|

»

Encryption and Cryptography

»

feeding randomness to a TLS server

View: New views

5 Messages — Rating Filter: Alert me

	feeding randomness to a TLS server by Abhijit Menon-Sen :: Rate this Message: Reply to Author \| View Threaded \| Show Only this Message Hi. I have a program linked to cryptlib that runs in a chroot jail and acts as a TLS server (for various clients, e.g. IMAP, POP, HTTP). Right now, I'm calling cryptAddRandom(NULL, CRYPT_RANDOM_SLOWPOLL) once at startup before I chroot, and never call it again. Do I need to call it again? When would be a good time? Every time I accept a connection, or perhaps when a session finishes? Suggestions welcome. -- ams _______________________________________________ Cryptlib mailing list Cryptlib@... via Mail: cryptlib-request@... Archive: ftp://ftp.franken.de/pub/crypt/cryptlib/archives/ http://news.gmane.org/gmane.comp.encryption.cryptlib Posts from non-subscribed addresses are blocked to prevent spam, please subscribe in order to post messages.
	Re: feeding randomness to a TLS server by Peter Gutmann :: Rate this Message: Reply to Author \| View Threaded \| Show Only this Message Abhijit Menon-Sen <ams@...> writes: >I have a program linked to cryptlib that runs in a chroot jail and acts as a >TLS server (for various clients, e.g. IMAP, POP, HTTP). Right now, I'm >calling cryptAddRandom(NULL, CRYPT_RANDOM_SLOWPOLL) once at startup before I >chroot, and never call it again. > >Do I need to call it again? When would be a good time? Every time I accept a >connection, or perhaps when a session finishes? It won't hurt to call it again, but it's not absolutely necessary, cryptlib does continuous re-seeding as it runs. Peter. _______________________________________________ Cryptlib mailing list Cryptlib@... via Mail: cryptlib-request@... Archive: ftp://ftp.franken.de/pub/crypt/cryptlib/archives/ http://news.gmane.org/gmane.comp.encryption.cryptlib Posts from non-subscribed addresses are blocked to prevent spam, please subscribe in order to post messages.
	Re: feeding randomness to a TLS server by Abhijit Menon-Sen :: Rate this Message: Reply to Author \| View Threaded \| Show Only this Message At 2007-08-22 03:02:50 +1200, pgut001@... wrote: > > It won't hurt to call it again, but it's not absolutely necessary, > cryptlib does continuous re-seeding as it runs. Thanks. We're running the cryptlib process inside a chroot jail, and /dev/random isn't accessible without some gymnastics we'd rather not do (e.g. mount a special device filesystem under the jail on FreeBSD). So we'd like to open /dev/urandom before we chroot, and feed cryptlib data from it. Would you consider a "cryptAddRandomSource()" function that could either record an fd for use in getDevRandomData(), or register a callback to a function that could be called from slowPoll() to fetch bytes? (Or any other functionally equivalent solution, really.) -- ams _______________________________________________ Cryptlib mailing list Cryptlib@... via Mail: cryptlib-request@... Archive: ftp://ftp.franken.de/pub/crypt/cryptlib/archives/ http://news.gmane.org/gmane.comp.encryption.cryptlib Posts from non-subscribed addresses are blocked to prevent spam, please subscribe in order to post messages.
	Re: feeding randomness to a TLS server by Peter Gutmann :: Rate this Message: Reply to Author \| View Threaded \| Show Only this Message Abhijit Menon-Sen <ams@...> writes: >Would you consider a "cryptAddRandomSource()" function that could either >record an fd for use in getDevRandomData(), or register a callback to a >function that could be called from slowPoll() to fetch bytes? (Or any other >functionally equivalent solution, really.) There isn't any way of doing this in way that's even remotely portable across OSes, if you need something like this you'd have to add support for it yourself. (The easiest fix, without having to modify cryptlib at all, would probably be to provide a simulated EGD inside the jail). The /dev/random stuff will be fixed in the next release, since it's a PRNG read there'd have to be something truly weird happening if noBytes != DEVRANDOM_BYTES, but you're right, it should report the noBytes value. Peter. _______________________________________________ Cryptlib mailing list Cryptlib@... via Mail: cryptlib-request@... Archive: ftp://ftp.franken.de/pub/crypt/cryptlib/archives/ http://news.gmane.org/gmane.comp.encryption.cryptlib Posts from non-subscribed addresses are blocked to prevent spam, please subscribe in order to post messages.
	Re: feeding randomness to a TLS server by Abhijit Menon-Sen :: Rate this Message: Reply to Author \| View Threaded \| Show Only this Message At 2007-08-31 19:03:47 +1200, pgut001@... wrote: > > (The easiest fix, without having to modify cryptlib at all, would > probably be to provide a simulated EGD inside the jail). That's what we did, eventually, since cryptlib has access to no other entropy sources inside the jail. We open /dev/urandom at startup, keep the fd around while we (fork and) chroot, and then feed cryptlib data from that fd on /var/run/egd-pool. It works all right (though it's awfully slow unless we increase the quality assigned to EGD data in random/unix.c). -- ams _______________________________________________ Cryptlib mailing list Cryptlib@... via Mail: cryptlib-request@... Archive: ftp://ftp.franken.de/pub/crypt/cryptlib/archives/ http://news.gmane.org/gmane.comp.encryption.cryptlib Posts from non-subscribed addresses are blocked to prevent spam, please subscribe in order to post messages.

LightInTheBox - Buy quality products at wholesale price!