From 7d6ee6ff291302d003f6f6cc6d11cede050c1c87 Mon Sep 17 00:00:00 2001
From: simon <simon@cda61777-01e9-0310-a592-d414129be87e>
Date: Mon, 23 Oct 2000 15:20:05 +0000
Subject: [PATCH] Improved entropy gathering.

git-svn-id: svn://svn.tartarus.org/sgt/putty@750 cda61777-01e9-0310-a592-d414129be87e
---
 be_nossh.c |  2 ++
 noise.c    | 28 ++++++++++++++++++++++++++++
 plink.c    |  3 +++
 putty.h    |  5 +++--
 sshbn.c    | 14 ++++++++++++++
 sshrand.c  |  6 ++++++
 window.c   | 11 +++++------
 winnet.c   |  4 ++++
 8 files changed, 65 insertions(+), 8 deletions(-)

diff --git a/be_nossh.c b/be_nossh.c
index fdd98288..d9777e0b 100644
--- a/be_nossh.c
+++ b/be_nossh.c
@@ -25,3 +25,5 @@ void random_destroy_seed(void) {
 void noise_ultralight(DWORD data) {
 }
 
+void noise_regular(void) {
+}
diff --git a/noise.c b/noise.c
index af75f9d8..c5966a71 100644
--- a/noise.c
+++ b/noise.c
@@ -82,6 +82,34 @@ void noise_get_light(void (*func) (void *, int)) {
 }
 
 /*
+ * This function is called on a timer, and it will monitor
+ * frequently changing quantities such as the state of physical and
+ * virtual memory, the state of the process's message queue, which
+ * window is in the foreground, which owns the clipboard, etc.
+ */
+void noise_regular(void) {
+    HWND w;
+    DWORD z;
+    POINT pt;
+    MEMORYSTATUS memstat;
+    FILETIME times[4];
+
+    w = GetForegroundWindow(); random_add_noise(&w, sizeof(w));
+    w = GetCapture(); random_add_noise(&w, sizeof(w));
+    w = GetClipboardOwner(); random_add_noise(&w, sizeof(w));
+    z = GetQueueStatus(QS_ALLEVENTS); random_add_noise(&z, sizeof(z));
+
+    GetCursorPos(&pt); random_add_noise(&pt, sizeof(pt));
+
+    GlobalMemoryStatus(&memstat); random_add_noise(&memstat, sizeof(memstat));
+
+    GetThreadTimes(GetCurrentThread(), times, times+1, times+2, times+3);
+    random_add_noise(&times, sizeof(times));
+    GetProcessTimes(GetCurrentProcess(), times, times+1, times+2, times+3);
+    random_add_noise(&times, sizeof(times));
+}
+
+/*
  * This function is called on every keypress or mouse move, and
  * will add the current Windows time and performance monitor
  * counter to the noise pool. It gets the scan code or mouse
diff --git a/plink.c b/plink.c
index 2fe882f7..ace6c75c 100644
--- a/plink.c
+++ b/plink.c
@@ -557,6 +557,8 @@ int main(int argc, char **argv) {
                 socket = sklist[i];
                 wp = (WPARAM)socket;
 		if (!WSAEnumNetworkEvents(socket, netevent, &things)) {
+                    noise_ultralight(socket);
+                    noise_ultralight(things.lNetworkEvents);
 		    if (things.lNetworkEvents & FD_READ)
 			connopen &= select_result(wp, (LPARAM)FD_READ);
 		    if (things.lNetworkEvents & FD_CLOSE)
@@ -568,6 +570,7 @@ int main(int argc, char **argv) {
 		}
 	    }
         } else if (n == 1) {
+            noise_ultralight(idata.len);
             if (idata.len > 0) {
                 back->send(idata.buffer, idata.len);
             } else {
diff --git a/putty.h b/putty.h
index ae936b01..6b49379d 100644
--- a/putty.h
+++ b/putty.h
@@ -260,8 +260,9 @@ void sys_cursor(int x, int y);
 /*
  * Exports from noise.c.
  */
-void noise_get_heavy(void (*func) (void *, int));
-void noise_get_light(void (*func) (void *, int));
+void noise_get_heavy(void (*func)(void *, int));
+void noise_get_light(void (*func)(void *, int));
+void noise_regular(void);
 void noise_ultralight(DWORD data);
 void random_save_seed(void);
 void random_destroy_seed(void);
diff --git a/sshbn.c b/sshbn.c
index 693b4ac7..24af76fb 100644
--- a/sshbn.c
+++ b/sshbn.c
@@ -11,6 +11,20 @@
 unsigned short bnZero[1] = { 0 };
 unsigned short bnOne[2] = { 1, 1 };
 
