Commit 040f3831 authored by Damien Miller's avatar Damien Miller

- Wrote entropy collection routines for systems that lack /dev/random

   and EGD
parent b38eff8e
20000403
- Wrote entropy collection routines for systems that lack /dev/random
and EGD
20000401
- Big OpenBSD CVS update (mainly beginnings of SSH2 infrastructure)
- [auth.c session.c sshd.c auth.h]
......
......@@ -31,7 +31,7 @@ LDFLAGS=-L. @LDFLAGS@
TARGETS=ssh sshd ssh-add ssh-keygen ssh-agent scp $(EXTRA_TARGETS)
LIBOBJS= atomicio.o authfd.o authfile.o bsd-bindresvport.o bsd-daemon.o bsd-misc.o bsd-mktemp.o bsd-rresvport.o bsd-setenv.o bsd-snprintf.o bsd-strlcat.o bsd-strlcpy.o bufaux.o buffer.o canohost.o channels.o cipher.o compat.o compress.o crc32.o deattack.o dispatch.o fake-getaddrinfo.o fake-getnameinfo.o fingerprint.o hostfile.o key.o log.o match.o mpaux.o nchan.o packet.o radix.o random.o readpass.o rsa.o tildexpand.o ttymodes.o uidswap.o xmalloc.o
LIBOBJS= atomicio.o authfd.o authfile.o bsd-bindresvport.o bsd-daemon.o bsd-misc.o bsd-mktemp.o bsd-rresvport.o bsd-setenv.o bsd-snprintf.o bsd-strlcat.o bsd-strlcpy.o bufaux.o buffer.o canohost.o channels.o cipher.o compat.o compress.o crc32.o deattack.o dispatch.o fake-getaddrinfo.o fake-getnameinfo.o fingerprint.o hostfile.o key.o log.o match.o mpaux.o nchan.o packet.o radix.o entropy.o readpass.o rsa.o tildexpand.o ttymodes.o uidswap.o xmalloc.o
SSHOBJS= ssh.o sshconnect.o log-client.o readconf.o clientloop.o
......
......@@ -32,11 +32,6 @@ The PAM support is now more functional than the popular packages of
commercial ssh-1.2.x. It checks "account" and "session" modules for
all logins, not just when using password authentication.
All new code is released under a XFree style license, which is very
liberal. Please refer to the source files for details. The code in
bsd-*.[ch] is from the OpenBSD project and has its own license (again,
see the source files for details).
OpenSSH depends on Zlib[2], OpenSSL[3] and optionally PAM[4] and
Dante[6]. To build the GNOME[5] pass-phrase requester
(--with-gnome-askpass), you will need the GNOME libraries installed.
......@@ -64,10 +59,6 @@ This version of SSH is based upon code retrieved from the OpenBSD CVS
repository which in turn was based on the last free
version of SSH released by Tatu Ylonen.
Code in bsd-misc.[ch] and gnome-ssh-askpass.c is Copyright 1999 Damien
Miller & Internet Business Solutions and is released under a X11-style
license (see source files for details).
References -
[1] http://www.lothar.com/tech/crypto/
......
......@@ -24,17 +24,8 @@
/* Location of random number pool */
#undef RANDOM_POOL
/* Are we using the Entropy gathering daemon */
#undef HAVE_EGD
/* Define if using the Dante SOCKS library. */
#undef HAVE_DANTE
/* Define if using the Socks4 SOCKS library. */
#undef HAVE_SOCKS4
/* Define if using the Socks5 SOCKS library. */
#undef HAVE_SOCKS5
/* Location of EGD random number socket */
#undef EGD_SOCKET
/* Define if you want to install preformatted manpages.*/
#undef MANTYPE
......@@ -159,6 +150,23 @@
/* Detect IPv4 in IPv6 mapped addresses and treat as IPv4 */
#undef IPV4_IN_IPV6
/* Programs used in entropy collection */
#undef PROG_LS
#undef PROG_NETSTAT
#undef PROG_ARP
#undef PROG_IFCONFIG
#undef PROG_PS
#undef PROG_W
#undef PROG_WHO
#undef PROG_LAST
#undef PROG_LASTLOG
#undef PROG_DF
#undef PROG_VMSTAT
#undef PROG_UPTIME
#undef PROG_IPCS
#undef PROG_TAIL
@BOTTOM@
/* ******************* Shouldn't need to edit below this line ************** */
......
