Remove old entropy seeding after consumption initializing /dev/random PRNG.

Not doing so opens us up to replay attacks. Submitted by: Arthur Mesh <arthurmesh@gmail.com> Sponsored by: Juniper Networks
svn path=/head/; revision=239569
2024-12-16 10:20:30 +00:00 · 2012-08-22 18:43:21 +00:00 · 2012-08-22 18:43:21 +00:00 · 7e7fd6c88d · 2020-12-20 02:59:44 +00:00
commit 7e7fd6c88d
parent 849d3c12df
2 changed files with 45 additions and 1 deletions
--- a/etc/rc.d/postrandom
+++ b/etc/rc.d/postrandom
@ -0,0 +1,41 @@
+#!/bin/sh
+#
+# $FreeBSD$
+#
+
+# PROVIDE: postrandom
+# REQUIRE: initrandom random var
+# BEFORE: LOGIN
+# KEYWORD: nojail
+
+. /etc/rc.subr
+
+name="postrandom"
+start_cmd="${name}_start"
+stop_cmd=":"
+
+# This will remove old ${entropy_file} and generate a new one.
+# According to Bruce Schneier, this is stronly recomended in order
+# to avoid using same ${entropy_file} across reboots.
+# Reference: Chapter 10.6, Practical Cryptograpy, ISBN: 0-471-22357-3
+
+postrandom_start()
+{
+	/etc/rc.d/random fastsaveseed
+
+	case ${entropy_dir} in
+	[Nn][Oo])
+		;;
+	*)
+		entropy_dir=${entropy_dir:-/var/db/entropy}
+		if [ -d "${entropy_dir}" ]; then
+			if [ -w /dev/random ]; then
+				rm -f ${entropy_dir}/*
+			fi
+		fi
+		;;
+	esac
+}
+
+load_rc_config random
+run_rc_command "$1"
--- a/etc/rc.d/random
+++ b/etc/rc.d/random
@ -4,7 +4,7 @@
 #

 # PROVIDE: random
-# REQUIRE: var initrandom
+# REQUIRE: initrandom var
 # BEFORE: netif
 # KEYWORD: nojail shutdown

@ -14,6 +14,9 @@ name="random"
 start_cmd="random_start"
 stop_cmd="random_stop"

+extra_commands="saveseed"
+saveseed_cmd="${name}_stop"
+
 feed_dev_random()
 {
 	if [ -f "${1}" -a -r "${1}" -a -s "${1}" ]; then