PolarSSL 1.0 and earlier use only the Havege RNG. Havege is based on timing
certain operations, using the RDTSC instruction. Although this is fine on
bare metal PCs, the RDTSC instruction is virtualised on some virtual
machine implementations. This can result in issues on those virtual
machines. PolarSSL fixes this potential issue by also using platform
entropy.
To ensure that OpenVPN is always built against a decent RNG, PolarSSL <1.1
is therefore no longer supported.
Signed-off-by: Adriaan de Jong <dejong@fox-it.com>
Acked-by: David Sommerseth <davids@redhat.com>
Message-Id:
1333351687-3732-4-git-send-email-dejong@fox-it.com
URL: http://article.gmane.org/gmane.network.openvpn.devel/6211
Signed-off-by: David Sommerseth <davids@redhat.com>
#include <polarssl/cipher.h>
#include <polarssl/havege.h>
-#if (POLARSSL_VERSION_NUMBER >= 0x01010000)
#include <polarssl/entropy.h>
-#endif
/*
*
* Initialise the given ctr_drbg context, using a personalisation string and an
* entropy gathering function.
*/
-#if (POLARSSL_VERSION_NUMBER >= 0x01010000)
ctr_drbg_context * rand_ctx_get()
{
static entropy_context ec = {0};
return &cd_ctx;
}
-#else /* (POLARSSL_VERSION_NUMBER < 0x01010000) */
-
-havege_state * rand_ctx_get()
-{
- static havege_state hs = {0};
- static bool rand_initialised = false;
-
- if (!rand_initialised)
- {
- /* Initialise PolarSSL RNG */
- havege_init(&hs);
- rand_initialised = true;
- }
-
- return &hs;
-}
-
-#endif /* (POLARSSL_VERSION_NUMBER >= 0x01010000) */
-
#ifdef ENABLE_PREDICTION_RESISTANCE
void rand_ctx_enable_prediction_resistance()
{
int
rand_bytes (uint8_t *output, int len)
{
-#if (POLARSSL_VERSION_NUMBER >= 0x01010000)
ctr_drbg_context *rng_ctx = rand_ctx_get();
-#else /* (POLARSSL_VERSION_NUMBER >= 0x01010000) */
- havege_state *rng_ctx = rand_ctx_get();
-#endif /* (POLARSSL_VERSION_NUMBER >= 0x01010000) */
while (len > 0)
{
-#if (POLARSSL_VERSION_NUMBER >= 0x01010000)
const size_t blen = min_int (len, CTR_DRBG_MAX_REQUEST);
if (0 != ctr_drbg_random(rng_ctx, output, blen))
return 0;
-#else /* (POLARSSL_VERSION_NUMBER >= 0x01010000) */
- const size_t blen = min_int (len, sizeof(int));
- const int rand_int = havege_rand(rng_ctx);
- memcpy (output, &rand_int, blen);
-
-#endif /* (POLARSSL_VERSION_NUMBER >= 0x01010000) */
-
output += blen;
len -= blen;
}
#include <polarssl/version.h>
#include <polarssl/cipher.h>
#include <polarssl/md.h>
-
-#if (POLARSSL_VERSION_NUMBER >= 0x01010000)
-# include <polarssl/ctr_drbg.h>
-#else
-# include <polarssl/havege.h>
-#endif
+#include <polarssl/ctr_drbg.h>
/** Generic cipher key type %context. */
typedef cipher_info_t cipher_kt_t;
/**
* Returns a singleton instance of the PolarSSL random number generator.
*
- * For PolarSSL 1.0, this is the HAVEGE random number generator.
- *
* For PolarSSL 1.1+, this is the CTR_DRBG random number generator. If it
* hasn't been initialised yet, the RNG will be initialised using the default
* entropy sources. Aside from the default platform entropy sources, an
* added. During initialisation, a personalisation string will be added based
* on the time, the PID, and a pointer to the random context.
*/
-#if (POLARSSL_VERSION_NUMBER >= 0x01010000)
ctr_drbg_context * rand_ctx_get();
-#else
-havege_state * rand_ctx_get();
-#endif
#ifdef ENABLE_PREDICTION_RESISTANCE
/**
*/
void tls_ctx_personalise_random(struct tls_root_ctx *ctx)
{
-#if (POLARSSL_VERSION_NUMBER >= 0x01010000)
static char old_sha256_hash[32] = {0};
char sha256_hash[32] = {0};
ctr_drbg_context *cd_ctx = rand_ctx_get();
memcpy(old_sha256_hash, sha256_hash, sizeof(old_sha256_hash));
}
}
-#endif /* POLARSSL_VERSION_NUMBER >= 0x01010000 */
}
void key_state_ssl_init(struct key_state_ssl *ks_ssl,
ssl_set_dbg (ks_ssl->ctx, my_debug, NULL);
ssl_set_endpoint (ks_ssl->ctx, ssl_ctx->endpoint);
-#if (POLARSSL_VERSION_NUMBER >= 0x01010000)
ssl_set_rng (ks_ssl->ctx, ctr_drbg_random, rand_ctx_get());
-#else /* POLARSSL_VERSION_NUMBER >= 0x01010000 */
- ssl_set_rng (ks_ssl->ctx, havege_rand, rand_ctx_get());
-#endif /* POLARSSL_VERSION_NUMBER >= 0x01010000 */
ALLOC_OBJ_CLEAR (ks_ssl->ssn, ssl_session);
ssl_set_session (ks_ssl->ctx, 0, 0, ks_ssl->ssn );
/* Enable PolarSSL RNG prediction resistance support */
#ifdef ENABLE_CRYPTO_POLARSSL
-#include <polarssl/version.h>
-#if POLARSSL_VERSION_NUMBER >= 0x01010000
#define ENABLE_PREDICTION_RESISTANCE
-#endif
#endif /* ENABLE_CRYPTO_POLARSSL */
/*
projects / thirdparty / openvpn.git / commitdiff