/*
**
** OpenBSD replacement routines
**
** Damien Miller <djm@ibs.com.au>
**
** Copyright 1999 Damien Miller
** Copyright 1999 Internet Business Solutions
**
** Permission is hereby granted, free of charge, to any person
** obtaining a copy of this software and associated documentation
** files (the "Software"), to deal in the Software without
** restriction, including without limitation the rights to use, copy,
** modify, merge, publish, distribute, sublicense, and/or sell copies
** of the Software, and to permit persons to whom the Software is
** furnished to do so, subject to the following conditions:
**
** The above copyright notice and this permission notice shall be
** included in all copies or substantial portions of the Software.
**
** THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY
** KIND, EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE
** WARRANTIES OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE
** AND NONINFRINGEMENT. IN NO EVENT SHALL DAMIEN MILLER OR INTERNET
** BUSINESS SOLUTIONS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
** LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE,
** ARISING FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE
** OR OTHER DEALINGS IN THE SOFTWARE.
**
** Except as contained in this notice, the name of Internet Business
** Solutions shall not be used in advertising or otherwise to promote
** the sale, use or other dealings in this Software without prior
** written authorization from Internet Business Solutions.
**
*/
* Copyright (c) 1999-2000 Damien Miller. All rights reserved.
*
* Redistribution and use in source and binary forms, with or without
* modification, are permitted provided that the following conditions
* are met:
* 1. Redistributions of source code must retain the above copyright
* notice, this list of conditions and the following disclaimer.
* 2. Redistributions in binary form must reproduce the above copyright
* notice, this list of conditions and the following disclaimer in the
* documentation and/or other materials provided with the distribution.
* 3. All advertising materials mentioning features or use of this software
* must display the following acknowledgement:
* This product includes software developed by Markus Friedl.
* 4. The name of the author may not be used to endorse or promote products
* derived from this software without specific prior written permission.
*
* THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR
* IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES
* OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED.
* IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT,
* INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
* NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
* DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
* THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
* (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF
* THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
*/
#include "config.h"
......@@ -52,7 +45,7 @@
#include "xmalloc.h"
#include "ssh.h"
#include "bsd-misc.h"
#include "random.h"
#include "entropy.h"
#ifndef HAVE_ARC4RANDOM
......@@ -125,8 +118,11 @@ void arc4random_stir(void)
if (rc4 == NULL)
rc4 = xmalloc(sizeof(*rc4));
seed_rng();
RAND_bytes(rand_buf, sizeof(rand_buf));
seed_rng();
get_random_bytes(rand_buf, sizeof(rand_buf));
rc4_key(rc4, rand_buf, sizeof(rand_buf));
memset(rand_buf, 0, sizeof(rand_buf));
}
......
/*
**
** OpenBSD replacement routines
**
** Damien Miller <djm@ibs.com.au>
**
** Copyright 1999 Damien Miller
** Copyright 1999 Internet Business Solutions
**
** Permission is hereby granted, free of charge, to any person
** obtaining a copy of this software and associated documentation
** files (the "Software"), to deal in the Software without
** restriction, including without limitation the rights to use, copy,
** modify, merge, publish, distribute, sublicense, and/or sell copies
** of the Software, and to permit persons to whom the Software is
** furnished to do so, subject to the following conditions:
**
** The above copyright notice and this permission notice shall be
** included in all copies or substantial portions of the Software.
**
** THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY
** KIND, EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE
** WARRANTIES OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE
** AND NONINFRINGEMENT. IN NO EVENT SHALL DAMIEN MILLER OR INTERNET
** BUSINESS SOLUTIONS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
** LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE,
** ARISING FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE
** OR OTHER DEALINGS IN THE SOFTWARE.
**
** Except as contained in this notice, the name of Internet Business
** Solutions shall not be used in advertising or otherwise to promote
** the sale, use or other dealings in this Software without prior
** written authorization from Internet Business Solutions.
**
*/
* Copyright (c) 1999-2000 Damien Miller. All rights reserved.
*
* Redistribution and use in source and binary forms, with or without
* modification, are permitted provided that the following conditions
* are met:
* 1. Redistributions of source code must retain the above copyright
* notice, this list of conditions and the following disclaimer.
