i; memset(&rc4, 0, sizeof(rc4)); if (RAND_bytes(rand_buf, sizeof(rand_buf)) <= 0) fatal("Couldn't obtain random bytes (error %ld)", ERR_get_error()); RC4_set_key(&rc4, sizeof(rand_buf), rand_buf); - RC4(&rc4, sizeof(rand_buf), rand_buf, rand_buf); + + /* + * Discard early keystream, as per recommendations in: + * http://www.wisdom.weizmann.ac.il/~itsik/RC4/Papers/Rc4_ksa.ps + */ + for(i = 0; i <= 256; i += sizeof(rand_buf)) + RC4(&rc4, sizeof(rand_buf), rand_buf, rand_buf); + memset(rand_buf, 0, sizeof(rand_buf)); rc4_ready = REKEY_BYTES; |