lib/libdes/ornd_keys.c

1.1  christos /*	$NetBSD: ornd_keys.c,v 1.1 2025/07/17 14:26:11 christos Exp $	*/
1.1  christos
1.1  christos #include "des_locl.h"
1.1  christos #include <sys/time.h>
1.1  christos #include <sys/types.h>
1.1  christos
1.1  christos #include <fcntl.h>
1.1  christos #include <unistd.h>
1.1  christos
1.1  christos #include <sha1.h>
1.1  christos
1.1  christos void
1.1  christos des_set_random_generator_seed(des_cblock *seed)
1.1  christos {
1.1  christos
1.1  christos 	des_random_seed(seed);
1.1  christos }
1.1  christos
1.1  christos /*
1.1  christos  * Generate a sequence of random des keys
1.1  christos  * using the random block sequence, fixup
1.1  christos  * parity and skip weak keys.
1.1  christos  */
1.1  christos int
1.1  christos des_new_random_key(des_cblock *key)
1.1  christos {
1.1  christos 	int urandom;
1.1  christos
1.1  christos  again:
1.1  christos 	urandom = open("/dev/urandom", O_RDONLY);
1.1  christos
1.1  christos 	if (urandom < 0)
1.1  christos 		des_random_key(key);
1.1  christos 	else {
1.1  christos 		if (read(urandom, key,
1.1  christos 		    sizeof(des_cblock)) != sizeof(des_cblock)) {
1.1  christos 			close(urandom);
1.1  christos 			des_random_key(key);
1.1  christos 		} else
1.1  christos 			close(urandom);
1.1  christos 	}
1.1  christos
1.1  christos 	/* random key must have odd parity and not be weak */
1.1  christos 	des_set_odd_parity(key);
1.1  christos 	if (des_is_weak_key(key))
1.1  christos 		goto again;
1.1  christos
1.1  christos 	return (0);
1.1  christos }
1.1  christos
1.1  christos /*
1.1  christos  * des_init_random_number_generator:
1.1  christos  *
1.1  christos  * This routine takes a secret key possibly shared by a number of servers
1.1  christos  * and uses it to generate a random number stream that is not shared by
1.1  christos  * any of the other servers.  It does this by using the current process id,
1.1  christos  * host id, and the current time to the nearest second.  The resulting
1.1  christos  * stream seed is not useful information for cracking the secret key.
1.1  christos  * Moreover, this routine keeps no copy of the secret key.
1.1  christos  */
1.1  christos void
1.1  christos des_init_random_number_generator(des_cblock *seed)
1.1  christos {
1.1  christos 	u_int64_t seed_q;
1.1  christos 	des_cblock seed_new;
1.1  christos 	SHA1_CTX sha;
1.1  christos
1.1  christos 	u_char results[20];
1.1  christos 	char hname[64], accum[512];
1.1  christos
1.1  christos 	struct timeval when;
1.1  christos
1.1  christos 	SHA1Init(&sha);
1.1  christos
1.1  christos 	gethostname(hname, sizeof(hname) - 1);
1.1  christos 	gettimeofday(&when, NULL);
1.1  christos
1.1  christos 	memcpy(&seed_q, seed, sizeof(seed_q));
1.1  christos
1.1  christos 	snprintf(accum, sizeof(accum), "%lld%ld%d%s%d%lld",
1.1  christos 	    (long long)when.tv_sec, (long)when.tv_usec, getpid(), hname,
1.1  christos 	    getuid(), (long long)seed_q);
1.1  christos
1.1  christos 	SHA1Update(&sha, (u_char *) accum, strlen(accum));
1.1  christos
1.1  christos 	memset(accum, 0, sizeof(accum));
1.1  christos
1.1  christos 	SHA1Final(results, &sha);
1.1  christos
1.1  christos 	memcpy(seed_new, results, sizeof(seed_new));
1.1  christos 	des_random_seed(&seed_new);
1.1  christos
1.1  christos 	memset(seed_new, 0, sizeof(seed_new));
1.1  christos 	memset(results, 0, sizeof(results));
1.1  christos }