krb5_abortx()
Andrew Bartlett
abartlet at samba.org
Mon Jun 18 02:47:39 GMT 2007
On Mon, 2007-06-18 at 04:43 +0200, Love Hörnquist Åstrand wrote:
> >> What should I use for a random source on those platforms without /
> >> dev/
> >> *random to generate cryptographic keys ?
> >>
> >> I can use the old method from libdes that fell out when I
> >> restructured the random code, but its questionable if that is really
> >> secure, it "works" though.
> >
> > Perhaps allow the app to supply a random callback? (At least then it
> > can be just as bad as samba without /dev/random).
>
> That is just fine, when flying home I though I could port the old code
> but never enable it in the core distribution and have you add the
> RAND_method if you wanted that stuff.
>
> What random source does samba4 use for crypto keys ?
Without privileges, it boils down to time and pid, and then it is pushed
out via RC4...
/* Add in some secret file contents */
do_filehash("/etc/shadow", &seed_inbuf[0]);
/*
* Add the counter, time of day, and pid.
*/
GetTimeOfDay(&tval);
mypid = getpid();
v1 = (counter++) + mypid + tval.tv_sec;
v2 = (counter++) * mypid + tval.tv_usec;
SIVAL(seed_inbuf, 32, v1 ^ IVAL(seed_inbuf, 32));
SIVAL(seed_inbuf, 36, v2 ^ IVAL(seed_inbuf, 36));
I'm not sure this is any better...
Andrew Bartlett
--
Andrew Bartlett
http://samba.org/~abartlet/
Authentication Developer, Samba Team http://samba.org
Samba Developer, Red Hat Inc.
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 189 bytes
Desc: This is a digitally signed message part
Url : http://lists.samba.org/archive/samba-technical/attachments/20070618/cf44d9ab/attachment.bin
More information about the samba-technical
mailing list