Attachment 3605 Details for Bug 3467 – Make rekey interval less predictable.

[patch] Make rekey interval less predictable.

0001-Adapted-from-OpenBSD-arc4random-upstream-make-rekey-.patch (text/plain), 1.34 KB, created by Loganaden Velvindron on 2022-08-03 21:41:33 AEST

(hide)

Description:

Filename:

MIME Type:

Creator: Loganaden Velvindron

Created: 2022-08-03 21:41:33 AEST

Size: 1.34 KB

patch

obsolete

>From 4ea18c7028a143502fbea135beb7aa42a2ebf293 Mon Sep 17 00:00:00 2001
>From: Loganaden Velvindron <logan@cyberstorm.mu>
>Date: Wed, 3 Aug 2022 15:38:37 +0400
>Subject: [PATCH] Adapted from OpenBSD arc4random upstream: make rekey interval
> less predictable
>
>Signed-off-by: Loganaden Velvindron <logan@cyberstorm.mu>
>---
> openbsd-compat/arc4random.c | 8 +++++++-
> 1 file changed, 7 insertions(+), 1 deletion(-)
>
>diff --git a/openbsd-compat/arc4random.c b/openbsd-compat/arc4random.c
>index ce5f054f..0eea1f4f 100644
>--- a/openbsd-compat/arc4random.c
>+++ b/openbsd-compat/arc4random.c
>@@ -65,6 +65,8 @@
> #define IVSZ	8
> #define BLOCKSZ	64
> #define RSBUFSZ	(16*BLOCKSZ)
>+#define REKEY_BASE (1024*1024) /* NB. should be a power of 2 */
>+
> static int rs_initialized;
> static pid_t rs_stir_pid;
> static chacha_ctx rs;		/* chacha context for random keystream */
>@@ -125,6 +127,7 @@ static void
> _rs_stir(void)
> {
> 	u_char rnd[KEYSZ + IVSZ];
>+	uint32_t rekey_fuzz = 0;
> 
> #ifdef WITH_OPENSSL
> 	if (RAND_bytes(rnd, sizeof(rnd)) <= 0)
>@@ -145,7 +148,10 @@ _rs_stir(void)
> 	rs_have = 0;
> 	memset(rs_buf, 0, RSBUFSZ);
> 
>-	rs_count = 1600000;
>+	/* rekey interval should not be predictable */
>+	chacha_encrypt_bytes(&rs, (uint8_t *)&rekey_fuzz,
>+	     (uint8_t *)&rekey_fuzz, sizeof(rekey_fuzz));
>+	rs_count = REKEY_BASE + (rekey_fuzz % REKEY_BASE);
> }
> 
> static inline void
>-- 
>2.17.1
>

Actions: View | Diff

Attachments on bug 3467: 3605 | 3606 | 3607 | 3608 | 3609