Re: [PATCH 1/1] tools: use cryptographically safe RNG

Thu, 14 Nov 2024 23:18:23 -0800 

On Fri, Nov 15 2024, Mark Kettenis <mark.kette...@xs4all.nl> wrote:

>> Date: Thu, 14 Nov 2024 11:39:27 -0600
>> From: Tom Rini <tr...@konsulko.com>
>> 
>> On Thu, Nov 14, 2024 at 06:35:44PM +0100, Heinrich Schuchardt wrote:
>> > Tom Rini <tr...@konsulko.com> schrieb am Do., 14. Nov. 2024, 18:27:
>> > 
>> > > On Sat, Nov 02, 2024 at 05:32:59PM +0100, Heinrich Schuchardt wrote:
>> > >
>> > > > The PRNG implementing the random() function only has 2^31 states and
>> > > > therefore is unsafe to use for cryptography. Use arc4random() instead.
>> > > >
>> > > > Fixes: cc34f04efd63 ("tools: image-host.c: use random instead of rand")
>> > > > Addresses-Coverity-ID: 312953 Calling risky function
>> > > > Signed-off-by: Heinrich Schuchardt <heinrich.schucha...@canonical.com>
>> > > > ---
>> > > >  tools/image-host.c | 35 +++--------------------------------
>> > > >  1 file changed, 3 insertions(+), 32 deletions(-)
>> > >
>> > > Now I get:
>> > > /home/uboot/u-boot/u-boot/tools/image-host.c: In function
>> > > 'fit_image_setup_cipher':
>> > > /home/uboot/u-boot/u-boot/tools/image-host.c:439:17: warning: implicit
>> > > declaration of function 'arc4random_buf' 
>> > > [-Wimplicit-function-declaration]
>> > >   439 |                 arc4random_buf((void *)info->iv,
>> > > info->cipher->iv_len);
>> > >       |                 ^~~~~~~~~~~~~~
>> > > /usr/bin/ld: tools/image-host.o: in function `fit_image_cipher_data':
>> > > image-host.c:(.text+0xb41): undefined reference to `arc4random_buf'
>> > > collect2: error: ld returned 1 exit status
>> > > make[3]: *** [scripts/Makefile.host:104: tools/dumpimage] Error 1
>> > >
>> > > in the docker container. I gather this means arc4random_buf is not as
>> > > widely available as assumed.
>> > >
>> > 
>> > glibc 2.36 is required published 2022-08. Ubuntu Jammy is 22.04.
>> 
>> Yeah, that's likely (a) too new and (b) strange because:
>> https://source.denx.de/u-boot/u-boot/-/jobs/945810 and so is jammy
>> 22.04.
>
> Linking against libbsd might be an alternative on older systems.

Or use getrandom(), which according to the man page has been exposed via
glibc since glibc 2.25. Or just read from /dev/urandom which should work
everywhere.

Rasmus

Reply via email to