Take the random number generator back out of Pageant: the `random'

numbers needed for RSA blinding are now done deterministically by hashes of the private key, much the same way we do it for DSA. [originally from svn r3149]
2025-07-14 09:37:34 -05:00 · 2003-04-27 09:45:35 +00:00
parent 1f5780ad9f
commit dca1486602
3 changed files with 71 additions and 8 deletions
--- a/pageant.c
+++ b/pageant.c
@ -127,6 +127,24 @@ static void *make_keylist2(int *length);
 static void *get_keylist1(void);
 static void *get_keylist2(void);

+/*
+ * We need this to link with the RSA code, because rsaencrypt()
+ * pads its data with random bytes. Since we only use rsadecrypt()
+ * and the signing functions, which are deterministic, this should
+ * never be called.
+ *
+ * If it _is_ called, there is a _serious_ problem, because it
+ * won't generate true random numbers. So we must scream, panic,
+ * and exit immediately if that should happen.
+ */
+int random_byte(void)
+{
+    MessageBox(main_hwnd, "Internal Error", APPNAME, MB_OK | MB_ICONERROR);
+    exit(0);
+    /* this line can't be reached but it placates MSVC's warnings :-) */
+    return 0;
+}
+
 /*
 * Blob structure for passing to the asymmetric SSH2 key compare
 * function, prototyped here.
@ -1929,11 +1947,6 @@ int WINAPI WinMain(HINSTANCE inst, HINSTANCE prev, LPSTR cmdline, int show)

    }

-    /*
-     * Initialise the random number generator.
-     */
-    random_init();
-
    /*
     * Initialise storage for short-term passphrase cache.
     */