diff options
author | Adriaan de Jong <dejong@fox-it.com> | 2012-04-02 09:28:02 +0200 |
---|---|---|
committer | David Sommerseth <davids@redhat.com> | 2012-04-27 23:31:44 +0200 |
commit | 6efeaa2e4462bc10f395d8aceed363c3e77b35a3 (patch) | |
tree | 48732b5de9c86e8989dfeca0756b4162a3072088 /src/openvpn/ssl_polarssl.c | |
parent | 4e846b39a35b5f9501e4283be0af620d7c9c8b5c (diff) | |
download | openvpn-6efeaa2e4462bc10f395d8aceed363c3e77b35a3.tar.gz openvpn-6efeaa2e4462bc10f395d8aceed363c3e77b35a3.tar.xz openvpn-6efeaa2e4462bc10f395d8aceed363c3e77b35a3.zip |
Added support for new PolarSSL 1.1 RNG
This patch, while retaining PolarSSL 1.0 support, introduces the PolarSSL 1.1 DRBG.
This RNG adds a number of features, including support for personalisation strings
and multiple entropy sources.
Personalisation strings have been implemented, based on PID, program name, place
within memory, and a hash of the user's certificate.
The entropy sources used are the platform default ones. Which ones these are
depends on how PolarSSL was built, but usually this includes:
- /dev/urandom or the Windows CryptoAPI RNG
- the HAVEGE RNG
- the output of PolarSSL's hardclock() call (usually RDTSC)
Finally, this patch moves to only one instance of the RNG per OpenVPN instance,
instead of one per keystate
Signed-off-by: Adriaan de Jong <dejong@fox-it.com>
Signed-off-by: Eelse-jan Stutvoet <stutvoet@fox-it.com>
Acked-by: James Yonan <james@openvpn.net>
Message-Id: 1333351687-3732-1-git-send-email-dejong@fox-it.com
URL: http://article.gmane.org/gmane.network.openvpn.devel/6210
Signed-off-by: David Sommerseth <davids@redhat.com>
Notes
Notes:
This patch was ACKed by James Yonan in an IRC meeting March 29, 2012 under the condition
that PolarSSL 1.0 and havege support is removed later on.
Currently, the meeting minutes have not been made public.
(David Sommerseth, Fri Apr 27 21:31:03 UTC 2012)
Diffstat (limited to 'src/openvpn/ssl_polarssl.c')
-rw-r--r-- | src/openvpn/ssl_polarssl.c | 44 |
1 files changed, 34 insertions, 10 deletions
diff --git a/src/openvpn/ssl_polarssl.c b/src/openvpn/ssl_polarssl.c index d4d85c8..8f35608 100644 --- a/src/openvpn/ssl_polarssl.c +++ b/src/openvpn/ssl_polarssl.c @@ -44,6 +44,9 @@ #include "manage.h" #include "ssl_common.h" +#include <polarssl/sha2.h> +#include <polarssl/havege.h> + #include "ssl_verify_polarssl.h" #include <polarssl/pem.h> @@ -85,9 +88,6 @@ tls_ctx_server_new(struct tls_root_ctx *ctx) ASSERT(NULL != ctx); CLEAR(*ctx); - ALLOC_OBJ_CLEAR(ctx->hs, havege_state); - havege_init(ctx->hs); - ALLOC_OBJ_CLEAR(ctx->dhm_ctx, dhm_context); ALLOC_OBJ_CLEAR(ctx->priv_key, rsa_context); @@ -103,12 +103,8 @@ void tls_ctx_client_new(struct tls_root_ctx *ctx) { ASSERT(NULL != ctx); - CLEAR(*ctx); - ALLOC_OBJ_CLEAR(ctx->hs, havege_state); - havege_init(ctx->hs); - ALLOC_OBJ_CLEAR(ctx->dhm_ctx, dhm_context); ALLOC_OBJ_CLEAR(ctx->priv_key, rsa_context); @@ -143,8 +139,6 @@ tls_ctx_free(struct tls_root_ctx *ctx) } #endif - free(ctx->hs); - if (ctx->allowed_ciphers) free(ctx->allowed_ciphers); @@ -504,6 +498,30 @@ static void my_debug( void *ctx, int level, const char *str ) } } +/* + * Further personalise the RNG using a hash of the public key + */ +void tls_ctx_personalise_random(struct tls_root_ctx *ctx) +{ +#if (POLARSSL_VERSION_NUMBER >= 0x01010000) + static char old_sha256_hash[32] = {0}; + char sha256_hash[32] = {0}; + ctr_drbg_context *cd_ctx = rand_ctx_get(); + + if (NULL != ctx->crt_chain) + { + x509_cert *cert = ctx->crt_chain; + + sha2(cert->tbs.p, cert->tbs.len, sha256_hash, false); + if ( 0 != memcmp(old_sha256_hash, sha256_hash, sizeof(sha256_hash))) + { + ctr_drbg_update(cd_ctx, sha256_hash, 32); + memcpy(old_sha256_hash, sha256_hash, sizeof(old_sha256_hash)); + } + } +#endif /* POLARSSL_VERSION_NUMBER >= 0x01010000 */ +} + void key_state_ssl_init(struct key_state_ssl *ks_ssl, const struct tls_root_ctx *ssl_ctx, bool is_server, void *session) { @@ -517,7 +535,13 @@ void key_state_ssl_init(struct key_state_ssl *ks_ssl, /* Initialise SSL context */ ssl_set_dbg (ks_ssl->ctx, my_debug, NULL); ssl_set_endpoint (ks_ssl->ctx, ssl_ctx->endpoint); - ssl_set_rng (ks_ssl->ctx, havege_rand, ssl_ctx->hs); + +#if (POLARSSL_VERSION_NUMBER >= 0x01010000) + ssl_set_rng (ks_ssl->ctx, ctr_drbg_random, rand_ctx_get()); +#else /* POLARSSL_VERSION_NUMBER >= 0x01010000 */ + ssl_set_rng (ks_ssl->ctx, havege_rand, rand_ctx_get()); +#endif /* POLARSSL_VERSION_NUMBER >= 0x01010000 */ + ALLOC_OBJ_CLEAR (ks_ssl->ssn, ssl_session); ssl_set_session (ks_ssl->ctx, 0, 0, ks_ssl->ssn ); if (ssl_ctx->allowed_ciphers) |