* 2. Redistributions in binary form must reproduce the above copyright
* notice, this list of conditions and the following disclaimer in the
* documentation and/or other materials provided with the distribution.
* 3. All advertising materials mentioning features or use of this software
* must display the following acknowledgement:
* This product includes software developed by Markus Friedl.
* 4. The name of the author may not be used to endorse or promote products
* derived from this software without specific prior written permission.
*
* THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR
* IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES
* OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED.
* IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT,
* INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
* NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
* DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
* THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
* (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF
* THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
*/
#ifndef _BSD_MISC_H
#define _BSD_MISC_H
......
......@@ -12,6 +12,36 @@ AC_CHECK_PROG(AR, ar, ar)
AC_PATH_PROG(PERL, perl)
AC_SUBST(PERL)
# We may need these for entropy collection
AC_PATH_PROG(PROG_LS, ls)
AC_DEFINE_UNQUOTED(PROG_LS, "$PROG_LS")
AC_PATH_PROG(PROG_NETSTAT, netstat)
AC_DEFINE_UNQUOTED(PROG_NETSTAT, "$PROG_NETSTAT")
AC_PATH_PROG(PROG_ARP, arp)
AC_DEFINE_UNQUOTED(PROG_ARP, "$PROG_ARP")
AC_PATH_PROG(PROG_IFCONFIG, ifconfig)
AC_DEFINE_UNQUOTED(PROG_IFCONFIG, "$PROG_IFCONFIG")
AC_PATH_PROG(PROG_PS, ps)
AC_DEFINE_UNQUOTED(PROG_PS, "$PROG_PS")
AC_PATH_PROG(PROG_W, w)
AC_DEFINE_UNQUOTED(PROG_W, "$PROG_W")
AC_PATH_PROG(PROG_WHO, who)
AC_DEFINE_UNQUOTED(PROG_WHO, "$PROG_WHO")
AC_PATH_PROG(PROG_LAST, last)
AC_DEFINE_UNQUOTED(PROG_LAST, "$PROG_LAST")
AC_PATH_PROG(PROG_LASTLOG, lastlog)
AC_DEFINE_UNQUOTED(PROG_LASTLOG, "$PROG_LASTLOG")
AC_PATH_PROG(PROG_DF, df)
AC_DEFINE_UNQUOTED(PROG_DF, "$PROG_DF")
AC_PATH_PROG(PROG_VMSTAT, vmstat)
AC_DEFINE_UNQUOTED(PROG_VMSTAT, "$PROG_VMSTAT")
AC_PATH_PROG(PROG_UPTIME, uptime)
AC_DEFINE_UNQUOTED(PROG_UPTIME, "$PROG_UPTIME")
AC_PATH_PROG(PROG_IPCS, ipcs)
AC_DEFINE_UNQUOTED(PROG_UPTIME, "$PROG_UPTIME")
AC_PATH_PROG(PROG_TAIL, tail)
AC_DEFINE_UNQUOTED(PROG_TAIL, "$PROG_TAIL")
if test -z "$LD" ; then
LD=$CC
fi
......@@ -110,7 +140,7 @@ fi
AC_CHECK_HEADERS(bstring.h endian.h lastlog.h login.h maillock.h netdb.h netgroup.h paths.h poll.h pty.h shadow.h security/pam_appl.h sys/bitypes.h sys/bsdtty.h sys/cdefs.h sys/poll.h sys/select.h sys/stropts.h sys/sysmacros.h sys/time.h sys/ttcompat.h stddef.h util.h utmp.h utmpx.h)