+/*
+ * The Bignum format is an array of `unsigned short'. The first
+ * element of the array counts the remaining elements. The
+ * remaining elements express the actual number, base 2^16, _least_
+ * significant digit first. (So it's trivial to extract the bit
+ * with value 2^n for any n.)
+ *
+ * All Bignums in this module are positive. Negative numbers must
+ * be dealt with outside it.
+ *
+ * INVARIANT: the most significant word of any Bignum must be
+ * nonzero.
+ */
+
 Bignum Zero = bnZero, One = bnOne;
 
 Bignum newbn(int length) {
diff --git a/sshrand.c b/sshrand.c
index 84c3e91e..3e0a0a8b 100644
--- a/sshrand.c
+++ b/sshrand.c
@@ -39,6 +39,7 @@ struct RandPool {
 };
 
 static struct RandPool pool;
+static int random_active = 0;
 
 void random_stir(void) {
     word32 block[HASHINPUT/sizeof(word32)];
@@ -114,6 +115,9 @@ void random_add_noise(void *noise, int length) {
     unsigned char *p = noise;
     int i;
 
+    if (!random_active)
+        return;
+
     /*
      * This function processes HASHINPUT bytes into only HASHSIZE
      * bytes, so _if_ we were getting incredibly high entropy
@@ -176,6 +180,8 @@ static void random_add_heavynoise_bitbybit(void *noise, int length) {
 void random_init(void) {
     memset(&pool, 0, sizeof(pool));    /* just to start with */
 
+    random_active = 1;
+
     noise_get_heavy(random_add_heavynoise_bitbybit);
 }
 
diff --git a/window.c b/window.c
index 1e38a487..680f065a 100644
--- a/window.c
+++ b/window.c
@@ -1051,6 +1051,7 @@ static LRESULT CALLBACK WndProc (HWND hwnd, UINT message,
 	    enact_pending_netevent();
 	if (inbuf_head)
 	    term_out();
+        noise_regular();
         HideCaret(hwnd);
 	term_update();
         ShowCaret(hwnd);
@@ -1288,10 +1289,9 @@ static LRESULT CALLBACK WndProc (HWND hwnd, UINT message,
       case WM_MOUSEMOVE:
 	/*
 	 * Add the mouse position and message time to the random
-	 * number noise, if we're using ssh.
+	 * number noise.
 	 */
-	if (cfg.protocol == PROT_SSH)
-	    noise_ultralight(lParam);
+        noise_ultralight(lParam);
 
 	if (wParam & (MK_LBUTTON | MK_MBUTTON | MK_RBUTTON)) {
 	    Mouse_Button b;
@@ -1486,10 +1486,9 @@ static LRESULT CALLBACK WndProc (HWND hwnd, UINT message,
       case WM_SYSKEYUP:
 	/*
 	 * Add the scan code and keypress timing to the random
-	 * number noise, if we're using ssh.
+	 * number noise.
 	 */
-	if (cfg.protocol == PROT_SSH)
-	    noise_ultralight(lParam);
+        noise_ultralight(lParam);
 
 	/*
 	 * We don't do TranslateMessage since it disassociates the
diff --git a/winnet.c b/winnet.c
index a81ae98d..69322836 100644
--- a/winnet.c
+++ b/winnet.c
@@ -225,6 +225,7 @@ void try_send(Socket s) {
         }
 
 	nsent = send(s->s, s->head->buf + s->head->bufpos, len, urgentflag);
+        noise_ultralight(nsent);
 	if (nsent <= 0) {
 	    err = (nsent < 0 ? WSAGetLastError() : 0);
 	    if (err == WSAEWOULDBLOCK) {
@@ -346,6 +347,8 @@ int select_result(WPARAM wParam, LPARAM lParam) {
 	fatalbox(winsock_error_string(err));
     }
 
+    noise_ultralight(lParam);
+
     switch (WSAGETSELECTEVENT(lParam)) {
       case FD_READ:
 	ret = recv(s->s, buf, sizeof(buf), 0);
@@ -376,6 +379,7 @@ int select_result(WPARAM wParam, LPARAM lParam) {
          * which is good enough to keep going at least. */
         ioctlsocket(s->s, SIOCATMARK, &atmark);
         ret = recv(s->s, buf, sizeof(buf), MSG_OOB);
+        noise_ultralight(ret);
         if (ret <= 0) {
             fatalbox(ret == 0 ? "Internal networking trouble" :
                      winsock_error_string(WSAGetLastError()));
-- 
2.11.0