4.4BSD/usr/src/kerberosIV/des/new_rnd_key.c
/*
* $Source: /usr/src/kerberosIV/des/RCS/new_rnd_key.c,v $
* $Author: bostic $
*
* Copyright 1988 by the Massachusetts Institute of Technology.
*
* For copying and distribution information, please see the file
* <mit-copyright.h>.
*
* New pseudo-random key generator, using DES encryption to make the
* pseudo-random cycle as hard to break as DES.
*
* Written by Mark Lillibridge, MIT Project Athena
*
* Under U.S. law, this software may not be exported outside the US
* without license from the U.S. Commerce department.
*/
#ifndef lint
static char rcsid_new_rnd_key_c[] =
"$Header: /usr/src/kerberosIV/des/RCS/new_rnd_key.c,v 4.2 91/02/25 15:14:22 bostic Exp $";
#endif lint
#include <mit-copyright.h>
#include <des.h>
#include "des_internal.h"
extern void des_fixup_key_parity();
extern int des_is_weak_key();
void des_set_random_generator_seed(), des_set_sequence_number();
void des_generate_random_block();
/*
* des_new_random_key: create a random des key
*
* Requires: des_set_random_number_generater_seed must be at called least
* once before this routine is called.
*
* Notes: the returned key has correct parity and is guarenteed not
* to be a weak des key. Des_generate_random_block is used to
* provide the random bits.
*/
int
des_new_random_key(key)
des_cblock key;
{
do {
des_generate_random_block(key);
des_fixup_key_parity(key);
} while (des_is_weak_key(key));
return(0);
}
/*
* des_init_random_number_generator:
*
* This routine takes a secret key possibly shared by a number
* of servers and uses it to generate a random number stream that is
* not shared by any of the other servers. It does this by using the current
* process id, host id, and the current time to the nearest second. The
* resulting stream seed is not useful information for cracking the secret
* key. Moreover, this routine keeps no copy of the secret key.
* This routine is used for example, by the kerberos server(s) with the
* key in question being the kerberos master key.
*
* Note: this routine calls des_set_random_generator_seed.
*/
#ifndef BSDUNIX
you lose... (aka, you get to implement an analog of this for your
system...)
#else
#include <sys/time.h>
void des_init_random_number_generator(key)
des_cblock key;
{
struct { /* This must be 64 bits exactly */
long process_id;
long host_id;
} seed;
struct timeval time; /* this must also be 64 bits exactly */
des_cblock new_key;
long gethostid();
/*
* use a host id and process id in generating the seed to ensure
* that different servers have different streams:
*/
seed.host_id = gethostid();
seed.process_id = getpid();
/*
* Generate a tempory value that depends on the key, host_id, and
* process_id such that it gives no useful information about the key:
*/
des_set_random_generator_seed(key);
des_set_sequence_number((unsigned char *)&seed);
des_new_random_key(new_key);
/*
* use it to select a random stream:
*/
des_set_random_generator_seed(new_key);
/*
* use a time stamp to ensure that a server started later does not reuse
* an old stream:
*/
gettimeofday(&time, (struct timezone *)0);
des_set_sequence_number((unsigned char *)&time);
/*
* use the time stamp finally to select the final seed using the
* current random number stream:
*/
des_new_random_key(new_key);
des_set_random_generator_seed(new_key);
}
#endif /* ifdef BSDUNIX */
/*
* This module implements a random number generator faculty such that the next
* number in any random number stream is very hard to predict without knowing
* the seed for that stream even given the preceeding random numbers.
*/
/*
* The secret des key schedule for the current stream of random numbers:
*/
static des_key_schedule random_sequence_key;
/*
* The sequence # in the current stream of random numbers:
*/
static unsigned char sequence_number[8];
/*
* des_set_random_generator_seed: this routine is used to select a random
* number stream. The stream that results is
* totally determined by the passed in key.
* (I.e., calling this routine again with the
* same key allows repeating a sequence of
* random numbers)
*
* Requires: key is a valid des key. I.e., has correct parity and is not a
* weak des key.
*/
void
des_set_random_generator_seed(key)
des_cblock key;
{
register int i;
/* select the new stream: (note errors are not possible here...) */
des_key_sched(key, random_sequence_key);
/* "seek" to the start of the stream: */
for (i=0; i<8; i++)
sequence_number[i] = 0;
}
/*
* des_set_sequence_number: this routine is used to set the sequence number
* of the current random number stream. This routine
* may be used to "seek" within the current random
* number stream.
*
* Note that des_set_random_generator_seed resets the sequence number to 0.
*/
void
des_set_sequence_number(new_sequence_number)
des_cblock new_sequence_number;
{
bcopy((char *)new_sequence_number, (char *)sequence_number,
sizeof(sequence_number));
}
/*
* des_generate_random_block: routine to return the next random number
* from the current random number stream.
* The returned number is 64 bits long.
*
* Requires: des_set_random_generator_seed must have been called at least once
* before this routine is called.
*/
void des_generate_random_block(block)
des_cblock block;
{
int i;
/*
* Encrypt the sequence number to get the new random block:
*/
des_ecb_encrypt(sequence_number, block, random_sequence_key, 1);
/*
* Increment the sequence number as an 8 byte unsigned number with wrap:
* (using LSB here)
*/
for (i=0; i<8; i++) {
sequence_number[i] = (sequence_number[i] + 1) & 0xff;
if (sequence_number[i])
break;
}
}