nhyatt/putty-source
1
0
Fork 0
mirror of https://git.tartarus.org/simon/putty.git synced 2025-01-25 01:02:24 +00:00
Code Issues Projects Releases Wiki Activity

Windows PuTTYgen: bound entropy input by PRNG state size.

Browse Source 
Although I've reinstated the tedious manual mouse input, I can at
least reduce the amount of it that the user is required to provide:
the new PRNG has a hard limit on the size of its seed, so once we've
generated enough entropy to fill that up, there's no point in
collecting more, even if we're generating a particularly large key.
This commit is contained in:
Simon Tatham 2019-02-10 13:43:14 +00:00
parent 4d288dc3e9
commit 22131a51fa
5 changed files with 21 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
putty.h
View File

@ -1709,6 +1709,8 @@ void random_setup_special();
/* Manually drop a random seed into the random number generator, e.g. /* Manually drop a random seed into the random number generator, e.g.
* just before generating a key. */ * just before generating a key. */
void random_reseed(ptrlen seed); void random_reseed(ptrlen seed);
/* Limit on how much entropy is worth putting into the generator (bits). */
size_t random_seed_bits(void);
/* /*
* Exports from pinger.c. * Exports from pinger.c.

1
ssh.h
View File

@ -902,6 +902,7 @@ void prng_seed_begin(prng *p);
void prng_seed_finish(prng *p); void prng_seed_finish(prng *p);
void prng_read(prng *p, void *vout, size_t size); void prng_read(prng *p, void *vout, size_t size);
void prng_add_entropy(prng *p, unsigned source_id, ptrlen data); void prng_add_entropy(prng *p, unsigned source_id, ptrlen data);
size_t prng_seed_bits(prng *p);
/* This function must be implemented by the platform, and returns a /* This function must be implemented by the platform, and returns a
* timer in milliseconds that the PRNG can use to know whether it's * timer in milliseconds that the PRNG can use to know whether it's

6
sshprng.c
View File

@ -284,3 +284,9 @@ void prng_add_entropy(prng *pr, unsigned source_id, ptrlen data)
prng_seed_finish(&pi->Prng); prng_seed_finish(&pi->Prng);
} }
} }
size_t prng_seed_bits(prng *pr)
{
prng_impl *pi = container_of(pr, prng_impl, Prng);
return pi->hashalg->hlen * 8;
}

6
sshrand.c
View File

@ -123,4 +123,10 @@ void random_get_savedata(void **data, int *len)
*data = buf; *data = buf;
} }
size_t random_seed_bits(void)
{
assert(random_active > 0);
return prng_seed_bits(global_prng);
}
#endif /* FUZZING */ #endif /* FUZZING */

6
windows/winpgen.c
View File

@ -1166,6 +1166,12 @@ static INT_PTR CALLBACK MainDlgProc(HWND hwnd, UINT msg,
else else
raw_entropy_required = 256; raw_entropy_required = 256;
/* Bound the entropy collection above by the amount of
* data we can actually fit into the PRNG. Any more
* than that and it's doing no more good. */
if (raw_entropy_required > random_seed_bits())
raw_entropy_required = random_seed_bits();
raw_entropy_buf = snewn(raw_entropy_required, unsigned char); raw_entropy_buf = snewn(raw_entropy_required, unsigned char);
if (win_read_random(raw_entropy_buf, raw_entropy_required)) { if (win_read_random(raw_entropy_buf, raw_entropy_required)) {
/* /*