On Thu, Feb 12, 2004 at 12:19:44PM +0100, Michael Bell wrote:
> Hi,
>
> I found a problem with "openssl smime -rand filename". If I specify a
> randfile then this file is not updated by apps/smime.c. The program
> calls app_RAND_write_file with a NULL pointer even if a randfile was
> specified. The result is that app_RAND_write_file in apps/app_rand.c
> tries to get a filename via RAND_file_name from crypto/rand/randfile.c.
> This function checks the environment variables RANDFILE and HOME or
> falls back to the default position.
>
> The problem is that this is a security issue because the randfile is
> never updated. We (OpenCA) work on a batch system and for such systems
> with high volumes of operations such a never changing random can be
> really critical - or at minimum I believe this today. A fix could look
> like this:
>
> OLD:
>
> if (need_rand)
> app_RAND_write_file(NULL, bio_err);
>
> NEW:
>
> if (need_rand)
> {
> if (inrand != NULL)
> app_RAND_write_file(inrand, bio_err);
> else
> app_RAND_write_file(NULL, bio_err);
> }
>
> If you agree that this is a bug then I forward it to rt.
I tend to disagree. The randfile can be the same thing as a .rnd file,
but it is actually intended to be used as a source only.
Consider the case of a process run by user root that will give
-rand /var/adm/syslog/syslog.log
as an option. This will give quite some entropy but...
Therefore ever changing entropy should be handled via .rnd file, which
_is_ updated.
Best regards,
Lutz
--
Lutz Jaenicke [EMAIL PROTECTED]
http://www.aet.TU-Cottbus.DE/personen/jaenicke/
BTU Cottbus, Allgemeine Elektrotechnik
Universitaetsplatz 3-4, D-03044 Cottbus
______________________________________________________________________
OpenSSL Project http://www.openssl.org
Development Mailing List [EMAIL PROTECTED]
Automated List Manager [EMAIL PROTECTED]
