From cb19aa7c716653ce4082bec8c260f71aff22e1e2 Mon Sep 17 00:00:00 2001 From: Michael Shalayeff Date: Fri, 14 Jun 2002 00:07:58 +0000 Subject: from freebsd: Throw away the first N words of output, as suggested in the paper "Weaknesses in the Key Scheduling Algorithm of RC4" by Fluher, Mantin, and Shamir. (N = 256 in our case.) --- sys/dev/rnd.c | 40 ++++++++++++++++++++++++---------------- 1 file changed, 24 insertions(+), 16 deletions(-) (limited to 'sys/dev') diff --git a/sys/dev/rnd.c b/sys/dev/rnd.c index 368e458e484..97dc61a264f 100644 --- a/sys/dev/rnd.c +++ b/sys/dev/rnd.c @@ -1,4 +1,4 @@ -/* $OpenBSD: rnd.c,v 1.58 2002/05/27 01:59:58 deraadt Exp $ */ +/* $OpenBSD: rnd.c,v 1.59 2002/06/14 00:07:57 mickey Exp $ */ /* * random.c -- A strong random number generator @@ -481,6 +481,22 @@ void arc4maybeinit(void); * RC4 is a registered trademark of RSA Laboratories. */ +static __inline u_int8_t +arc4_getbyte(void) +{ + register u_int8_t si, sj; + + rndstats.arc4_reads++; + arc4random_state.cnt++; + arc4random_state.i++; + si = arc4random_state.s[arc4random_state.i]; + arc4random_state.j += si; + sj = arc4random_state.s[arc4random_state.j]; + arc4random_state.s[arc4random_state.i] = sj; + arc4random_state.s[arc4random_state.j] = si; + return arc4random_state.s[(si + sj) & 0xff]; +} + static __inline void arc4_stir(void) { @@ -511,22 +527,14 @@ arc4_stir(void) rndstats.arc4_stirs += len; rndstats.arc4_nstirs++; splx(s); -} -static __inline u_int8_t -arc4_getbyte(void) -{ - register u_int8_t si, sj; - - rndstats.arc4_reads++; - arc4random_state.cnt++; - arc4random_state.i++; - si = arc4random_state.s[arc4random_state.i]; - arc4random_state.j += si; - sj = arc4random_state.s[arc4random_state.j]; - arc4random_state.s[arc4random_state.i] = sj; - arc4random_state.s[arc4random_state.j] = si; - return arc4random_state.s[(si + sj) & 0xff]; + /* + * Throw away the first N words of output, as suggested in the + * paper "Weaknesses in the Key Scheduling Algorithm of RC4" + * by Fluher, Mantin, and Shamir. (N = 256 in our case.) + */ + for (n = 0; n < 256 * 4; n++) + arc4_getbyte(); } void -- cgit v1.2.3