mirror of
https://git.tartarus.org/simon/putty.git
synced 2025-01-10 01:48:00 +00:00
Windows PuTTYgen: bound entropy input by PRNG state size.
Although I've reinstated the tedious manual mouse input, I can at least reduce the amount of it that the user is required to provide: the new PRNG has a hard limit on the size of its seed, so once we've generated enough entropy to fill that up, there's no point in collecting more, even if we're generating a particularly large key.
This commit is contained in:
parent
4d288dc3e9
commit
22131a51fa
2
putty.h
2
putty.h
@ -1709,6 +1709,8 @@ void random_setup_special();
|
||||
/* Manually drop a random seed into the random number generator, e.g.
|
||||
* just before generating a key. */
|
||||
void random_reseed(ptrlen seed);
|
||||
/* Limit on how much entropy is worth putting into the generator (bits). */
|
||||
size_t random_seed_bits(void);
|
||||
|
||||
/*
|
||||
* Exports from pinger.c.
|
||||
|
1
ssh.h
1
ssh.h
@ -902,6 +902,7 @@ void prng_seed_begin(prng *p);
|
||||
void prng_seed_finish(prng *p);
|
||||
void prng_read(prng *p, void *vout, size_t size);
|
||||
void prng_add_entropy(prng *p, unsigned source_id, ptrlen data);
|
||||
size_t prng_seed_bits(prng *p);
|
||||
|
||||
/* This function must be implemented by the platform, and returns a
|
||||
* timer in milliseconds that the PRNG can use to know whether it's
|
||||
|
@ -284,3 +284,9 @@ void prng_add_entropy(prng *pr, unsigned source_id, ptrlen data)
|
||||
prng_seed_finish(&pi->Prng);
|
||||
}
|
||||
}
|
||||
|
||||
size_t prng_seed_bits(prng *pr)
|
||||
{
|
||||
prng_impl *pi = container_of(pr, prng_impl, Prng);
|
||||
return pi->hashalg->hlen * 8;
|
||||
}
|
||||
|
@ -123,4 +123,10 @@ void random_get_savedata(void **data, int *len)
|
||||
*data = buf;
|
||||
}
|
||||
|
||||
size_t random_seed_bits(void)
|
||||
{
|
||||
assert(random_active > 0);
|
||||
return prng_seed_bits(global_prng);
|
||||
}
|
||||
|
||||
#endif /* FUZZING */
|
||||
|
@ -1166,6 +1166,12 @@ static INT_PTR CALLBACK MainDlgProc(HWND hwnd, UINT msg,
|
||||
else
|
||||
raw_entropy_required = 256;
|
||||
|
||||
/* Bound the entropy collection above by the amount of
|
||||
* data we can actually fit into the PRNG. Any more
|
||||
* than that and it's doing no more good. */
|
||||
if (raw_entropy_required > random_seed_bits())
|
||||
raw_entropy_required = random_seed_bits();
|
||||
|
||||
raw_entropy_buf = snewn(raw_entropy_required, unsigned char);
|
||||
if (win_read_random(raw_entropy_buf, raw_entropy_required)) {
|
||||
/*
|
||||
|
Loading…
Reference in New Issue
Block a user