cmdgen: option to specify the random number device to use.

E.g. you might pass '--random-device=/dev/urandom'. Mostly because I got sick of waiting for /dev/random to finish blocking while I was trying to generate throwaway keys for testing bug fixes in cmdgen itself. But it might also be useful on systems that call their random device by a different name that we haven't encountered. (Since cmdgen also reads the saved PuTTY random seed file, setting this option to /dev/zero will not render key generation deterministic. It's tempting to provide _some_ way to do that, for testing purposes and clearly marked as dangerous of course, but I think it would take more faff than this.)
2025-07-09 15:23:50 -05:00 · 2016-03-30 08:17:03 +01:00
parent ad87950539
commit 435b29da88
3 changed files with 27 additions and 7 deletions
--- a/cmdgen.c
+++ b/cmdgen.c
@ -37,7 +37,7 @@
 *    run tests.
 */
 #define get_random_data get_random_data_diagnostic
-char *get_random_data(int len)
+char *get_random_data(int len, const char *device)
 {
    char *buf = snewn(len, char);
    memset(buf, 'x', len);
@ -177,6 +177,8 @@ void help(void)
 	    "        specify file containing old key passphrase\n"
 	    "  --new-passphrase file\n"
 	    "        specify file containing new key passphrase\n"
+	    "  --random-device device\n"
+	    "        specify device to read entropy from (e.g. /dev/urandom)\n"
 	    );
 }

@ -245,6 +247,7 @@ int main(int argc, char **argv)
    char *old_passphrase = NULL, *new_passphrase = NULL;
    int load_encrypted;
    progfn_t progressfn = is_interactive() ? progress_update : no_progress;
+    const char *random_device = NULL;

    /* ------------------------------------------------------------------
     * Parse the command line to figure out what we've been asked to do.
@ -338,6 +341,16 @@ int main(int argc, char **argv)
 				if (!new_passphrase)
 				    errs = TRUE;
 			    }
+			} else if (!strcmp(opt, "-random-device")) {
+			    if (!val && argc > 1)
+				--argc, val = *++argv;
+			    if (!val) {
+				errs = TRUE;
+				fprintf(stderr, "puttygen: option `-%s'"
+					" expects an argument\n", opt);
+			    } else {
+                                random_device = val;
+			    }
 			} else {
 			    errs = TRUE;
 			    fprintf(stderr,
@ -677,7 +690,7 @@ int main(int argc, char **argv)
 	    strftime(default_comment, 30, "rsa-key-%Y%m%d", &tm);

 	random_ref();
-	entropy = get_random_data(bits / 8);
+	entropy = get_random_data(bits / 8, random_device);
 	if (!entropy) {
 	    fprintf(stderr, "puttygen: failed to collect entropy, "
 		    "could not generate key\n");