Aren
/
NetBSD
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Accept both byte orders for random seed in `rndctl -L'. 

The file format was defined with a machine-dependent 32-bit integer
field (the estimated number of bits of entropy in the process that
generated it).  Take whichever byte order gives a number that is
reasonable, i.e. lower than the number of bits in the buffer.

Continue to have `rndctl -S' generate it in machine-dependent byte
order for now, so that if you roll back to an older rndctl(8) then
`rndctl -L' on the same machine will still be able to load it with
the right entropy estimate.  In a future revision, perhaps we can
change it to be little-endian.
This commit is contained in:
riastradh 2020-04-30 03:24:48 +00:00
parent 9d6555baa4
commit 825d46aec4
1 changed files with 16 additions and 5 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

21
sbin/rndctl/rndctl.c
View File

@ -1,4 +1,4 @@
/* $NetBSD: rndctl.c,v 1.31 2019/12/06 14:43:18 riastradh Exp $ */
/* $NetBSD: rndctl.c,v 1.32 2020/04/30 03:24:48 riastradh Exp $ */
/*-
* Copyright (c) 1997 Michael Graff.
@ -33,13 +33,14 @@
#include <sha1.h>
#ifndef lint
__RCSID("$NetBSD: rndctl.c,v 1.31 2019/12/06 14:43:18 riastradh Exp $");
__RCSID("$NetBSD: rndctl.c,v 1.32 2020/04/30 03:24:48 riastradh Exp $");
#endif
#include <sys/types.h>
#include <sys/ioctl.h>
#include <sys/param.h>
#include <sys/endian.h>
#include <sys/rndio.h>
#include <sys/sha3.h>
@ -192,9 +193,8 @@ do_save(const char *filename, const void *extra, size_t nextra,
MIN(sizeof(rs.data), UINT32_MAX/NBBY)*NBBY);
/*
* Compute the checksum on the 32-bit entropy count, in host
* byte order (XXX this means it is not portable across
* different-endian platforms!), followed by the seed data.
* Compute the checksum on the 32-bit entropy count, followed
* by the seed data.
*/
SHA1Init(&s);
SHA1Update(&s, (const uint8_t *)&rs.entropy, sizeof(rs.entropy));
@ -309,6 +309,17 @@ do_load(const char *filename)
rs.entropy = 0;
}
/*
* If the entropy is insensibly large, try byte-swapping.
* Otherwise assume the file is corrupted and act as though it
* has zero entropy.
*/
if (howmany(rs.entropy, NBBY) > sizeof(rs.data)) {
rs.entropy = bswap32(rs.entropy);
if (howmany(rs.entropy, NBBY) > sizeof(rs.data))
rs.entropy = 0;
}
/* Format the ioctl request. */
rd.len = MIN(sizeof(rd.data), sizeof(rs.data));
rd.entropy = rs.entropy;