On 28.02.2012 1:37, Fabian Knittel wrote:
Hi Igor,
2012/2/27 Igor Novgorodov<i...@novg.net>:
The attached patch adds checking for PolarSSL version on crypto_polarssl.c
and depending on which version we are using (1.0.x or 1.1.x) chooses a new
shiny havege_random() function, or an old ugly while{} loop hack to generate
randomness.
Your patch removes the code that causes havege_init() to only be
called once. You never want to initialise your PRNG more than once,
otherwise you increase the risk that your randomness is predictable.
So please revert that part of your patch.
Yes, my fault. I didn't notice that the variable was static, so i though
that it
was local-scope only and removed the check... The fixed patch is attached
(The rest looks fine, although I haven't tested it and don't have any
experience with PolarSSL.)
Cheers
Fabian
--- a/crypto_polarssl.c
+++ b/crypto_polarssl.c
@@ -41,6 +41,7 @@
#include <polarssl/md5.h>
#include <polarssl/cipher.h>
#include <polarssl/havege.h>
+#include <polarssl/version.h>
/*
*
@@ -158,7 +159,6 @@
{
static havege_state hs = {0};
static bool hs_initialised = false;
- const int int_size = sizeof(int);
if (!hs_initialised)
{
@@ -167,15 +167,21 @@
hs_initialised = true;
}
+#if (POLARSSL_VERSION_MAJOR >= 1 && POLARSSL_VERSION_MINOR >= 1)
+ havege_random(&hs, output, len);
+#else
+ const int int_size = sizeof(int);
+
while (len > 0)
{
- const int blen = min_int (len, int_size);
- const int rand_int = havege_rand(&hs);
+ const int blen = min_int (len, int_size);
+ const int rand_int = havege_rand(&hs);
memcpy (output, &rand_int, blen);
output += blen;
len -= blen;
}
+#endif
return 1;
}
