From a3557c8df2aa0830ad29396676f4d92f4f3bd198 Mon Sep 17 00:00:00 2001
From: Felix Fietkau <nbd@openwrt.org>
Date: Tue, 22 Sep 2015 09:06:00 +0000
Subject: px5g-standalone: use /dev/urandom instead of havege (fixes #20216)

Signed-off-by: Felix Fietkau <nbd@openwrt.org>

git-svn-id: svn://svn.openwrt.org/openwrt/trunk@47025 3c298f89-4303-0410-b956-a3cf2f4a3e73
---
 package/utils/px5g-standalone/src/px5g.c | 27 ++++++++++++++++++++-------
 1 file changed, 20 insertions(+), 7 deletions(-)

(limited to 'package/utils/px5g-standalone/src/px5g.c')

diff --git a/package/utils/px5g-standalone/src/px5g.c b/package/utils/px5g-standalone/src/px5g.c
index cf50ad28e2..34ab34f32d 100644
--- a/package/utils/px5g-standalone/src/px5g.c
+++ b/package/utils/px5g-standalone/src/px5g.c
@@ -23,7 +23,8 @@
 #include <string.h>
 #include <time.h>
 #include <limits.h>
-#include "polarssl/havege.h"
+#include <fcntl.h>
+#include <unistd.h>
 #include "polarssl/bignum.h"
 #include "polarssl/x509.h"
 #include "polarssl/rsa.h"
@@ -32,8 +33,17 @@
 #define PX5G_COPY "Copyright (c) 2009 Steven Barth <steven@midlink.org>"
 #define PX5G_LICENSE "Licensed under the GNU Lesser General Public License v2.1"
 
+static int urandom_fd;
+
+static int _urandom(void *ctx)
+{
+	int ret;
+	read(urandom_fd, &ret, sizeof(ret));
+	return ret;
+}
+
+
 int rsakey(char **arg) {
-	havege_state hs;
 	rsa_context rsa;
 
 	unsigned int ksize = 512;
@@ -57,8 +67,7 @@ int rsakey(char **arg) {
 		ksize = (unsigned int)atoi(*arg);
 	}
 
-	havege_init(&hs);
-	rsa_init(&rsa, RSA_PKCS_V15, 0, havege_rand, &hs);
+	rsa_init(&rsa, RSA_PKCS_V15, 0, _urandom, NULL);
 
 	fprintf(stderr, "Generating RSA private key, %i bit long modulus\n", ksize);
 	if (rsa_gen_key(&rsa, ksize, exp)) {
@@ -76,7 +85,6 @@ int rsakey(char **arg) {
 }
 
 int selfsigned(char **arg) {
-	havege_state hs;
 	rsa_context rsa;
 	x509_node node;
 
@@ -139,8 +147,7 @@ int selfsigned(char **arg) {
 		arg++;
 	}
 
-	havege_init(&hs);
-	rsa_init(&rsa, RSA_PKCS_V15, 0, havege_rand, &hs);
+	rsa_init(&rsa, RSA_PKCS_V15, 0, _urandom, NULL);
 	x509write_init_node(&node);
 	fprintf(stderr, "Generating RSA private key, %i bit long modulus\n", ksize);
 	if (rsa_gen_key(&rsa, ksize, exp)) {
@@ -184,6 +191,12 @@ int selfsigned(char **arg) {
 }
 
 int main(int argc, char *argv[]) {
+	urandom_fd = open("/dev/urandom", O_RDONLY);
+	if (urandom_fd < 0) {
+		perror("open(/dev/urandom)");
+		return 1;
+	}
+
 	if (!argv[1]) {
 		//Usage
 	} else if (!strcmp(argv[1], "rsakey")) {
-- 
cgit v1.2.3