# Checks for library functions.
AC_CHECK_FUNCS(arc4random bindresvport_af freeaddrinfo gai_strerror getaddrinfo getnameinfo innetgr md5_crypt mkdtemp openpty rresvport_af setenv seteuid setlogin setproctitle setreuid snprintf strlcat strlcpy updwtmpx vsnprintf _getpty)
AC_CHECK_FUNCS(arc4random bindresvport_af clock freeaddrinfo gai_strerror getaddrinfo getnameinfo getrusage innetgr md5_crypt mkdtemp openpty rresvport_af setenv seteuid setlogin setproctitle setreuid snprintf strlcat strlcpy updwtmpx vsnprintf _getpty)
AC_CHECK_FUNC(login,
[AC_DEFINE(HAVE_LOGIN)],
......@@ -604,8 +634,10 @@ AC_CHECK_FILE("/dev/ptc",
AC_ARG_WITH(random,
[ --with-random=FILE read randomness from FILE (default=/dev/urandom)],
[
RANDOM_POOL="$withval";
AC_DEFINE_UNQUOTED(RANDOM_POOL, "$RANDOM_POOL")
if test "x$withval" != "xno" ; then
RANDOM_POOL="$withval";
AC_DEFINE_UNQUOTED(RANDOM_POOL, "$RANDOM_POOL")
fi
],
[
# Check for random device
......@@ -623,18 +655,13 @@ AC_ARG_WITH(random,
AC_ARG_WITH(egd-pool,
[ --with-egd-pool=FILE read randomness from EGD pool FILE (default none)],
[
RANDOM_POOL="$withval";
AC_DEFINE(HAVE_EGD)
AC_SUBST(RANDOM_POOL)
AC_DEFINE_UNQUOTED(RANDOM_POOL, "$RANDOM_POOL")
if test "x$withval" != "xno" ; then
EGD_SOCKET="$withval";
AC_DEFINE_UNQUOTED(EGD_SOCKET, "$EGD_SOCKET")
fi
]
)
# Make sure we have some random number support
if test -z "$RANDOM_POOL" -a -z "$EGD_POOL"; then
AC_MSG_ERROR([No random device found, and no EGD random pool specified])
fi
AC_ARG_WITH(catman,
[ --with-catman=man|cat Install preformatted manpages[no]],
[
......
This diff is collapsed.
/*
* Copyright (c) 1999-2000 Damien Miller. All rights reserved.
*
* Redistribution and use in source and binary forms, with or without
* modification, are permitted provided that the following conditions
* are met:
* 1. Redistributions of source code must retain the above copyright
* notice, this list of conditions and the following disclaimer.
* 2. Redistributions in binary form must reproduce the above copyright
* notice, this list of conditions and the following disclaimer in the
* documentation and/or other materials provided with the distribution.
* 3. All advertising materials mentioning features or use of this software
* must display the following acknowledgement:
* This product includes software developed by Markus Friedl.
* 4. The name of the author may not be used to endorse or promote products
* derived from this software without specific prior written permission.
*
* THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR
* IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES
* OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED.
* IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT,
* INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
* NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
* DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
* THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
* (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF
* THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
*/
#ifndef _RANDOMS_H
#define _RANDOMS_H
void seed_rng(void);
