[Pkg-openssl-devel] bad debian openssl and -rand option
emaxx-debian
emaxx-debian at davex.nl
Fri May 23 06:30:55 UTC 2008
Kurt Roeckx wrote on 22-5-2008 19:25:
> On Thu, May 22, 2008 at 06:59:15PM +0200, Kurt Roeckx wrote:
>
>> The lists created for the openssl-vulnkey should contain keys for
>> combinations of:
>> - All PIDs (1 - 32767)
>> - Presence of .rnd file (yes or no)
>> - Machine endianness (little or big)
>> - Word size (I think 32 and 64?)
>>
>> The effect of the -rand option is probably simular to the effect
>> of the presence of the .rnd option. It adds something to the PRNG,
>> but the result of that is predictable. There is no way that
>> something random can get added to the PRNG. It's not because the
>> blacklist doesn't contain the generated key that it's a good key.
>>
>
> I've just read that the existence of the .rnd file has different effects
> depending on the version. So that might be an other reason why your key
> is not in it.
>
> I've also read that using -rand with a non-existing file also produces
> something else.
>
>
> Kurt
>
>
>
I tried to take a look at the code, md_rand.c (I'm no software
developer), but I think the code is too complex for me.
I did found the following on the openssl website
(http://www.openssl.org/support/faq.html#USER1):
"The *rand* command outputs /num/ pseudo-random bytes after seeding the
random number generator once. As in other *openssl* command line tools,
PRNG seeding uses the file /$HOME//*.rnd* or *.rnd* in addition to the
files given in the *-rand* option. A new /$HOME//*.rnd* or *.rnd* file
will be written back if enough seeding was obtained from these sources."
If I read (and understand) this correctly, the presence of the .rnd file
is additional to files given with -rand and your comment "The effect of
the -rand option is probably simular to the effect of the presence of
the .rnd option." isn't fully true?
And if I understand this
(http://www.openssl.org/docs/crypto/RAND_egd.html#DESCRIPTION)
correctly, only 255 bytes (max) where used from the file I suplied via
-rand. This means little entropy?
Was the rule which was erased from the code also responsible for mixing
entropy I added via the files via -rand?
If the extra -rand entropy wasn't mixed, then generating about 33000
keys with -rand (where the input file is random) would result in some
identically keys?
Vince.
More information about the Pkg-openssl-devel
mailing list