Blow up in people's faces if they don't reseed.

2004-05-12 14:11:10 +00:00 · 2004-05-12 14:11:10 +00:00 · 72d75ee206
commit 72d75ee206
parent 49bc4c1023
6 changed files with 40 additions and 3 deletions
--- a/crypto/rand/rand.h
+++ b/crypto/rand/rand.h
@ -127,6 +127,8 @@ void ERR_load_RAND_strings(void);

 /* Reason codes. */
 #define RAND_R_NON_FIPS_METHOD				 101
+#define RAND_R_PRNG_NOT_REKEYED				 103
+#define RAND_R_PRNG_NOT_RESEEDED			 104
 #define RAND_R_PRNG_NOT_SEEDED				 100
 #define RAND_R_PRNG_STUCK				 102

--- a/crypto/rand/rand_err.c
+++ b/crypto/rand/rand_err.c
@ -75,6 +75,8 @@ static ERR_STRING_DATA RAND_str_functs[]=
 static ERR_STRING_DATA RAND_str_reasons[]=
 	{
 {RAND_R_NON_FIPS_METHOD                  ,"non fips method"},
+{RAND_R_PRNG_NOT_REKEYED                 ,"prng not rekeyed"},
+{RAND_R_PRNG_NOT_RESEEDED                ,"prng not reseeded"},
 {RAND_R_PRNG_NOT_SEEDED                  ,"PRNG not seeded"},
 {RAND_R_PRNG_STUCK                       ,"prng stuck"},
 {0,NULL}
--- a/fips/fingerprint.sha1
+++ b/fips/fingerprint.sha1
@ -1,4 +1,4 @@
-HMAC-SHA1(fips.c)= 5b66ece7a9df3e471f21937165887be733f251e0
+HMAC-SHA1(fips.c)= 01d0a11be4f9c2cb2b2a57ab6ec473f61b206de6
 HMAC-SHA1(fips_err_wrapper.c)= d3e2be316062510312269e98f964cb87e7577898
 HMAC-SHA1(fips.h)= 4496c0e51c18d30bdc0ce440c384886870a61c40
 HMAC-SHA1(fips_err.h)= f4203a47100a815c21cf3a97092f91a595938f7c
--- a/fips/fips.c
+++ b/fips/fips.c
@ -150,7 +150,11 @@ int FIPS_mode_set(int onoff,const char *path)
 	/* automagically seed PRNG if not already seeded */
 	if(!FIPS_rand_seeded())
 	    {
-	    RAND_bytes(buf,sizeof buf);
+	    if(RAND_bytes(buf,sizeof buf) <= 0)
+		{
+		FIPS_selftest_fail=1;
+		return 0;
+		}
 	    FIPS_set_prng_key(buf,buf+8);
 	    FIPS_rand_seed(buf+16,8);
 	    }
--- a/fips/rand/fingerprint.sha1
+++ b/fips/rand/fingerprint.sha1
@ -1,2 +1,2 @@
-HMAC-SHA1(fips_rand.c)= dfc608a14c5c674e9923d08bd9bb5c4b7f1bf615
+HMAC-SHA1(fips_rand.c)= 58be68c405269c9a4c35ee19642c4da982374769
 HMAC-SHA1(fips_rand.h)= 889afc9a526fe59138326134950b733627a7e9cf
--- a/fips/rand/fips_rand.c
+++ b/fips/rand/fips_rand.c
@ -84,6 +84,11 @@ static int key_set;
 static int test_mode;
 static unsigned char test_faketime[8];

+#ifndef GETPID_IS_MEANINGLESS
+static int seed_pid;
+static int key_pid;
+#endif
+
 static void fips_rand_cleanup(void);
 static void fips_rand_add(const void *buf, int num, double add_entropy);
 static int fips_rand_bytes(unsigned char *buf, int num);
@ -111,6 +116,9 @@ void FIPS_set_prng_key(const unsigned char k1[8],const unsigned char k2[8])
    memcpy(&key1,k1,sizeof key1);
    memcpy(&key2,k2,sizeof key2);
    key_set=1;
+#ifndef GETPID_IS_MEANINGLESS
+    key_pid=getpid();
+#endif
    second=0;
    }

@ -224,6 +232,10 @@ void FIPS_rand_seed(const void *buf_, int num)
 	    n_seed+=t;
 	}

+#ifndef GETPID_IS_MEANINGLESS
+    seed_pid=getpid();
+#endif
+
    CRYPTO_w_unlock(CRYPTO_LOCK_RAND);
    }

@ -239,6 +251,9 @@ static int fips_rand_bytes(unsigned char *buf,int num)
    unsigned char intermediate[SEED_SIZE];
    unsigned char output[SEED_SIZE];
    static unsigned char previous[SEED_SIZE];
+#ifndef GETPID_IS_MEANINGLESS
+    int pid;
+#endif

    if(n_seed < sizeof seed)
 	{
@ -246,6 +261,20 @@ static int fips_rand_bytes(unsigned char *buf,int num)
 	return 0;
 	}

+#ifndef GETPID_IS_MEANINGLESS
+    pid=getpid();
+    if(pid != seed_pid)
+	{
+	RANDerr(RAND_F_FIPS_RAND_BYTES,RAND_R_PRNG_NOT_RESEEDED);
+	return 0;
+	}
+    if(pid != key_pid)
+	{
+	RANDerr(RAND_F_FIPS_RAND_BYTES,RAND_R_PRNG_NOT_REKEYED);
+	return 0;
+	}
+#endif
+
    fips_gettime(timeseed);
    fips_rand_encrypt(intermediate,timeseed);