#endif /* _RANDOMS_H */
/*
**
** Random number collection
**
** Damien Miller <djm@ibs.com.au>
**
** Copyright 1999 Damien Miller
**
** Permission is hereby granted, free of charge, to any person
** obtaining a copy of this software and associated documentation
** files (the "Software"), to deal in the Software without
** restriction, including without limitation the rights to use, copy,
** modify, merge, publish, distribute, sublicense, and/or sell copies
** of the Software, and to permit persons to whom the Software is
** furnished to do so, subject to the following conditions:
**
** The above copyright notice and this permission notice shall be
** included in all copies or substantial portions of the Software.
**
** THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY
** KIND, EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE
** WARRANTIES OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE
** AND NONINFRINGEMENT. IN NO EVENT SHALL DAMIEN MILLER OR INTERNET
** BUSINESS SOLUTIONS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
** LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE,
** ARISING FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE
** OR OTHER DEALINGS IN THE SOFTWARE.
**
** Except as contained in this notice, the name of Internet Business
** Solutions shall not be used in advertising or otherwise to promote
** the sale, use or other dealings in this Software without prior
** written authorization from Internet Business Solutions.
**
*/
#include <stdio.h>
#include <stdlib.h>
#include <string.h>
#include <errno.h>
#include <unistd.h>
#include <sys/types.h>
#include <sys/stat.h>
#include <sys/socket.h>
#include <sys/un.h>
#include <fcntl.h>
#ifdef HAVE_STDDEF_H
#include <stddef.h>
#endif
#include "ssh.h"
#include "xmalloc.h"
#include "random.h"
#ifndef offsetof
# define offsetof(type, member) ((size_t) &((type *)0)->member)
#endif
#ifdef HAVE_EGD
/* Collect entropy from EGD */
void get_random_bytes(unsigned char *buf, int len)
{
static int random_pool;
int c;
char egd_message[2] = { 0x02, 0x00 };
struct sockaddr_un addr;
int addr_len;
memset(&addr, '\0', sizeof(addr));
addr.sun_family = AF_UNIX;
/* FIXME: compile time check? */
if (sizeof(RANDOM_POOL) > sizeof(addr.sun_path))
fatal("Random pool path is too long");
strcpy(addr.sun_path, RANDOM_POOL);
addr_len = offsetof(struct sockaddr_un, sun_path) + sizeof(RANDOM_POOL);
random_pool = socket(AF_UNIX, SOCK_STREAM, 0);
if (random_pool == -1)
fatal("Couldn't create AF_UNIX socket: %s", strerror(errno));
if (connect(random_pool, (struct sockaddr*)&addr, addr_len) == -1)
fatal("Couldn't connect to EGD socket \"%s\": %s", addr.sun_path, strerror(errno));
if (len > 255)
fatal("Too many bytes to read from EGD");
/* Send blocking read request to EGD */
egd_message[1] = len;
c = atomicio(write, random_pool, egd_message, sizeof(egd_message));
if (c == -1)
fatal("Couldn't write to EGD socket \"%s\": %s", RANDOM_POOL, strerror(errno));
c = atomicio(read, random_pool, buf, len);
if (c <= 0)
fatal("Couldn't read from random pool \"%s\": %s", RANDOM_POOL, strerror(errno));
close(random_pool);
}
#else /* HAVE_EGD */
/* Collect entropy from /dev/urandom or pipe */
void get_random_bytes(unsigned char *buf, int len)
{
static int random_pool;
int c;
random_pool = open(RANDOM_POOL, O_RDONLY);
if (random_pool == -1)
fatal("Couldn't open random pool \"%s\": %s", RANDOM_POOL, strerror(errno));
c = atomicio(read, random_pool, buf, len);
if (c <= 0)
fatal("Couldn't read from random pool \"%s\": %s", RANDOM_POOL, strerror(errno));
close(random_pool);
}
#endif /* HAVE_EGD */
/*
**
** Random number collection
**
** Damien Miller <djm@ibs.com.au>
**
** Copyright 1999 Damien Miller
**
** Permission is hereby granted, free of charge, to any person
** obtaining a copy of this software and associated documentation
** files (the "Software"), to deal in the Software without
** restriction, including without limitation the rights to use, copy,
** modify, merge, publish, distribute, sublicense, and/or sell copies
** of the Software, and to permit persons to whom the Software is
** furnished to do so, subject to the following conditions:
**
** The above copyright notice and this permission notice shall be
** included in all copies or substantial portions of the Software.
**
** THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY
** KIND, EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE
** WARRANTIES OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE
** AND NONINFRINGEMENT. IN NO EVENT SHALL DAMIEN MILLER OR INTERNET
** BUSINESS SOLUTIONS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
** LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE,
** ARISING FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE
** OR OTHER DEALINGS IN THE SOFTWARE.
**
** Except as contained in this notice, the name of Internet Business
** Solutions shall not be used in advertising or otherwise to promote
** the sale, use or other dealings in this Software without prior
** written authorization from Internet Business Solutions.
**
*/
#ifndef _RANDOM_H
#define _RANDOM_H
void get_random_bytes(unsigned char *buf, int len);
#endif /* _RANDOM_H */
......@@ -35,28 +35,15 @@
*/
#include "includes.h"
RCSID("$Id: rsa.c,v 1.11 2000/03/17 12:40:16 damien Exp $");
RCSID("$Id: rsa.c,v 1.12 2000/04/03 04:50:46 damien Exp $");
#include "rsa.h"
#include "ssh.h"
#include "xmalloc.h"
#include "random.h"
#include "entropy.h"
int rsa_verbose = 1;
/*
* Seed OpenSSL's random number generator
*/
void
seed_rng()
{
char buf[64];
get_random_bytes(buf, sizeof(buf));
RAND_seed(buf, sizeof(buf));
memset(buf, 0, sizeof(buf));
}
int
rsa_alive()
{
......@@ -109,6 +96,8 @@ rsa_generate_key(RSA *prv, RSA *pub, unsigned int bits)
if (key == NULL)
fatal("rsa_generate_key: key generation failed.");
seed_rng();
/* Copy public key parameters */
pub->n = BN_new();
BN_copy(pub->n, key->n);
......
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment