1*0a6a1f1dSLionel Sambuc /* $NetBSD: rnd_keys.c,v 1.2 2014/03/27 16:26:22 apb Exp $ */
2ebfedea0SLionel Sambuc
3ebfedea0SLionel Sambuc #include "des_locl.h"
4ebfedea0SLionel Sambuc #include <sys/time.h>
5ebfedea0SLionel Sambuc #include <sys/types.h>
6ebfedea0SLionel Sambuc
7ebfedea0SLionel Sambuc #include <fcntl.h>
8ebfedea0SLionel Sambuc #include <unistd.h>
9ebfedea0SLionel Sambuc
10ebfedea0SLionel Sambuc #include <sha1.h>
11ebfedea0SLionel Sambuc
12ebfedea0SLionel Sambuc void
des_set_random_generator_seed(des_cblock * seed)13ebfedea0SLionel Sambuc des_set_random_generator_seed(des_cblock *seed)
14ebfedea0SLionel Sambuc {
15ebfedea0SLionel Sambuc
16ebfedea0SLionel Sambuc des_random_seed(seed);
17ebfedea0SLionel Sambuc }
18ebfedea0SLionel Sambuc
19ebfedea0SLionel Sambuc /*
20ebfedea0SLionel Sambuc * Generate a sequence of random des keys
21ebfedea0SLionel Sambuc * using the random block sequence, fixup
22ebfedea0SLionel Sambuc * parity and skip weak keys.
23ebfedea0SLionel Sambuc */
24ebfedea0SLionel Sambuc int
des_new_random_key(des_cblock * key)25ebfedea0SLionel Sambuc des_new_random_key(des_cblock *key)
26ebfedea0SLionel Sambuc {
27ebfedea0SLionel Sambuc int urandom;
28ebfedea0SLionel Sambuc
29ebfedea0SLionel Sambuc again:
30ebfedea0SLionel Sambuc urandom = open("/dev/urandom", O_RDONLY);
31ebfedea0SLionel Sambuc
32ebfedea0SLionel Sambuc if (urandom < 0)
33ebfedea0SLionel Sambuc des_random_key(key);
34ebfedea0SLionel Sambuc else {
35ebfedea0SLionel Sambuc if (read(urandom, key,
36ebfedea0SLionel Sambuc sizeof(des_cblock)) != sizeof(des_cblock)) {
37ebfedea0SLionel Sambuc close(urandom);
38ebfedea0SLionel Sambuc des_random_key(key);
39ebfedea0SLionel Sambuc } else
40ebfedea0SLionel Sambuc close(urandom);
41ebfedea0SLionel Sambuc }
42ebfedea0SLionel Sambuc
43ebfedea0SLionel Sambuc /* random key must have odd parity and not be weak */
44ebfedea0SLionel Sambuc des_set_odd_parity(key);
45ebfedea0SLionel Sambuc if (des_is_weak_key(key))
46ebfedea0SLionel Sambuc goto again;
47ebfedea0SLionel Sambuc
48ebfedea0SLionel Sambuc return (0);
49ebfedea0SLionel Sambuc }
50ebfedea0SLionel Sambuc
51ebfedea0SLionel Sambuc /*
52ebfedea0SLionel Sambuc * des_init_random_number_generator:
53ebfedea0SLionel Sambuc *
54ebfedea0SLionel Sambuc * This routine takes a secret key possibly shared by a number of servers
55ebfedea0SLionel Sambuc * and uses it to generate a random number stream that is not shared by
56ebfedea0SLionel Sambuc * any of the other servers. It does this by using the current process id,
57ebfedea0SLionel Sambuc * host id, and the current time to the nearest second. The resulting
58ebfedea0SLionel Sambuc * stream seed is not useful information for cracking the secret key.
59ebfedea0SLionel Sambuc * Moreover, this routine keeps no copy of the secret key.
60ebfedea0SLionel Sambuc */
61ebfedea0SLionel Sambuc void
des_init_random_number_generator(des_cblock * seed)62ebfedea0SLionel Sambuc des_init_random_number_generator(des_cblock *seed)
63ebfedea0SLionel Sambuc {
64ebfedea0SLionel Sambuc u_int64_t seed_q;
65ebfedea0SLionel Sambuc des_cblock seed_new;
66ebfedea0SLionel Sambuc SHA1_CTX sha;
67ebfedea0SLionel Sambuc
68ebfedea0SLionel Sambuc u_char results[20];
69ebfedea0SLionel Sambuc char hname[64], accum[512];
70ebfedea0SLionel Sambuc
71ebfedea0SLionel Sambuc struct timeval when;
72ebfedea0SLionel Sambuc
73ebfedea0SLionel Sambuc SHA1Init(&sha);
74ebfedea0SLionel Sambuc
75*0a6a1f1dSLionel Sambuc gethostname(hname, sizeof(hname) - 1);
76ebfedea0SLionel Sambuc gettimeofday(&when, NULL);
77ebfedea0SLionel Sambuc
78ebfedea0SLionel Sambuc memcpy(&seed_q, seed, sizeof(seed_q));
79ebfedea0SLionel Sambuc
80ebfedea0SLionel Sambuc snprintf(accum, sizeof(accum), "%ld%ld%d%s%d%lld",
81ebfedea0SLionel Sambuc when.tv_sec, when.tv_usec, getpid(), hname, getuid(),
82ebfedea0SLionel Sambuc (long long) seed_q);
83ebfedea0SLionel Sambuc
84ebfedea0SLionel Sambuc SHA1Update(&sha, (u_char *) accum, strlen(accum));
85ebfedea0SLionel Sambuc
86ebfedea0SLionel Sambuc memset(accum, 0, sizeof(accum));
87ebfedea0SLionel Sambuc
88ebfedea0SLionel Sambuc SHA1Final(results, &sha);
89ebfedea0SLionel Sambuc
90ebfedea0SLionel Sambuc memcpy(seed_new, results, sizeof(seed_new));
91ebfedea0SLionel Sambuc des_random_seed(&seed_new);
92ebfedea0SLionel Sambuc
93ebfedea0SLionel Sambuc memset(seed_new, 0, sizeof(seed_new));
94ebfedea0SLionel Sambuc memset(results, 0, sizeof(results));
95ebfedea0SLionel Sambuc }
96