diff options
| author | deraadt <> | 2018-11-20 08:04:28 +0000 | 
|---|---|---|
| committer | deraadt <> | 2018-11-20 08:04:28 +0000 | 
| commit | 1c9e20cbc776ff1a1ba01d20a3d7ae740718e16e (patch) | |
| tree | f0a99bac9b58c33006d9c873c65b2281fb8d7a03 | |
| parent | 2aceb79bcea2b521506207ee08481893378cd518 (diff) | |
| download | openbsd-1c9e20cbc776ff1a1ba01d20a3d7ae740718e16e.tar.gz openbsd-1c9e20cbc776ff1a1ba01d20a3d7ae740718e16e.tar.bz2 openbsd-1c9e20cbc776ff1a1ba01d20a3d7ae740718e16e.zip | |
Saw a mention somewhere a while back that the gotdata() function in
here could creates non-uniformity since very short fetches of 0 would
be excluded.  blocks of 0 are just as random as any other data, including
blocks of 4 4 4..  This is a misguided attempt to identify errors from the
entropy churn/gather code doesn't make sense, errors don't happen.
ok bcook
Diffstat (limited to '')
| -rw-r--r-- | src/lib/libcrypto/arc4random/getentropy_aix.c | 33 | ||||
| -rw-r--r-- | src/lib/libcrypto/arc4random/getentropy_hpux.c | 33 | ||||
| -rw-r--r-- | src/lib/libcrypto/arc4random/getentropy_linux.c | 39 | ||||
| -rw-r--r-- | src/lib/libcrypto/arc4random/getentropy_osx.c | 33 | ||||
| -rw-r--r-- | src/lib/libcrypto/arc4random/getentropy_solaris.c | 33 | 
5 files changed, 27 insertions, 144 deletions
| diff --git a/src/lib/libcrypto/arc4random/getentropy_aix.c b/src/lib/libcrypto/arc4random/getentropy_aix.c index ff48ae7071..bd8818f264 100644 --- a/src/lib/libcrypto/arc4random/getentropy_aix.c +++ b/src/lib/libcrypto/arc4random/getentropy_aix.c | |||
| @@ -1,4 +1,4 @@ | |||
| 1 | /* $OpenBSD: getentropy_aix.c,v 1.5 2016/08/07 03:27:21 tb Exp $ */ | 1 | /* $OpenBSD: getentropy_aix.c,v 1.6 2018/11/20 08:04:28 deraadt Exp $ */ | 
| 2 | 2 | ||
| 3 | /* | 3 | /* | 
| 4 | * Copyright (c) 2015 Michael Felt <aixtools@gmail.com> | 4 | * Copyright (c) 2015 Michael Felt <aixtools@gmail.com> | 
| @@ -60,7 +60,6 @@ | |||
| 60 | 60 | ||
| 61 | int getentropy(void *buf, size_t len); | 61 | int getentropy(void *buf, size_t len); | 
| 62 | 62 | ||
| 63 | static int gotdata(char *buf, size_t len); | ||
| 64 | static int getentropy_urandom(void *buf, size_t len, const char *path, | 63 | static int getentropy_urandom(void *buf, size_t len, const char *path, | 
| 65 | int devfscheck); | 64 | int devfscheck); | 
| 66 | static int getentropy_fallback(void *buf, size_t len); | 65 | static int getentropy_fallback(void *buf, size_t len); | 
| @@ -118,22 +117,6 @@ getentropy(void *buf, size_t len) | |||
| 118 | return (ret); | 117 | return (ret); | 
| 119 | } | 118 | } | 
| 120 | 119 | ||
| 121 | /* | ||
| 122 | * Basic sanity checking; wish we could do better. | ||
| 123 | */ | ||
| 124 | static int | ||
| 125 | gotdata(char *buf, size_t len) | ||
| 126 | { | ||
| 127 | char any_set = 0; | ||
| 128 | size_t i; | ||
| 129 | |||
| 130 | for (i = 0; i < len; ++i) | ||
| 131 | any_set |= buf[i]; | ||
| 132 | if (any_set == 0) | ||
| 133 | return (-1); | ||
| 134 | return (0); | ||
| 135 | } | ||
| 136 | |||
| 137 | static int | 120 | static int | 
| 138 | getentropy_urandom(void *buf, size_t len, const char *path, int devfscheck) | 121 | getentropy_urandom(void *buf, size_t len, const char *path, int devfscheck) | 
| 139 | { | 122 | { | 
| @@ -179,10 +162,8 @@ start: | |||
| 179 | i += ret; | 162 | i += ret; | 
