From owner-freebsd-security  Sun Jul  7 11:50:33 2002
Delivered-To: freebsd-security@freebsd.org
Received: from mx1.FreeBSD.org (mx1.FreeBSD.org [216.136.204.125])
	by hub.freebsd.org (Postfix) with ESMTP id 5B1BA37B401
	for <freebsd-security@FreeBSD.ORG>; Sun,  7 Jul 2002 11:50:26 -0700 (PDT)
Received: from kobold.compt.com (TBextgw.compt.com [209.115.146.18])
	by mx1.FreeBSD.org (Postfix) with ESMTP id 9E4DF43E09
	for <freebsd-security@FreeBSD.ORG>; Sun,  7 Jul 2002 11:50:25 -0700 (PDT)
	(envelope-from klaus@kobold.compt.com)
Date: Sun, 7 Jul 2002 14:50:20 -0400
From: Klaus Steden <klaus@compt.com>
To: Randy Bush <randy@psg.com>
Cc: freebsd-security@FreeBSD.ORG
Subject: Re: signal 8 (fp execption) in pgp 5
Message-ID: <20020707145020.D95654@cthulu.compt.com>
References: <E17R4zs-000LZb-00@rip.psg.com>
Mime-Version: 1.0
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline
In-Reply-To: <E17R4zs-000LZb-00@rip.psg.com>; from randy@psg.com on Sat, Jul 06, 2002 at 10:54:12PM -0700
Sender: owner-freebsd-security@FreeBSD.ORG
Precedence: bulk
List-ID: <freebsd-security.FreeBSD.ORG>
List-Archive: <http://docs.freebsd.org/mail/> (Web Archive)
List-Help: <mailto:majordomo@FreeBSD.ORG?subject=help> (List Instructions)
List-Subscribe: <mailto:majordomo@FreeBSD.ORG?subject=subscribe%20freebsd-security>
List-Unsubscribe: <mailto:majordomo@FreeBSD.ORG?subject=unsubscribe%20freebsd-security>
X-Loop: FreeBSD.org

> yesterday's -stable and ports tree, rebuilt twice.
> 
>     % pgpk -l randy
>     Type Bits KeyID      Created    Expires    Algorithm       Use
>     sec+ 1024 0xB1331439 1994-04-04 ---------- RSA             Sign & Encrypt 
>     uid  Randy Bush <randy@psg.com>
> 
>     1 matching key found
> 
>     Received signal 8.
> 
> anyone else see this or have a clue?
> 
Yup. I tried PGP6, too, and found the same problem. Did some digging around
in the source, and at least with PGP6, I discovered it's a bug in
pgpRndUnix.c. Specifically, when loading a timer for use in an entropy
function (I think), there's a call to clock_getres() - using the
CLOCK_REALTIME clock, filling in a structure that gets returned to the caller
as 0, which triggers the FPE.

I tried using CLOCK_VIRTUAL, which stopped the FPE, but returned an error and
thus didn't generate any randomness.

Hopefully I've got my terms right - I'm no crypto expert by any stretch, but
that's what I found to be a problem in PGP6. I suspect something similar may
be at play in PGP5.

HTH,
Klaus

To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-security" in the body of the message