simon-git: putty (main): Simon Tatham
Commits to Tartarus hosted VCS
tartarus-commits at lists.tartarus.org
Sat Jan 8 13:04:19 GMT 2022
TL;DR:
9529769b Windows PuTTYgen: make state->entropy into a strbuf.
e7a69510 Windows PuTTYgen: remove state->collecting_entropy.
5ad601ff Windows PuTTYgen: rate-limit entropy counter increment.
Repository: https://git.tartarus.org/simon/putty.git
On the web: https://git.tartarus.org/?p=simon/putty.git
Branch updated: main
Committer: Simon Tatham <anakin at pobox.com>
Date: 2022-01-08 13:04:19
commit 9529769b6002eaaa44d293762a3cec159d628206
web diff https://git.tartarus.org/?p=simon/putty.git;a=commitdiff;h=9529769b6002eaaa44d293762a3cec159d628206;hp=498c0a3abca2f3cfa5e1c663e60ea423bcd79672
Author: Simon Tatham <anakin at pobox.com>
Date: Sat Jan 8 11:20:27 2022 +0000
Windows PuTTYgen: make state->entropy into a strbuf.
This offloads the memory management into centralised code which is
better at it than the ad-hoc code here. Now I don't have to predict in
advance how much memory the entropy will consume, and can change that
decision on the fly.
windows/puttygen.c | 19 ++++++++-----------
1 file changed, 8 insertions(+), 11 deletions(-)
commit e7a695103fd51ae765ccf0460f15795adb74485e
web diff https://git.tartarus.org/?p=simon/putty.git;a=commitdiff;h=e7a695103fd51ae765ccf0460f15795adb74485e;hp=9529769b6002eaaa44d293762a3cec159d628206
Author: Simon Tatham <anakin at pobox.com>
Date: Sat Jan 8 11:23:46 2022 +0000
Windows PuTTYgen: remove state->collecting_entropy.
There's no point having a separate boolean flag. All we have to do is
remember to NULL out the strbuf point state->entropy when we free the
strbuf (which is a good idea in any case!), and then we can use the
non-NULL-ness of that pointer as the indicator that we're currently
collecting entropy.
windows/puttygen.c | 8 ++------
1 file changed, 2 insertions(+), 6 deletions(-)
commit 5ad601ffcd5d09b5f22d998f71ce9ccdf35140f1
web diff https://git.tartarus.org/?p=simon/putty.git;a=commitdiff;h=5ad601ffcd5d09b5f22d998f71ce9ccdf35140f1;hp=e7a695103fd51ae765ccf0460f15795adb74485e
Author: Simon Tatham <anakin at pobox.com>
Date: Sat Jan 8 12:09:36 2022 +0000
Windows PuTTYgen: rate-limit entropy counter increment.
Some pointing devices (e.g. gaming mice) can be set to send
mouse-movement events at an extremely high sample rate like 1kHz. This
apparently translates into Windows genuinely sending WM_MOUSEMOVE
messages at that rate. So if you're using one of those mice, then
PuTTYgen's mouse-based entropy collection system will fill its buffer
almost immediately, and give you no perceptible time to actually wave
the mouse around.
I think that in that situation, there's also likely to be a strong
correlation between the contents of successive movement events,
because human-controlled mouse movements aren't fractals - the more
you zoom in on a little piece of one, the more it starts to look more
and more like something moving in a straight line at constant speed,
because the deviations from that happen on a larger time scale than
you're seeing.
So this commit adds a rate limit, not on the _collection_ of the data
(we'll still take all the bits we can get, thanks!), but on the rate
at which we increment the _counter_ for how much entropy we think
we've collected so far. That way, the user still has to spend time
wiggling the mouse back and forth in a way that varies with muscle
motions and introduces randomness.
windows/puttygen.c | 27 +++++++++++++++++++++++++--
1 file changed, 25 insertions(+), 2 deletions(-)
More information about the tartarus-commits
mailing list