CVS commit: src/sbin/rndctl

Wed, 29 Apr 2020 20:25:20 -0700 

Module Name:    src
Committed By:   riastradh
Date:           Thu Apr 30 03:24:48 UTC 2020

Modified Files:
        src/sbin/rndctl: rndctl.c

Log Message:
Accept both byte orders for random seed in `rndctl -L'.

The file format was defined with a machine-dependent 32-bit integer
field (the estimated number of bits of entropy in the process that
generated it).  Take whichever byte order gives a number that is
reasonable, i.e. lower than the number of bits in the buffer.

Continue to have `rndctl -S' generate it in machine-dependent byte
order for now, so that if you roll back to an older rndctl(8) then
`rndctl -L' on the same machine will still be able to load it with
the right entropy estimate.  In a future revision, perhaps we can
change it to be little-endian.


To generate a diff of this commit:
cvs rdiff -u -r1.31 -r1.32 src/sbin/rndctl/rndctl.c

Please note that diffs are not public domain; they are subject to the
copyright notices on the relevant files.


Modified files:

Index: src/sbin/rndctl/rndctl.c
diff -u src/sbin/rndctl/rndctl.c:1.31 src/sbin/rndctl/rndctl.c:1.32
--- src/sbin/rndctl/rndctl.c:1.31	Fri Dec  6 14:43:18 2019
+++ src/sbin/rndctl/rndctl.c	Thu Apr 30 03:24:48 2020
@@ -1,4 +1,4 @@
-/*	$NetBSD: rndctl.c,v 1.31 2019/12/06 14:43:18 riastradh Exp $	*/
+/*	$NetBSD: rndctl.c,v 1.32 2020/04/30 03:24:48 riastradh Exp $	*/
 
 /*-
  * Copyright (c) 1997 Michael Graff.
@@ -33,13 +33,14 @@
 #include <sha1.h>
 
 #ifndef lint
-__RCSID("$NetBSD: rndctl.c,v 1.31 2019/12/06 14:43:18 riastradh Exp $");
+__RCSID("$NetBSD: rndctl.c,v 1.32 2020/04/30 03:24:48 riastradh Exp $");
 #endif
 
 
 #include <sys/types.h>
 #include <sys/ioctl.h>
 #include <sys/param.h>
+#include <sys/endian.h>
 #include <sys/rndio.h>
 #include <sys/sha3.h>
 
@@ -192,9 +193,8 @@ do_save(const char *filename, const void
 	    MIN(sizeof(rs.data), UINT32_MAX/NBBY)*NBBY);
 
 	/*
-	 * Compute the checksum on the 32-bit entropy count, in host
-	 * byte order (XXX this means it is not portable across
-	 * different-endian platforms!), followed by the seed data.
+	 * Compute the checksum on the 32-bit entropy count, followed
+	 * by the seed data.
 	 */
 	SHA1Init(&s);
 	SHA1Update(&s, (const uint8_t *)&rs.entropy, sizeof(rs.entropy));
@@ -309,6 +309,17 @@ do_load(const char *filename)
 		rs.entropy = 0;
 	}
 
+	/*
+	 * If the entropy is insensibly large, try byte-swapping.
+	 * Otherwise assume the file is corrupted and act as though it
+	 * has zero entropy.
+	 */
+	if (howmany(rs.entropy, NBBY) > sizeof(rs.data)) {
+		rs.entropy = bswap32(rs.entropy);
+		if (howmany(rs.entropy, NBBY) > sizeof(rs.data))
+			rs.entropy = 0;
+	}
+
 	/* Format the ioctl request.  */
 	rd.len = MIN(sizeof(rd.data), sizeof(rs.data));
 	rd.entropy = rs.entropy;

Reply via email to