On Thu, Feb 12, 2004 at 12:19:44PM +0100, Michael Bell wrote: > Hi, > > I found a problem with "openssl smime -rand filename". If I specify a > randfile then this file is not updated by apps/smime.c. The program > calls app_RAND_write_file with a NULL pointer even if a randfile was > specified. The result is that app_RAND_write_file in apps/app_rand.c > tries to get a filename via RAND_file_name from crypto/rand/randfile.c. > This function checks the environment variables RANDFILE and HOME or > falls back to the default position. > > The problem is that this is a security issue because the randfile is > never updated. We (OpenCA) work on a batch system and for such systems > with high volumes of operations such a never changing random can be > really critical - or at minimum I believe this today. A fix could look > like this: > > OLD: > > if (need_rand) > app_RAND_write_file(NULL, bio_err); > > NEW: > > if (need_rand) > { > if (inrand != NULL) > app_RAND_write_file(inrand, bio_err); > else > app_RAND_write_file(NULL, bio_err); > } > > If you agree that this is a bug then I forward it to rt.
I tend to disagree. The randfile can be the same thing as a .rnd file, but it is actually intended to be used as a source only. Consider the case of a process run by user root that will give -rand /var/adm/syslog/syslog.log as an option. This will give quite some entropy but... Therefore ever changing entropy should be handled via .rnd file, which _is_ updated. Best regards, Lutz -- Lutz Jaenicke [EMAIL PROTECTED] http://www.aet.TU-Cottbus.DE/personen/jaenicke/ BTU Cottbus, Allgemeine Elektrotechnik Universitaetsplatz 3-4, D-03044 Cottbus ______________________________________________________________________ OpenSSL Project http://www.openssl.org Development Mailing List [EMAIL PROTECTED] Automated List Manager [EMAIL PROTECTED]