From: Bodo Möller Date: Sat, 19 Feb 2000 15:22:53 +0000 (+0000) Subject: Allow for higher granularity of entropy estimates by using 'double' X-Git-Tag: OpenSSL_0_9_5beta1~41 X-Git-Url: https://git.librecmc.org/?a=commitdiff_plain;h=853f757ecea74a271a7c5cdee3f3b5fe0d3ae863;p=oweals%2Fopenssl.git Allow for higher granularity of entropy estimates by using 'double' instead of 'unsigned' counters. Seed PRNG in MacOS/GetHTTPS.src/GetHTTPS.cpp. Partially submitted by Yoram Meroz . --- diff --git a/CHANGES b/CHANGES index 74253ca4e3..7641ec98eb 100644 --- a/CHANGES +++ b/CHANGES @@ -231,7 +231,9 @@ has a return value which indicates the quality of the random data (1 = ok, 0 = not seeded). Also an error is recorded on the thread's error queue. New function RAND_pseudo_bytes() generates output that is - guaranteed to be unique but not unpredictable. + guaranteed to be unique but not unpredictable. RAND_add is like + RAND_seed, but takes an extra argument for an entropy estimate + (RAND_seed always assumes full entropy). [Ulf Möller] *) Do more iterations of Rabin-Miller probable prime test (specifically, diff --git a/MacOS/GetHTTPS.src/GetHTTPS.cpp b/MacOS/GetHTTPS.src/GetHTTPS.cpp index 8e02333154..ed8e1cc962 100644 --- a/MacOS/GetHTTPS.src/GetHTTPS.cpp +++ b/MacOS/GetHTTPS.src/GetHTTPS.cpp @@ -18,6 +18,7 @@ * Also-- before attempting to compile this, make sure the aliases in "OpenSSL-0.9.4:include:openssl" * are installed! Use the AppleScript applet in the "openssl-0.9.4" folder to do this! */ +/* modified to seed the PRNG */ // Include some funky libs I've developed over time @@ -32,8 +33,9 @@ #include #include +#include - +#include // Let's try grabbing some data from here: @@ -77,8 +79,11 @@ SSL_CTX *ssl_ctx = nil; SSL *ssl = nil; char tempString[256]; - +UnsignedWide microTickCount; +#warning -- USE A TRUE RANDOM SEED, AND ADD ENTROPY WHENEVER POSSIBLE. -- +const char seed[] = "uyq9,7-b(VHGT^%$&^F/,876;,;./lkJHGFUY{PO*"; // Just gobbledygook + printf("OpenSSL Demo by Roy Wood, roy@centricsystems.ca\n\n"); BailIfError(errCode = MacSocket_Startup()); @@ -113,6 +118,10 @@ char tempString[256]; // ssl_ctx = SSL_CTX_new(SSLv3_client_method()); + RAND_seed (seed, sizeof (seed)); + Microseconds (µTickCount); + RAND_add (µTickCount, sizeof (microTickCount), 0); // Entropy is actually > 0, needs an estimate + // Create an SSL thingey and try to negotiate the connection ssl = SSL_new(ssl_ctx); diff --git a/crypto/rand/md_rand.c b/crypto/rand/md_rand.c index be08e06658..34843d04db 100644 --- a/crypto/rand/md_rand.c +++ b/crypto/rand/md_rand.c @@ -56,7 +56,7 @@ * [including the GNU Public Licence.] */ -#define ENTROPY_NEEDED 16 /* require 128 bits of randomness */ +#define ENTROPY_NEEDED 16 /* require 128 bits = 16 bytes of randomness */ #ifndef MD_RAND_DEBUG # ifndef NDEBUG @@ -138,13 +138,13 @@ static int state_num=0,state_index=0; static unsigned char state[STATE_SIZE+MD_DIGEST_LENGTH]; static unsigned char md[MD_DIGEST_LENGTH]; static long md_count[2]={0,0}; -static unsigned entropy=0; +static double entropy=0; const char *RAND_version="RAND" OPENSSL_VERSION_PTEXT; static void ssleay_rand_cleanup(void); static void ssleay_rand_seed(const void *buf, int num); -static