simon-git: putty (master): Simon Tatham

Commits to Tartarus hosted VCS tartarus-commits at lists.tartarus.org
Sun Feb 10 13:52:06 GMT 2019 

TL;DR:
  4d288dc3 Windows PuTTYgen: reinstate mouse-based entropy collection.
  22131a51 Windows PuTTYgen: bound entropy input by PRNG state size.

Repository:     https://git.tartarus.org/simon/putty.git
On the web:     https://git.tartarus.org/?p=simon/putty.git
Branch updated: master
Committer:      Simon Tatham <anakin at pobox.com>
Date:           2019-02-10 13:52:06

commit 4d288dc3e981869447fafde3ecb4f3cf21b373d0
web diff https://git.tartarus.org/?p=simon/putty.git;a=commitdiff;h=4d288dc3e981869447fafde3ecb4f3cf21b373d0;hp=9cb8c4bcb78fd3388f10ed626e853a225c33faed
Author: Simon Tatham <anakin at pobox.com>
Date:   Sun Feb 10 13:38:15 2019 +0000

    Windows PuTTYgen: reinstate mouse-based entropy collection.
    
    This reverts the policy change in 6142013ab (though not the detailed
    code changes - I've kept the reorganised code layout). Now the old
    mouse-based manual entropy collection is once again required when
    generating a public key.
    
    Rationale: I came across Wikipedia's page on CryptGenRandom which
    mentioned that it was not a true kernel-level PRNG of the /dev/random
    variety, but rather a thing running in userland, no different in
    principle from PuTTY's own. So I think that makes it no longer a thing
    we should rely on for all our entropy, and I'm relegating it back to
    being just one entropy source among many.

 windows/winpgen.c | 79 ++++++++++++++++++++++++++++---------------------------
 1 file changed, 40 insertions(+), 39 deletions(-)

commit 22131a51fa9790fb57dc9d6cf783535e85e6edc8
web diff https://git.tartarus.org/?p=simon/putty.git;a=commitdiff;h=22131a51fa9790fb57dc9d6cf783535e85e6edc8;hp=4d288dc3e981869447fafde3ecb4f3cf21b373d0
Author: Simon Tatham <anakin at pobox.com>
Date:   Sun Feb 10 13:43:14 2019 +0000

    Windows PuTTYgen: bound entropy input by PRNG state size.
    
    Although I've reinstated the tedious manual mouse input, I can at
    least reduce the amount of it that the user is required to provide:
    the new PRNG has a hard limit on the size of its seed, so once we've
    generated enough entropy to fill that up, there's no point in
    collecting more, even if we're generating a particularly large key.

 putty.h           | 2 ++
 ssh.h             | 1 +
 sshprng.c         | 6 ++++++
 sshrand.c         | 6 ++++++
 windows/winpgen.c | 6 ++++++
 5 files changed, 21 insertions(+)

More information about the tartarus-commits mailing list