diff options
| author | Jack Lloyd <[email protected]> | 2016-01-29 17:18:38 -0500 |
|---|---|---|
| committer | Jack Lloyd <[email protected]> | 2016-02-07 03:00:53 -0500 |
| commit | 9379336ba62e273601623bf28ece112946aec1e1 (patch) | |
| tree | af57abfbe639d4f2662ed0830db0a262610cbdd5 /src/lib/rng | |
| parent | e23cfdeb6d079a2c8d147142f31934d2c8b3a881 (diff) | |
Add explicit fork check to HMAC_RNG
Add OS functions get_process_id, get_processor_timestamp, and
get_system_timestamp_ns. HMAC_RNG uses the pid call to detect forks to
initiate a reseed. It also adds the output of all three functions (the
pid, the CPU cycle counter, and the system timestamp) into the PRF input.
Calls the new OS timer functions from hres_timer entropy source.
Removes the call to QPC in es_win32 which is mostly redundant with the
one in hres_timer.
Diffstat (limited to 'src/lib/rng')
| -rw-r--r-- | src/lib/rng/hmac_rng/hmac_rng.cpp | 12 | ||||
| -rw-r--r-- | src/lib/rng/hmac_rng/hmac_rng.h | 1 |
2 files changed, 8 insertions, 5 deletions
diff --git a/src/lib/rng/hmac_rng/hmac_rng.cpp b/src/lib/rng/hmac_rng/hmac_rng.cpp index f5a782526..0b80de7bd 100644 --- a/src/lib/rng/hmac_rng/hmac_rng.cpp +++ b/src/lib/rng/hmac_rng/hmac_rng.cpp @@ -1,12 +1,13 @@ /* * HMAC_RNG -* (C) 2008,2009,2013,2015 Jack Lloyd +* (C) 2008,2009,2013,2015,2016 Jack Lloyd * * Botan is released under the Simplified BSD License (see license.txt) */ #include <botan/hmac_rng.h> #include <botan/entropy_src.h> +#include <botan/internal/os_utils.h> #include <algorithm> #include <chrono> @@ -69,10 +70,10 @@ void HMAC_RNG::clear() void HMAC_RNG::new_K_value(byte label) { - typedef std::chrono::high_resolution_clock clock; - m_prf->update(m_K); - m_prf->update_be(clock::now().time_since_epoch().count()); + m_prf->update_be(m_pid); + m_prf->update_be(OS::get_processor_timestamp()); + m_prf->update_be(OS::get_system_timestamp_ns()); m_prf->update_be(m_counter++); m_prf->update(label); m_prf->final(m_K.data()); @@ -83,7 +84,7 @@ void HMAC_RNG::new_K_value(byte label) */ void HMAC_RNG::randomize(byte out[], size_t length) { - if(!is_seeded()) + if(!is_seeded() || m_pid != OS::get_process_id()) { reseed(256); if(!is_seeded()) @@ -168,6 +169,7 @@ size_t HMAC_RNG::reseed_with_sources(Entropy_Sources& srcs, m_extractor->output_length() * 8); m_output_since_reseed = 0; + m_pid = OS::get_process_id(); return static_cast<size_t>(bits_collected); } diff --git a/src/lib/rng/hmac_rng/hmac_rng.h b/src/lib/rng/hmac_rng/hmac_rng.h index 1e38daa08..95ae25e39 100644 --- a/src/lib/rng/hmac_rng/hmac_rng.h +++ b/src/lib/rng/hmac_rng/hmac_rng.h @@ -60,6 +60,7 @@ class BOTAN_DLL HMAC_RNG : public RandomNumberGenerator secure_vector<byte> m_K; u32bit m_counter = 0; + u32bit m_pid = 0; }; } |