| 180 | } | 163 | } | 
| 181 | close(fd); | 164 | close(fd); | 
| 182 | if (gotdata(buf, len) == 0) { | 165 | errno = save_errno; | 
| 183 | errno = save_errno; | 166 | return (0); /* satisfied */ | 
| 184 | return (0); /* satisfied */ | ||
| 185 | } | ||
| 186 | nodevrandom: | 167 | nodevrandom: | 
| 187 | errno = EIO; | 168 | errno = EIO; | 
| 188 | return (-1); | 169 | return (-1); | 
| @@ -416,10 +397,6 @@ getentropy_fallback(void *buf, size_t len) | |||
| 416 | } | 397 | } | 
| 417 | explicit_bzero(&ctx, sizeof ctx); | 398 | explicit_bzero(&ctx, sizeof ctx); | 
| 418 | explicit_bzero(results, sizeof results); | 399 | explicit_bzero(results, sizeof results); | 
| 419 | if (gotdata(buf, len) == 0) { | 400 | errno = save_errno; | 
| 420 | errno = save_errno; | 401 | return (0); /* satisfied */ | 
| 421 | return (0); /* satisfied */ | ||
| 422 | } | ||
| 423 | errno = EIO; | ||
| 424 | return (-1); | ||
| 425 | } | 402 | } | 
| diff --git a/src/lib/libcrypto/arc4random/getentropy_hpux.c b/src/lib/libcrypto/arc4random/getentropy_hpux.c index 3ae6a6aa42..7208aa44c4 100644 --- a/src/lib/libcrypto/arc4random/getentropy_hpux.c +++ b/src/lib/libcrypto/arc4random/getentropy_hpux.c | |||
| @@ -1,4 +1,4 @@ | |||
| 1 | /* $OpenBSD: getentropy_hpux.c,v 1.5 2016/08/07 03:27:21 tb Exp $ */ | 1 | /* $OpenBSD: getentropy_hpux.c,v 1.6 2018/11/20 08:04:28 deraadt Exp $ */ | 
| 2 | 2 | ||
| 3 | /* | 3 | /* | 
| 4 | * Copyright (c) 2014 Theo de Raadt <deraadt@openbsd.org> | 4 | * Copyright (c) 2014 Theo de Raadt <deraadt@openbsd.org> | 
| @@ -64,7 +64,6 @@ | |||
| 64 | 64 | ||
| 65 | int getentropy(void *buf, size_t len); | 65 | int getentropy(void *buf, size_t len); | 
| 66 | 66 | ||
| 67 | static int gotdata(char *buf, size_t len); | ||
| 68 | static int getentropy_urandom(void *buf, size_t len, const char *path, | 67 | static int getentropy_urandom(void *buf, size_t len, const char *path, | 
| 69 | int devfscheck); | 68 | int devfscheck); | 
| 70 | static int getentropy_fallback(void *buf, size_t len); | 69 | static int getentropy_fallback(void *buf, size_t len); | 
| @@ -122,22 +121,6 @@ getentropy(void *buf, size_t len) | |||
| 122 | return (ret); | 121 | return (ret); | 
| 123 | } | 122 | } | 
| 124 | 123 | ||
| 125 | /* | ||
| 126 | * Basic sanity checking; wish we could do better. | ||
| 127 | */ | ||
| 128 | static int | ||
| 129 | gotdata(char *buf, size_t len) | ||
| 130 | { | ||
| 131 | char any_set = 0; | ||
| 132 | size_t i; | ||
| 133 | |||
| 134 | for (i = 0; i < len; ++i) | ||
| 135 | any_set |= buf[i]; | ||
| 136 | if (any_set == 0) | ||
| 137 | return (-1); | ||
| 138 | return (0); | ||
| 139 | } | ||
| 140 | |||
| 141 | static int | 124 | static int | 
| 142 | getentropy_urandom(void *buf, size_t len, const char *path, int devfscheck) | 125 | getentropy_urandom(void *buf, size_t len, const char *path, int devfscheck) | 
| 143 | { | 126 | { | 
| @@ -183,10 +166,8 @@ start: | |||
| 183 | i += ret; | 166 | i += ret; | 
| 184 | } | 167 | } | 
| 185 | close(fd); | 168 | close(fd); | 
| 186 | if (gotdata(buf, len) == 0) { | 169 | errno = save_errno; | 
| 187 | errno = save_errno; | 170 | return (0); /* satisfied */ | 
| 188 | return (0); /* satisfied */ | ||
| 189 | } | ||
| 190 | nodevrandom: | 171 | nodevrandom: | 
| 191 | errno = EIO; | 172 | errno = EIO; | 
