From 609c3e3cd3d83c02490ac26753bb78a63e0e48b5 Mon Sep 17 00:00:00 2001 From: Isaac Dunham Date: Sat, 23 Feb 2019 16:38:35 -0600 Subject: Here's an 'mcookie' implementation for toybox. mcookie simply prints out 16 bytes of entropy in hexadecimal; it is typically used as the source for the "MIT magic cookies" that X11 uses for "secure" connections. The only implementation I know of is in util-linux; the problems with its documented behavior motivated me to write an alternate implementation. Specifically, getting 128 bytes from the kernel and finding the MD5 sum is not a sane PRNG, especially when only 16 bytes are needed. --- toys/pending/mcookie.c | 47 +++++++++++++++++++++++++++++++++++++++++++++++ 1 file changed, 47 insertions(+) create mode 100644 toys/pending/mcookie.c (limited to 'toys/pending') diff --git a/toys/pending/mcookie.c b/toys/pending/mcookie.c new file mode 100644 index 00000000..83cf0a91 --- /dev/null +++ b/toys/pending/mcookie.c @@ -0,0 +1,47 @@ +/* mcookie - generate a 128-bit random number (used for X "magic cookies") + * + * Copyright 2019 AD Isaac Dunham + * + * No standard. + * util-linux mcookie originally found the md5sum of several files in /proc + * and reported that; more recent versions use the best random number source + * and find the md5sum, thus wasting entropy. + * We just ask the system for 128 bits and print it. + * + * +USE_MCOOKIE(NEWTOY(mcookie, "v(verbose)V(version)", TOYFLAG_USR|TOYFLAG_BIN)) + +config MCOOKIE + bool "mcookie" + default n + help + usage: mcookie [-v | -V] + + Generate a 128-bit random number from system sources. + -f and -m are not supported; md5 sums of arbitrary files are not a + good source of entropy + -h show help + -v show entropy source (verbose) + -V show version +*/ + +#define FOR_mcookie +#include "toys.h" + +void mcookie_main(void) +{ + int i; + if (toys.optflags & FLAG_V) { + puts("mcookie from toybox"); + return; + } + xgetrandom(toybuf, 16, 0); + if (toys.optflags & FLAG_v) { + fputs("Got 16 bytes from xgetrandom()\n", stderr); + } + for (i = 0; i < 16; i++) { + sprintf(toybuf+16+2*i,"%02x", toybuf[i]); + } + toybuf[48] = '\0'; + puts(toybuf + 16); +} -- cgit v1.2.3