| arc4random.c (8cee2ebac54a1c4a6b9cc1ee877ead57e529b7c2) | arc4random.c (865f46b255599c4a645e84a4cbb5ea7abdc0e207) |
|---|---|
| 1/* $OpenBSD: arc4random.c,v 1.41 2014/07/12 13:24:54 deraadt Exp $ */ 2 3/* 4 * Copyright (c) 1996, David Mazieres <dm@uun.org> 5 * Copyright (c) 2008, Damien Miller <djm@openbsd.org> 6 * Copyright (c) 2013, Markus Friedl <markus@openbsd.org> 7 * 8 * Permission to use, copy, modify, and distribute this software for any --- 43 unchanged lines hidden (view full) --- 52#define MAP_ANON MAP_ANONYMOUS 53#endif 54 55#define KEYSZ 32 56#define IVSZ 8 57#define BLOCKSZ 64 58#define RSBUFSZ (16*BLOCKSZ) 59 | 1/* $OpenBSD: arc4random.c,v 1.41 2014/07/12 13:24:54 deraadt Exp $ */ 2 3/* 4 * Copyright (c) 1996, David Mazieres <dm@uun.org> 5 * Copyright (c) 2008, Damien Miller <djm@openbsd.org> 6 * Copyright (c) 2013, Markus Friedl <markus@openbsd.org> 7 * 8 * Permission to use, copy, modify, and distribute this software for any --- 43 unchanged lines hidden (view full) --- 52#define MAP_ANON MAP_ANONYMOUS 53#endif 54 55#define KEYSZ 32 56#define IVSZ 8 57#define BLOCKSZ 64 58#define RSBUFSZ (16*BLOCKSZ) 59 |
| 60#define REKEY_BASE (1024*1024) /* NB. should be a power of 2 */ 61 |
|
| 60/* Marked MAP_INHERIT_ZERO, so zero'd out in fork children. */ 61static struct { 62 size_t rs_have; /* valid bytes at end of rs_buf */ 63 size_t rs_count; /* bytes till reseed */ 64} *rs; 65 66/* Preserved in fork children. */ 67static struct { --- 106 unchanged lines hidden (view full) --- 174 chacha_keysetup(&rsx->rs_chacha, buf, KEYSZ * 8, 0); 175 chacha_ivsetup(&rsx->rs_chacha, buf + KEYSZ); 176} 177 178static void 179_rs_stir(void) 180{ 181 u_char rnd[KEYSZ + IVSZ]; | 62/* Marked MAP_INHERIT_ZERO, so zero'd out in fork children. */ 63static struct { 64 size_t rs_have; /* valid bytes at end of rs_buf */ 65 size_t rs_count; /* bytes till reseed */ 66} *rs; 67 68/* Preserved in fork children. */ 69static struct { --- 106 unchanged lines hidden (view full) --- 176 chacha_keysetup(&rsx->rs_chacha, buf, KEYSZ * 8, 0); 177 chacha_ivsetup(&rsx->rs_chacha, buf + KEYSZ); 178} 179 180static void 181_rs_stir(void) 182{ 183 u_char rnd[KEYSZ + IVSZ]; |
| 184 uint32_t rekey_fuzz = 0; |
|
| 182 183 if (getentropy(rnd, sizeof rnd) == -1) { 184 if(errno != ENOSYS || 185 fallback_getentropy_urandom(rnd, sizeof rnd) == -1) { 186#ifdef SIGKILL 187 raise(SIGKILL); 188#else 189 exit(9); /* windows */ --- 6 unchanged lines hidden (view full) --- 196 else 197 _rs_rekey(rnd, sizeof(rnd)); 198 explicit_bzero(rnd, sizeof(rnd)); /* discard source seed */ 199 200 /* invalidate rs_buf */ 201 rs->rs_have = 0; 202 memset(rsx->rs_buf, 0, sizeof(rsx->rs_buf)); 203 | 185 186 if (getentropy(rnd, sizeof rnd) == -1) { 187 if(errno != ENOSYS || 188 fallback_getentropy_urandom(rnd, sizeof rnd) == -1) { 189#ifdef SIGKILL 190 raise(SIGKILL); 191#else 192 exit(9); /* windows */ --- 6 unchanged lines hidden (view full) --- 199 else 200 _rs_rekey(rnd, sizeof(rnd)); 201 explicit_bzero(rnd, sizeof(rnd)); /* discard source seed */ 202 203 /* invalidate rs_buf */ 204 rs->rs_have = 0; 205 memset(rsx->rs_buf, 0, sizeof(rsx->rs_buf)); 206 |
| 204 rs->rs_count = 1600000; | 207 /* rekey interval should not be predictable */ 208 chacha_encrypt_bytes(&rsx->rs_chacha, (uint8_t *)&rekey_fuzz, 209 (uint8_t *)&rekey_fuzz, sizeof(rekey_fuzz)); 210 rs->rs_count = REKEY_BASE + (rekey_fuzz % REKEY_BASE); |
| 205} 206 207static inline void 208_rs_stir_if_needed(size_t len) 209{ 210#ifndef MAP_INHERIT_ZERO 211 static pid_t _rs_pid = 0; 212 pid_t pid = getpid(); --- 94 unchanged lines hidden --- | 211} 212 213static inline void 214_rs_stir_if_needed(size_t len) 215{ 216#ifndef MAP_INHERIT_ZERO 217 static pid_t _rs_pid = 0; 218 pid_t pid = getpid(); --- 94 unchanged lines hidden --- |