| 192 | return (-1); | 173 | return (-1); | 
| @@ -410,10 +391,6 @@ getentropy_fallback(void *buf, size_t len) | |||
| 410 | } | 391 | } | 
| 411 | explicit_bzero(&ctx, sizeof ctx); | 392 | explicit_bzero(&ctx, sizeof ctx); | 
| 412 | explicit_bzero(results, sizeof results); | 393 | explicit_bzero(results, sizeof results); | 
| 413 | if (gotdata(buf, len) == 0) { | 394 | errno = save_errno; | 
| 414 | errno = save_errno; | 395 | return (0); /* satisfied */ | 
| 415 | return (0); /* satisfied */ | ||
| 416 | } | ||
| 417 | errno = EIO; | ||
| 418 | return (-1); | ||
| 419 | } | 396 | } | 
| diff --git a/src/lib/libcrypto/arc4random/getentropy_linux.c b/src/lib/libcrypto/arc4random/getentropy_linux.c index 408d7fda34..6b220be311 100644 --- a/src/lib/libcrypto/arc4random/getentropy_linux.c +++ b/src/lib/libcrypto/arc4random/getentropy_linux.c | |||
| @@ -1,4 +1,4 @@ | |||
| 1 | /* $OpenBSD: getentropy_linux.c,v 1.45 2018/03/13 22:53:28 bcook Exp $ */ | 1 | /* $OpenBSD: getentropy_linux.c,v 1.46 2018/11/20 08:04:28 deraadt Exp $ */ | 
| 2 | 2 | ||
| 3 | /* | 3 | /* | 
| 4 | * Copyright (c) 2014 Theo de Raadt <deraadt@openbsd.org> | 4 | * Copyright (c) 2014 Theo de Raadt <deraadt@openbsd.org> | 
| @@ -73,7 +73,6 @@ | |||
| 73 | 73 | ||
| 74 | int getentropy(void *buf, size_t len); | 74 | int getentropy(void *buf, size_t len); | 
| 75 | 75 | ||
| 76 | static int gotdata(char *buf, size_t len); | ||
| 77 | #if defined(SYS_getrandom) && defined(GRND_NONBLOCK) | 76 | #if defined(SYS_getrandom) && defined(GRND_NONBLOCK) | 
| 78 | static int getentropy_getrandom(void *buf, size_t len); | 77 | static int getentropy_getrandom(void *buf, size_t len); | 
| 79 | #endif | 78 | #endif | 
| @@ -177,22 +176,6 @@ getentropy(void *buf, size_t len) | |||
| 177 | return (ret); | 176 | return (ret); | 
| 178 | } | 177 | } | 
| 179 | 178 | ||
| 180 | /* | ||
| 181 | * Basic sanity checking; wish we could do better. | ||
| 182 | */ | ||
| 183 | static int | ||
| 184 | gotdata(char *buf, size_t len) | ||
| 185 | { | ||
| 186 | char any_set = 0; | ||
| 187 | size_t i; | ||
| 188 | |||
| 189 | for (i = 0; i < len; ++i) | ||
| 190 | any_set |= buf[i]; | ||
| 191 | if (any_set == 0) | ||
| 192 | return (-1); | ||
| 193 | return (0); | ||
| 194 | } | ||
| 195 | |||
| 196 | #if defined(SYS_getrandom) && defined(GRND_NONBLOCK) | 179 | #if defined(SYS_getrandom) && defined(GRND_NONBLOCK) | 
| 197 | static int | 180 | static int | 
| 198 | getentropy_getrandom(void *buf, size_t len) | 181 | getentropy_getrandom(void *buf, size_t len) | 
| @@ -261,10 +244,8 @@ start: | |||
| 261 | i += ret; | 244 | i += ret; | 
| 262 | } | 245 | } | 
| 263 | close(fd); | 246 | close(fd); | 
| 264 | if (gotdata(buf, len) == 0) { | 247 | errno = save_errno; | 
| 265 | errno = save_errno; | 248 | return (0); /* satisfied */ | 
| 266 | return (0); /* satisfied */ | ||
| 267 | } | ||
| 268 | nodevrandom: | 249 | nodevrandom: | 
| 269 | errno = EIO; | 250 | errno = EIO; | 
| 270 | return (-1); | 251 | return (-1); | 
| @@ -292,10 +273,8 @@ getentropy_sysctl(void *buf, size_t len) | |||
| 292 | goto sysctlfailed; | 273 | goto sysctlfailed; | 
| 293 | i += chunk; | 274 | i += chunk; | 
| 294 | } | 275 | } | 
| 295 | if (gotdata(buf, len) == 0) { | 276 | errno = save_errno; | 
