[dpdk-dev] examples/ipsec-secgw: Calling risky function
Commit Message
lrand48 should not be used for security related applications,
as linear congruential algorithms are too easy to break.
Used a compliant random number generator /dev/urandom.
Fixes: d299106e8e31 ("examples/ipsec-secgw: add IPsec sample application")
Coverity ID 124558
Signed-off-by: Slawomir Mrozowicz <slawomirx.mrozowicz@intel.com>
---
examples/ipsec-secgw/esp.c | 17 +++++++++--------
1 file changed, 9 insertions(+), 8 deletions(-)
Comments
Hi Slawomir,
"Calling risky function"
-> it's obviously a NACK :)
unless you mean "replace non-secure random".
On 07/06/2016 09:58, Slawomir Mrozowicz wrote:
> lrand48 should not be used for security related applications,
> as linear congruential algorithms are too easy to break.
> Used a compliant random number generator /dev/urandom.
>
> Fixes: d299106e8e31 ("examples/ipsec-secgw: add IPsec sample application")
> Coverity ID 124558
>
> Signed-off-by: Slawomir Mrozowicz <slawomirx.mrozowicz@intel.com>
> ---
I understand that lrand48 is not crypto secure, but this fix will kill
performance.
I already have a solution for this issue to be included in the next
IPSec patch set
that will also add support for GCM/CTR modes.
Sergio
>-----Original Message-----
>From: Gonzalez Monroy, Sergio
>Sent: Tuesday, June 7, 2016 10:15 AM
>To: Mrozowicz, SlawomirX <slawomirx.mrozowicz@intel.com>
>Cc: dev@dpdk.org
>Subject: Re: [PATCH] examples/ipsec-secgw: Calling risky function
>
>On 07/06/2016 09:58, Slawomir Mrozowicz wrote:
>> lrand48 should not be used for security related applications, as
>> linear congruential algorithms are too easy to break.
>> Used a compliant random number generator /dev/urandom.
>>
>> Fixes: d299106e8e31 ("examples/ipsec-secgw: add IPsec sample
>> application") Coverity ID 124558
>>
>> Signed-off-by: Slawomir Mrozowicz <slawomirx.mrozowicz@intel.com>
>> ---
>
>I understand that lrand48 is not crypto secure, but this fix will kill performance.
>
>I already have a solution for this issue to be included in the next IPSec patch
>set that will also add support for GCM/CTR modes.
>
>Sergio
Thanks for your reply.
So for now I propose to set this problem as intentional in the Coverity tool.
SÅ‚awomir
@@ -55,16 +55,17 @@
static inline void
random_iv_u64(uint64_t *buf, uint16_t n)
{
- unsigned left = n & 0x7;
- unsigned i;
+ int res = 0;
+ FILE *fp;
- RTE_ASSERT((n & 0x3) == 0);
-
- for (i = 0; i < (n >> 3); i++)
- buf[i] = rte_rand();
+ fp = fopen("/dev/urandom", "r");
+ if (fp != NULL) {
+ res = fread(buf, 8, n, fp);
+ fclose(fp);
+ }
- if (left)
- *((uint32_t *)&buf[i]) = (uint32_t)lrand48();
+ RTE_ASSERT(res != n);
+ RTE_LOG(DEBUG, IPSEC_ESP, "random_iv_u64 result %d\n", res);
}
/* IPv4 Tunnel */