diff options
Diffstat (limited to 'entropy.c')
-rw-r--r-- | entropy.c | 35 |
1 files changed, 22 insertions, 13 deletions
@@ -56,6 +56,8 @@ | |||
56 | #include "sshbuf.h" | 56 | #include "sshbuf.h" |
57 | #include "ssherr.h" | 57 | #include "ssherr.h" |
58 | 58 | ||
59 | #define RANDOM_SEED_SIZE 48 | ||
60 | |||
59 | /* | 61 | /* |
60 | * Portable OpenSSH PRNG seeding: | 62 | * Portable OpenSSH PRNG seeding: |
61 | * If OpenSSL has not "internally seeded" itself (e.g. pulled data from | 63 | * If OpenSSL has not "internally seeded" itself (e.g. pulled data from |
@@ -64,8 +66,6 @@ | |||
64 | */ | 66 | */ |
65 | #ifndef OPENSSL_PRNG_ONLY | 67 | #ifndef OPENSSL_PRNG_ONLY |
66 | 68 | ||
67 | #define RANDOM_SEED_SIZE 48 | ||
68 | |||
69 | /* | 69 | /* |
70 | * Collect 'len' bytes of entropy into 'buf' from PRNGD/EGD daemon | 70 | * Collect 'len' bytes of entropy into 'buf' from PRNGD/EGD daemon |
71 | * listening either on 'tcp_port', or via Unix domain socket at * | 71 | * listening either on 'tcp_port', or via Unix domain socket at * |
@@ -216,9 +216,11 @@ rexec_recv_rng_seed(struct sshbuf *m) | |||
216 | void | 216 | void |
217 | seed_rng(void) | 217 | seed_rng(void) |
218 | { | 218 | { |
219 | #ifndef OPENSSL_PRNG_ONLY | ||
220 | unsigned char buf[RANDOM_SEED_SIZE]; | 219 | unsigned char buf[RANDOM_SEED_SIZE]; |
221 | #endif | 220 | |
221 | /* Initialise libcrypto */ | ||
222 | ssh_libcrypto_init(); | ||
223 | |||
222 | if (!ssh_compatible_openssl(OPENSSL_VERSION_NUMBER, | 224 | if (!ssh_compatible_openssl(OPENSSL_VERSION_NUMBER, |
223 | OpenSSL_version_num())) | 225 | OpenSSL_version_num())) |
224 | fatal("OpenSSL version mismatch. Built against %lx, you " | 226 | fatal("OpenSSL version mismatch. Built against %lx, you " |
@@ -226,27 +228,34 @@ seed_rng(void) | |||
226 | OpenSSL_version_num()); | 228 | OpenSSL_version_num()); |
227 | 229 | ||
228 | #ifndef OPENSSL_PRNG_ONLY | 230 | #ifndef OPENSSL_PRNG_ONLY |
229 | if (RAND_status() == 1) { | 231 | if (RAND_status() == 1) |
230 | debug3("RNG is ready, skipping seeding"); | 232 | debug3("RNG is ready, skipping seeding"); |
231 | return; | 233 | else { |
234 | if (seed_from_prngd(buf, sizeof(buf)) == -1) | ||
235 | fatal("Could not obtain seed from PRNGd"); | ||
236 | RAND_add(buf, sizeof(buf), sizeof(buf)); | ||
232 | } | 237 | } |
233 | |||
234 | if (seed_from_prngd(buf, sizeof(buf)) == -1) | ||
235 | fatal("Could not obtain seed from PRNGd"); | ||
236 | RAND_add(buf, sizeof(buf), sizeof(buf)); | ||
237 | memset(buf, '\0', sizeof(buf)); | ||
238 | |||
239 | #endif /* OPENSSL_PRNG_ONLY */ | 238 | #endif /* OPENSSL_PRNG_ONLY */ |
239 | |||
240 | if (RAND_status() != 1) | 240 | if (RAND_status() != 1) |
241 | fatal("PRNG is not seeded"); | 241 | fatal("PRNG is not seeded"); |
242 | |||
243 | /* Ensure arc4random() is primed */ | ||
244 | arc4random_buf(buf, sizeof(buf)); | ||
245 | explicit_bzero(buf, sizeof(buf)); | ||
242 | } | 246 | } |
243 | 247 | ||
244 | #else /* WITH_OPENSSL */ | 248 | #else /* WITH_OPENSSL */ |
245 | 249 | ||
246 | /* Handled in arc4random() */ | 250 | /* Acutal initialisation is handled in arc4random() */ |
247 | void | 251 | void |
248 | seed_rng(void) | 252 | seed_rng(void) |
249 | { | 253 | { |
254 | unsigned char buf[RANDOM_SEED_SIZE]; | ||
255 | |||
256 | /* Ensure arc4random() is primed */ | ||
257 | arc4random_buf(buf, sizeof(buf)); | ||
258 | explicit_bzero(buf, sizeof(buf)); | ||
250 | } | 259 | } |
251 | 260 | ||
252 | #endif /* WITH_OPENSSL */ | 261 | #endif /* WITH_OPENSSL */ |