From 01b40dc28ce6109844b4a2ce64cbb5fc06810ad3 Mon Sep 17 00:00:00 2001 From: Matthew Dillon Date: Wed, 30 Jan 2008 19:28:02 +0000 Subject: [PATCH] Address a potential weakness in IBAA. The generator needs to be warmed up after seeding to remove potentially weak initial states. Also address a potential weakness in L15. References follow. http://www.leopard.uk.com http://www.burtleburtle.net/bob/rand/isaac.html Submitted-by: Robin Carey --- sys/kern/kern_nrandom.c | 18 ++++++++++++++++-- 1 file changed, 16 insertions(+), 2 deletions(-) diff --git a/sys/kern/kern_nrandom.c b/sys/kern/kern_nrandom.c index 03d23fd63a..88e3303dce 100644 --- a/sys/kern/kern_nrandom.c +++ b/sys/kern/kern_nrandom.c @@ -22,7 +22,7 @@ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF * SUCH DAMAGE. * - * $DragonFly: src/sys/kern/kern_nrandom.c,v 1.4 2006/09/10 01:26:39 dillon Exp $ + * $DragonFly: src/sys/kern/kern_nrandom.c,v 1.5 2008/01/30 19:28:02 dillon Exp $ */ /* --- NOTES --- * @@ -358,7 +358,8 @@ L15_Discard(const LByteType numCalls) static void L15(const LByteType * const key, const size_t keyLen) { - L15_x = L15_y = L15_start_x = 0; + L15_x = L15_start_x = 0; + L15_y = L15_STATE_SIZE - 1; L15_InitState(); L15_KSA(key, keyLen); L15_Discard(L15_Byte()); @@ -429,6 +430,12 @@ rand_initialize(void) L15_Vector((const LByteType *)&now.tv_nsec, sizeof(now.tv_nsec)); } + + /* + * Warm up the generator to get rid of weak initial states. + */ + for (i = 0; i < 10; ++i) + IBAA_Call(); } /* @@ -472,6 +479,7 @@ int add_buffer_randomness(const char *buf, int bytes) { int error; + int i; if (seedenable && securelevel <= 0) { while (bytes >= sizeof(int)) { @@ -480,6 +488,12 @@ add_buffer_randomness(const char *buf, int bytes) bytes -= sizeof(int); } error = 0; + + /* + * Warm up the generator to get rid of weak initial states. + */ + for (i = 0; i < 10; ++i) + IBAA_Call(); } else { error = EPERM; } -- 2.41.0