From owner-freebsd-bugs@FreeBSD.ORG  Fri Jan  9 07:10:36 2004
Return-Path: <owner-freebsd-bugs@FreeBSD.ORG>
Delivered-To: freebsd-bugs@hub.freebsd.org
Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125])
	by hub.freebsd.org (Postfix) with ESMTP id B327116A4CE
	for <freebsd-bugs@hub.freebsd.org>;
	Fri,  9 Jan 2004 07:10:36 -0800 (PST)
Received: from freefall.freebsd.org (freefall.freebsd.org [216.136.204.21])
	by mx1.FreeBSD.org (Postfix) with ESMTP id 9B1ED43D39
	for <freebsd-bugs@hub.freebsd.org>;
	Fri,  9 Jan 2004 07:10:23 -0800 (PST)
	(envelope-from gnats@FreeBSD.org)
Received: from freefall.freebsd.org (gnats@localhost [127.0.0.1])
	i09FANFR024111	for <freebsd-bugs@freefall.freebsd.org>;
	Fri, 9 Jan 2004 07:10:23 -0800 (PST)
	(envelope-from gnats@freefall.freebsd.org)
Received: (from gnats@localhost)
	by freefall.freebsd.org (8.12.10/8.12.10/Submit) id i09FANoL024110;
	Fri, 9 Jan 2004 07:10:23 -0800 (PST)
	(envelope-from gnats)
Resent-Date: Fri, 9 Jan 2004 07:10:23 -0800 (PST)
Resent-Message-Id: <200401091510.i09FANoL024110@freefall.freebsd.org>
Resent-From: FreeBSD-gnats-submit@FreeBSD.org (GNATS Filer)
Resent-To: freebsd-bugs@FreeBSD.org
Resent-Reply-To: FreeBSD-gnats-submit@FreeBSD.org,
	Jeff Ito <jeffi@rcn.com>
Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125])
	by hub.freebsd.org (Postfix) with ESMTP id 8139F16A4CE
	for <freebsd-gnats-submit@FreeBSD.org>;
	Fri,  9 Jan 2004 07:03:31 -0800 (PST)
Received: from www.freebsd.org (www.freebsd.org [216.136.204.117])
	by mx1.FreeBSD.org (Postfix) with ESMTP id 95E9443D31
	for <freebsd-gnats-submit@FreeBSD.org>;
	Fri,  9 Jan 2004 07:03:30 -0800 (PST)
	(envelope-from nobody@FreeBSD.org)
Received: from www.freebsd.org (localhost [127.0.0.1])
	by www.freebsd.org (8.12.10/8.12.10) with ESMTP id i09F3UdL067949
	for <freebsd-gnats-submit@FreeBSD.org>;
	Fri, 9 Jan 2004 07:03:30 -0800 (PST)
	(envelope-from nobody@www.freebsd.org)
Received: (from nobody@localhost)
	by www.freebsd.org (8.12.10/8.12.10/Submit) id i09F3U22067948;
	Fri, 9 Jan 2004 07:03:30 -0800 (PST)
	(envelope-from nobody)
Message-Id: <200401091503.i09F3U22067948@www.freebsd.org>
Date: Fri, 9 Jan 2004 07:03:30 -0800 (PST)
From: Jeff Ito <jeffi@rcn.com>
To: freebsd-gnats-submit@FreeBSD.org
X-Send-Pr-Version: www-2.0
Subject: bin/61126: libc arc4random does not discard first N words (libkern
	arc4random does)
X-BeenThere: freebsd-bugs@freebsd.org
X-Mailman-Version: 2.1.1
Precedence: list
List-Id: Bug reports <freebsd-bugs.freebsd.org>
List-Unsubscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-bugs>,
	<mailto:freebsd-bugs-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/freebsd-bugs>
List-Post: <mailto:freebsd-bugs@freebsd.org>
List-Help: <mailto:freebsd-bugs-request@freebsd.org?subject=help>
List-Subscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-bugs>,
	<mailto:freebsd-bugs-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Fri, 09 Jan 2004 15:10:36 -0000


>Number:         61126
>Category:       bin
>Synopsis:       libc arc4random does not discard first N words (libkern arc4random does)
>Confidential:   no
>Severity:       non-critical
>Priority:       low
>Responsible:    freebsd-bugs
>State:          open
>Quarter:        
>Keywords:       
>Date-Required:
>Class:          sw-bug
>Submitter-Id:   current-users
>Arrival-Date:   Fri Jan 09 07:10:23 PST 2004
>Closed-Date:
>Last-Modified:
>Originator:     Jeff Ito
>Release:        CURRENT
>Organization:
>Environment:
N/A
>Description:
libc's arc4random does not discard the first N words as suggested in the Fluher, Martin & Shamir paper, and as already implemented in libkern's arc4random
>How-To-Repeat:
N/A
>Fix:
      
Index: arc4random.c
===================================================================
RCS file: /cvs/fbsd/src/lib/libc/gen/arc4random.c,v
retrieving revision 1.6
diff -u -r1.6 arc4random.c
--- arc4random.c        22 Mar 2002 21:52:05 -0000      1.6
+++ arc4random.c        9 Jan 2004 14:59:43 -0000
@@ -45,6 +45,8 @@
 static int rs_initialized;
 static struct arc4_stream rs;

+static inline u_int32_t arc4_getword(struct arc4_stream *);
+
 static inline void
 arc4_init(as)
        struct arc4_stream *as;
@@ -80,7 +82,7 @@
 arc4_stir(as)
        struct arc4_stream *as;
 {
-       int     fd;
+       int     fd, n;
        struct {
                struct timeval tv;
                pid_t pid;
@@ -98,6 +100,14 @@
         * stack... */

        arc4_addrandom(as, (void *) &rdat, sizeof(rdat));
+
+       /*
+        * Throw away the first N words of output, as suggested in the
+        * paper "Weaknesses in the Key Scheduling Algorithm of RC4"
+        * by Fluher, Mantin, and Shamir.  (N = 256 in our case.)
+        */
+       for (n = 0; n < 256; n++)
+               arc4_getword(as);
 }

 static inline u_int8_t

>Release-Note:
>Audit-Trail:
>Unformatted: