diff options
author | Damien Miller <djm@cvs.openbsd.org> | 2003-11-26 21:40:09 +0000 |
---|---|---|
committer | Damien Miller <djm@cvs.openbsd.org> | 2003-11-26 21:40:09 +0000 |
commit | 15344b1f957fb5130cef1de67610b7542784fb12 (patch) | |
tree | 4747addd8a227f69cac7317fe5b2ced3a9496e19 /lib/libc/crypt/arc4random.c | |
parent | 07159db459d0b6dc201c6202e5c9325e9a4201e7 (diff) |
Discard first 256 bytes of keystream, as per recommendation in
"Weaknesses in the Key Scheduling Algorithm of RC4", Fluhrer, Mantin and
Shamir. ok itojun@
Diffstat (limited to 'lib/libc/crypt/arc4random.c')
-rw-r--r-- | lib/libc/crypt/arc4random.c | 11 |
1 files changed, 10 insertions, 1 deletions
diff --git a/lib/libc/crypt/arc4random.c b/lib/libc/crypt/arc4random.c index 5e3b2925a68..5b376488ec0 100644 --- a/lib/libc/crypt/arc4random.c +++ b/lib/libc/crypt/arc4random.c @@ -1,4 +1,4 @@ -/* $OpenBSD: arc4random.c,v 1.9 2003/08/16 19:07:40 tedu Exp $ */ +/* $OpenBSD: arc4random.c,v 1.10 2003/11/26 21:40:08 djm Exp $ */ /* * Arc4 random number generator for OpenBSD. @@ -48,6 +48,8 @@ static int rs_initialized; static struct arc4_stream rs; static pid_t arc4_stir_pid; +static inline u_int8_t arc4_getbyte(struct arc4_stream *); + static inline void arc4_init(struct arc4_stream *as) { @@ -98,6 +100,13 @@ arc4_stir(struct arc4_stream *as) arc4_stir_pid = getpid(); arc4_addrandom(as, (void *) &rdat, sizeof(rdat)); + + /* + * Discard early keystream, as per recommendations in: + * http://www.wisdom.weizmann.ac.il/~itsik/RC4/Papers/Rc4_ksa.ps + */ + for (i = 0; i < 256; i++) + (void) arc4_getbyte(as); } static inline u_int8_t |