void ssleay_rand_add(const void *buf, int num, int add_entropy); +static void ssleay_rand_add(const void *buf, int num, double add_entropy); static int ssleay_rand_bytes(unsigned char *buf, int num); static int ssleay_rand_pseudo_bytes(unsigned char *buf, int num); @@ -172,7 +172,7 @@ static void ssleay_rand_cleanup(void) entropy=0; } -static void ssleay_rand_add(const void *buf, int num, int add) +static void ssleay_rand_add(const void *buf, int num, double add) { int i,j,k,st_idx; long md_c[2]; @@ -286,7 +286,7 @@ static void ssleay_rand_add(const void *buf, int num, int add) #ifndef THREADS assert(md_c[1] == md_count[1]); #endif - if (entropy < ENTROPY_NEEDED) + if (entropy < ENTROPY_NEEDED) /* stop counting when we have enough */ entropy += add; } diff --git a/crypto/rand/rand.h b/crypto/rand/rand.h index b5d2166b06..e5d6696cb4 100644 --- a/crypto/rand/rand.h +++ b/crypto/rand/rand.h @@ -68,7 +68,7 @@ typedef struct rand_meth_st void (*seed)(const void *buf, int num); int (*bytes)(unsigned char *buf, int num); void (*cleanup)(void); - void (*add)(const void *buf, int num, int entropy); + void (*add)(const void *buf, int num, double entropy); int (*pseudorand)(unsigned char *buf, int num); } RAND_METHOD; @@ -79,7 +79,7 @@ void RAND_cleanup(void ); int RAND_bytes(unsigned char *buf,int num); int RAND_pseudo_bytes(unsigned char *buf,int num); void RAND_seed(const void *buf,int num); -void RAND_add(const void *buf,int num,int entropy); +void RAND_add(const void *buf,int num,double entropy); int RAND_load_file(const char *file,long max_bytes); int RAND_write_file(const char *file); const char *RAND_file_name(char *file,int num); diff --git a/crypto/rand/rand_lib.c b/crypto/rand/rand_lib.c index 9a0b804292..b09a300c46 100644 --- a/crypto/rand/rand_lib.c +++ b/crypto/rand/rand_lib.c @@ -89,7 +89,7 @@ void RAND_seed(const void *buf, int num) rand_meth->seed(buf,num); } -void RAND_add(const void *buf, int num, int entropy) +void RAND_add(const void *buf, int num, double entropy) { if (rand_meth != NULL) rand_meth->add(buf,num,entropy); diff --git a/doc/crypto/RAND_add.pod b/doc/crypto/RAND_add.pod index 10be71a894..927c59d4c3 100644 --- a/doc/crypto/RAND_add.pod +++ b/doc/crypto/RAND_add.pod @@ -10,7 +10,7 @@ RAND_add, RAND_seed, RAND_screen - Add entropy to the PRNG void RAND_seed(const void *buf, int num); - void RAND_add(const void *buf, int num, int entropy); + void RAND_add(const void *buf, int num, double entropy); void RAND_screen(void); @@ -22,9 +22,9 @@ increases the uncertainty about the state and makes the PRNG output less predictable. Suitable input comes from user interaction (random key presses, mouse movements) and certain hardware events. The B argument is (the lower bound of) an estimate of how much -randomness is contained in B. Details about sources of randomness -and how to estimate their entropy can be found in the literature, -e.g. RFC 1750. +randomness is contained in B, measured in bytes. Details about +sources of randomness and how to estimate their entropy can be found +in the literature, e.g. RFC 1750. RAND_add() may be called with sensitive data such as user entered passwords. The seed values cannot be recovered from the PRNG output.