| 296 | errno = save_errno; | 277 | return (0); /* satisfied */ | 
| 297 | return (0); /* satisfied */ | ||
| 298 | } | ||
| 299 | sysctlfailed: | 278 | sysctlfailed: | 
| 300 | errno = EIO; | 279 | errno = EIO; | 
| 301 | return (-1); | 280 | return (-1); | 
| @@ -541,10 +520,6 @@ getentropy_fallback(void *buf, size_t len) | |||
| 541 | } | 520 | } | 
| 542 | explicit_bzero(&ctx, sizeof ctx); | 521 | explicit_bzero(&ctx, sizeof ctx); | 
| 543 | explicit_bzero(results, sizeof results); | 522 | explicit_bzero(results, sizeof results); | 
| 544 | if (gotdata(buf, len) == 0) { | 523 | errno = save_errno; | 
| 545 | errno = save_errno; | 524 | return (0); /* satisfied */ | 
| 546 | return (0); /* satisfied */ | ||
| 547 | } | ||
| 548 | errno = EIO; | ||
| 549 | return (-1); | ||
| 550 | } | 525 | } | 
| diff --git a/src/lib/libcrypto/arc4random/getentropy_osx.c b/src/lib/libcrypto/arc4random/getentropy_osx.c index 2a5f83f3bb..26dcc824de 100644 --- a/src/lib/libcrypto/arc4random/getentropy_osx.c +++ b/src/lib/libcrypto/arc4random/getentropy_osx.c | |||
| @@ -1,4 +1,4 @@ | |||
| 1 | /* $OpenBSD: getentropy_osx.c,v 1.11 2016/09/03 15:24:09 bcook Exp $ */ | 1 | /* $OpenBSD: getentropy_osx.c,v 1.12 2018/11/20 08:04:28 deraadt Exp $ */ | 
| 2 | 2 | ||
| 3 | /* | 3 | /* | 
| 4 | * Copyright (c) 2014 Theo de Raadt <deraadt@openbsd.org> | 4 | * Copyright (c) 2014 Theo de Raadt <deraadt@openbsd.org> | 
| @@ -82,7 +82,6 @@ | |||
| 82 | 82 | ||
| 83 | int getentropy(void *buf, size_t len); | 83 | int getentropy(void *buf, size_t len); | 
| 84 | 84 | ||
| 85 | static int gotdata(char *buf, size_t len); | ||
| 86 | static int getentropy_urandom(void *buf, size_t len); | 85 | static int getentropy_urandom(void *buf, size_t len); | 
| 87 | static int getentropy_fallback(void *buf, size_t len); | 86 | static int getentropy_fallback(void *buf, size_t len); | 
| 88 | 87 | ||
| @@ -142,22 +141,6 @@ getentropy(void *buf, size_t len) | |||
| 142 | return (ret); | 141 | return (ret); | 
| 143 | } | 142 | } | 
| 144 | 143 | ||
| 145 | /* | ||
| 146 | * Basic sanity checking; wish we could do better. | ||
| 147 | */ | ||
| 148 | static int | ||
| 149 | gotdata(char *buf, size_t len) | ||
| 150 | { | ||
| 151 | char any_set = 0; | ||
| 152 | size_t i; | ||
| 153 | |||
| 154 | for (i = 0; i < len; ++i) | ||
| 155 | any_set |= buf[i]; | ||
| 156 | if (any_set == 0) | ||
| 157 | return (-1); | ||
| 158 | return (0); | ||
| 159 | } | ||
| 160 | |||
| 161 | static int | 144 | static int | 
| 162 | getentropy_urandom(void *buf, size_t len) | 145 | getentropy_urandom(void *buf, size_t len) | 
| 163 | { | 146 | { | 
| @@ -203,10 +186,8 @@ start: | |||
| 203 | i += ret; | 186 | i += ret; | 
| 204 | } | 187 | } | 
| 205 | close(fd); | 188 | close(fd); | 
| 206 | if (gotdata(buf, len) == 0) { | 189 | errno = save_errno; | 
| 207 | errno = save_errno; | 190 | return (0); /* satisfied */ | 
| 208 | return (0); /* satisfied */ | ||
| 209 | } | ||
| 210 | nodevrandom: | 191 | nodevrandom: | 
| 211 | errno = EIO; | 192 | errno = EIO; | 
| 212 | return (-1); | 193 | return (-1); | 
| @@ -431,10 +412,6 @@ getentropy_fallback(void *buf, size_t len) | |||
| 431 | } | 412 | } | 
| 432 | explicit_bzero(&ctx, sizeof ctx); | 413 | explicit_bzero(&ctx, sizeof ctx); | 
