Allow for higher granularity of entropy estimates by using 'double'

instead of 'unsigned' counters. Seed PRNG in MacOS/GetHTTPS.src/GetHTTPS.cpp. Partially submitted by Yoram Meroz <yoram@mail.idrive.com>.

Allow for higher granularity of entropy estimates by using 'double'
instead of 'unsigned' counters. Seed PRNG in MacOS/GetHTTPS.src/GetHTTPS.cpp. Partially submitted by Yoram Meroz <yoram@mail.idrive.com>.
853f757e · Bodo Möller · ae1bb4e5 · 853f757e · 853f757e · 853f757e
6 changed file
--- a/CHANGES
+++ b/CHANGES
@@ -231,7 +231,9 @@
     has a return value which indicates the quality of the random data
     (1 = ok, 0 = not seeded).  Also an error is recorded on the thread's
     error queue. New function RAND_pseudo_bytes() generates output that is
-     guaranteed to be unique but not unpredictable.
+     guaranteed to be unique but not unpredictable. RAND_add is like
+     RAND_seed, but takes an extra argument for an entropy estimate
+     (RAND_seed always assumes full entropy).
     [Ulf Möller]
  *) Do more iterations of Rabin-Miller probable prime test (specifically,

--- a/MacOS/GetHTTPS.src/GetHTTPS.cpp
+++ b/MacOS/GetHTTPS.src/GetHTTPS.cpp
@@ -18,6 +18,7 @@
 *				Also-- before attempting to compile this, make sure the aliases in "OpenSSL-0.9.4:include:openssl" 
 *				are installed!  Use the AppleScript applet in the "openssl-0.9.4" folder to do this!
 */
+/* modified to seed the PRNG */
 //	Include some funky libs I've developed over time
@@ -32,8 +33,9 @@
 #include <openssl/ssl.h>
 #include <openssl/err.h>
+#include <openssl/rand.h>
+#include <timer.h>
 //	Let's try grabbing some data from here:
@@ -77,8 +79,11 @@ SSL_CTX				*ssl_ctx = nil;
 SSL					*ssl = nil;
 char				tempString[256];
+UnsignedWide		microTickCount;
+#warning   -- USE A TRUE RANDOM SEED, AND ADD ENTROPY WHENEVER POSSIBLE. --
+const char seed[] = "uyq9,7-b(VHGT^%$&^F/,876;,;./lkJHGFUY{PO*";	// Just gobbledygook
 	printf("OpenSSL Demo by Roy Wood, roy@centricsystems.ca\n\n");
 	BailIfError(errCode = MacSocket_Startup());
@@ -113,6 +118,10 @@ char				tempString[256];
 //	ssl_ctx = SSL_CTX_new(SSLv3_client_method());
+	RAND_seed (seed, sizeof (seed));
+	Microseconds (&microTickCount);
+	RAND_add (&microTickCount, sizeof (microTickCount), 0);		// Entropy is actually > 0, needs an estimate
 	//	Create an SSL thingey and try to negotiate the connection
 	ssl = SSL_new(ssl_ctx);

--- a/crypto/rand/md_rand.c
+++ b/crypto/rand/md_rand.c
@@ -56,7 +56,7 @@
 * [including the GNU Public Licence.]
 */
-#define ENTROPY_NEEDED 16  /* require 128 bits of randomness */
+#define ENTROPY_NEEDED 16  /* require 128 bits = 16 bytes of randomness */
 #ifndef MD_RAND_DEBUG
 # ifndef NDEBUG
@@ -138,13 +138,13 @@ static int state_num=0,state_index=0;
 static unsigned char state[STATE_SIZE+MD_DIGEST_LENGTH];
 static unsigned char md[MD_DIGEST_LENGTH];
 static long md_count[2]={0,0};
-static unsigned entropy=0;
+static double entropy=0;
 const char *RAND_version="RAND" OPENSSL_VERSION_PTEXT;
 static void ssleay_rand_cleanup(void);
 static void ssleay_rand_seed(const void *buf, int num);
-static void ssleay_rand_add(const void *buf, int num, int add_entropy);
+static void ssleay_rand_add(const void *buf, int num, double add_entropy);
 static int ssleay_rand_bytes(unsigned char *buf, int num);
 static int ssleay_rand_pseudo_bytes(unsigned char *buf, int num);
@@ -172,7 +172,7 @@ static void ssleay_rand_cleanup(void)
 	entropy=0;
 	}
-static void ssleay_rand_add(const void *buf, int num, int add)
+static void ssleay_rand_add(const void *buf, int num, double add)
 	{
 	int i,j,k,st_idx;
 	long md_c[2];
@@ -286,7 +286,7 @@ static void ssleay_rand_add(const void *buf, int num, int add)
 #ifndef THREADS	
 	assert(md_c[1] == md_count[1]);
 #endif
-	if (entropy < ENTROPY_NEEDED)
+	if (entropy < ENTROPY_NEEDED) /* stop counting when we have enough */
 	    entropy += add;
 	}

--- a/crypto/rand/rand.h
+++ b/crypto/rand/rand.h
@@ -68,7 +68,7 @@ typedef struct rand_meth_st
 	void (*seed)(const void *buf, int num);
 	int (*bytes)(unsigned char *buf, int num);
 	void (*cleanup)(void);
-	void (*add)(const void *buf, int num, int entropy);
+	void (*add)(const void *buf, int num, double entropy);
 	int (*pseudorand)(unsigned char *buf, int num);
 	} RAND_METHOD;
@@ -79,7 +79,7 @@ void RAND_cleanup(void );
 int  RAND_bytes(unsigned char *buf,int num);
 int  RAND_pseudo_bytes(unsigned char *buf,int num);
 void RAND_seed(const void *buf,int num);
-void RAND_add(const void *buf,int num,int entropy);
+void RAND_add(const void *buf,int num,double entropy);
 int  RAND_load_file(const char *file,long max_bytes);
 int  RAND_write_file(const char *file);
 const char *RAND_file_name(char *file,int num);

--- a/crypto/rand/rand_lib.c
+++ b/crypto/rand/rand_lib.c
@@ -89,7 +89,7 @@ void RAND_seed(const void *buf, int num)
 		rand_meth->seed(buf,num);
 	}
-void RAND_add(const void *buf, int num, int entropy)
+void RAND_add(const void *buf, int num, double entropy)
 	{
 	if (rand_meth != NULL)
 		rand_meth->add(buf,num,entropy);

--- a/doc/crypto/RAND_add.pod
+++ b/doc/crypto/RAND_add.pod
@@ -10,7 +10,7 @@ RAND_add, RAND_seed, RAND_screen - Add entropy to the PRNG
 void RAND_seed(const void *buf, int num);
- void RAND_add(const void *buf, int num, int entropy);
+ void RAND_add(const void *buf, int num, double entropy);
 void RAND_screen(void);
@@ -22,9 +22,9 @@ increases the uncertainty about the state and makes the PRNG output
 less predictable. Suitable input comes from user interaction (random
 key presses, mouse movements) and certain hardware events. The
 B<entropy> argument is (the lower bound of) an estimate of how much
-randomness is contained in B<buf>. Details about sources of randomness
+randomness is contained in B<buf>, measured in bytes. Details about
-and how to estimate their entropy can be found in the literature,
+sources of randomness and how to estimate their entropy can be found
-e.g. RFC 1750.
+in the literature, e.g. RFC 1750.
 RAND_add() may be called with sensitive data such as user entered
 passwords. The seed values cannot be recovered from the PRNG output.