mirror/lwip
1
0
Fork 0
mirror of https://github.com/lwip-tcpip/lwip.git synced 2024-09-17 20:24:24 +00:00
Code Issues Packages Projects Releases Wiki Activity

randomized seed when using MD5 random support and PPPoE

Browse Source
This commit is contained in:
Sylvain Rochet 2012-06-21 23:08:20 +02:00
parent 8093b55e86
commit 8576ee0981
2 changed files with 7 additions and 6 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

12
src/netif/ppp/magic.c
View File

@ -113,7 +113,7 @@ static long magic_randcount = 0; /* Pseudo-random incrementer */
void magic_churnrand(char *rand_data, u32_t rand_len) { void magic_churnrand(char *rand_data, u32_t rand_len) {
md5_context md5; md5_context md5;
/* LWIP_DEBUGF(LOG_INFO, ("churnRand: %u@%P\n", rand_len, rand_data)); */ /* LWIP_DEBUGF(LOG_INFO, ("magic_churnrand: %u@%P\n", rand_len, rand_data)); */
md5_starts(&md5); md5_starts(&md5);
md5_update(&md5, (u_char *)magic_randpool, sizeof(magic_randpool)); md5_update(&md5, (u_char *)magic_randpool, sizeof(magic_randpool));
if (rand_data) { if (rand_data) {
@ -121,14 +121,14 @@ void magic_churnrand(char *rand_data, u32_t rand_len) {
} else { } else {
struct { struct {
/* INCLUDE fields for any system sources of randomness */ /* INCLUDE fields for any system sources of randomness */
char foobar; u32_t jiffies;
} sys_data; } sys_data;
sys_data.jiffies = sys_jiffies();
/* Load sys_data fields here. */ /* Load sys_data fields here. */
md5_update(&md5, (u_char *)&sys_data, sizeof(sys_data)); md5_update(&md5, (u_char *)&sys_data, sizeof(sys_data));
} }
md5_finish(&md5, (u_char *)magic_randpool); md5_finish(&md5, (u_char *)magic_randpool);
/* LWIP_DEBUGF(LOG_INFO, ("churnRand: -> 0\n")); */ /* LWIP_DEBUGF(LOG_INFO, ("magic_churnrand: -> 0\n")); */
} }
/* /*
@ -149,14 +149,14 @@ void magic_randomize(void) {
* random_bytes - Fill a buffer with random bytes. * random_bytes - Fill a buffer with random bytes.
* *
* Use the random pool to generate random data. This degrades to pseudo * Use the random pool to generate random data. This degrades to pseudo
* random when used faster than randomness is supplied using churnRand(). * random when used faster than randomness is supplied using magic_churnrand().
* Note: It's important that there be sufficient randomness in magic_randpool * Note: It's important that there be sufficient randomness in magic_randpool
* before this is called for otherwise the range of the result may be * before this is called for otherwise the range of the result may be
* narrow enough to make a search feasible. * narrow enough to make a search feasible.
* *
* Ref: Applied Cryptography 2nd Ed. by Bruce Schneier p. 427 * Ref: Applied Cryptography 2nd Ed. by Bruce Schneier p. 427
* *
* XXX Why does he not just call churnRand() for each block? Probably * XXX Why does he not just call magic_churnrand() for each block? Probably
* so that you don't ever publish the seed which could possibly help * so that you don't ever publish the seed which could possibly help
* predict future values. * predict future values.
* XXX Why don't we preserve md5 between blocks and just update it with * XXX Why don't we preserve md5 between blocks and just update it with

1
src/netif/ppp/ppp.c
View File

@ -642,6 +642,7 @@ drop:
out: out:
pbuf_free(pb); pbuf_free(pb);
magic_randomize();
return; return;
#if 0 #if 0