| 433 | explicit_bzero(results, sizeof results); | 414 | explicit_bzero(results, sizeof results); | 
| 434 | if (gotdata(buf, len) == 0) { | 415 | errno = save_errno; | 
| 435 | errno = save_errno; | 416 | return (0); /* satisfied */ | 
| 436 | return (0); /* satisfied */ | ||
| 437 | } | ||
| 438 | errno = EIO; | ||
| 439 | return (-1); | ||
| 440 | } | 417 | } | 
| diff --git a/src/lib/libcrypto/arc4random/getentropy_solaris.c b/src/lib/libcrypto/arc4random/getentropy_solaris.c index f0fcdcf28b..b80c84de9e 100644 --- a/src/lib/libcrypto/arc4random/getentropy_solaris.c +++ b/src/lib/libcrypto/arc4random/getentropy_solaris.c | |||
| @@ -1,4 +1,4 @@ | |||
| 1 | /* $OpenBSD: getentropy_solaris.c,v 1.12 2016/08/07 03:27:21 tb Exp $ */ | 1 | /* $OpenBSD: getentropy_solaris.c,v 1.13 2018/11/20 08:04:28 deraadt Exp $ */ | 
| 2 | 2 | ||
| 3 | /* | 3 | /* | 
| 4 | * Copyright (c) 2014 Theo de Raadt <deraadt@openbsd.org> | 4 | * Copyright (c) 2014 Theo de Raadt <deraadt@openbsd.org> | 
| @@ -68,7 +68,6 @@ | |||
| 68 | 68 | ||
| 69 | int getentropy(void *buf, size_t len); | 69 | int getentropy(void *buf, size_t len); | 
| 70 | 70 | ||
| 71 | static int gotdata(char *buf, size_t len); | ||
| 72 | static int getentropy_urandom(void *buf, size_t len, const char *path, | 71 | static int getentropy_urandom(void *buf, size_t len, const char *path, | 
| 73 | int devfscheck); | 72 | int devfscheck); | 
| 74 | static int getentropy_fallback(void *buf, size_t len); | 73 | static int getentropy_fallback(void *buf, size_t len); | 
| @@ -148,22 +147,6 @@ getentropy(void *buf, size_t len) | |||
| 148 | return (ret); | 147 | return (ret); | 
| 149 | } | 148 | } | 
| 150 | 149 | ||
| 151 | /* | ||
| 152 | * Basic sanity checking; wish we could do better. | ||
| 153 | */ | ||
| 154 | static int | ||
| 155 | gotdata(char *buf, size_t len) | ||
| 156 | { | ||
| 157 | char any_set = 0; | ||
| 158 | size_t i; | ||
| 159 | |||
| 160 | for (i = 0; i < len; ++i) | ||
| 161 | any_set |= buf[i]; | ||
| 162 | if (any_set == 0) | ||
| 163 | return (-1); | ||
| 164 | return (0); | ||
| 165 | } | ||
| 166 | |||
| 167 | static int | 150 | static int | 
| 168 | getentropy_urandom(void *buf, size_t len, const char *path, int devfscheck) | 151 | getentropy_urandom(void *buf, size_t len, const char *path, int devfscheck) | 
| 169 | { | 152 | { | 
| @@ -210,10 +193,8 @@ start: | |||
| 210 | i += ret; | 193 | i += ret; | 
| 211 | } | 194 | } | 
| 212 | close(fd); | 195 | close(fd); | 
| 213 | if (gotdata(buf, len) == 0) { | 196 | errno = save_errno; | 
| 214 | errno = save_errno; | 197 | return (0); /* satisfied */ | 
| 215 | return (0); /* satisfied */ | ||
| 216 | } | ||
| 217 | nodevrandom: | 198 | nodevrandom: | 
| 218 | errno = EIO; | 199 | errno = EIO; | 
| 219 | return (-1); | 200 | return (-1); | 
| @@ -436,10 +417,6 @@ getentropy_fallback(void *buf, size_t len) | |||
| 436 | } | 417 | } | 
| 437 | explicit_bzero(&ctx, sizeof ctx); | 418 | explicit_bzero(&ctx, sizeof ctx); | 
| 438 | explicit_bzero(results, sizeof results); | 419 | explicit_bzero(results, sizeof results); | 
| 439 | if (gotdata(buf, len) == 0) { | 420 | errno = save_errno; | 
| 440 | errno = save_errno; | 421 | return (0); /* satisfied */ | 
| 441 | return (0); /* satisfied */ | ||
| 442 | } | ||
| 443 | errno = EIO; | ||
| 444 | return (-1); | ||
| 445 | } | 422 | } | 
