]> git.saurik.com Git - apple/xnu.git/blob - bsd/netinet/ip_id.c
xnu-792.13.8.tar.gz
[apple/xnu.git] / bsd / netinet / ip_id.c
1 /* $OpenBSD: ip_id.c,v 1.2 1999/08/26 13:37:01 provos Exp $ */
2
3 /*
4 * Copyright 1998 Niels Provos <provos@citi.umich.edu>
5 * All rights reserved.
6 *
7 * Theo de Raadt <deraadt@openbsd.org> came up with the idea of using
8 * such a mathematical system to generate more random (yet non-repeating)
9 * ids to solve the resolver/named problem. But Niels designed the
10 * actual system based on the constraints.
11 *
12 * Redistribution and use in source and binary forms, with or without
13 * modification, are permitted provided that the following conditions
14 * are met:
15 * 1. Redistributions of source code must retain the above copyright
16 * notice, this list of conditions and the following disclaimer.
17 * 2. Redistributions in binary form must reproduce the above copyright
18 * notice, this list of conditions and the following disclaimer in the
19 * documentation and/or other materials provided with the distribution.
20 * 3. All advertising materials mentioning features or use of this software
21 * must display the following acknowledgement:
22 * This product includes software developed by Niels Provos.
23 * 4. The name of the author may not be used to endorse or promote products
24 * derived from this software without specific prior written permission.
25 *
26 * THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR
27 * IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES
28 * OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED.
29 * IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT,
30 * INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
31 * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
32 * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
33 * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
34 * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF
35 * THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
36 *
37 * $FreeBSD: src/sys/netinet/ip_id.c,v 1.1.2.1 2001/07/19 06:37:26 kris Exp $
38 */
39
40 /*
41 * seed = random 15bit
42 * n = prime, g0 = generator to n,
43 * j = random so that gcd(j,n-1) == 1
44 * g = g0^j mod n will be a generator again.
45 *
46 * X[0] = random seed.
47 * X[n] = a*X[n-1]+b mod m is a Linear Congruential Generator
48 * with a = 7^(even random) mod m,
49 * b = random with gcd(b,m) == 1
50 * m = 31104 and a maximal period of m-1.
51 *
52 * The transaction id is determined by:
53 * id[n] = seed xor (g^X[n] mod n)
54 *
55 * Effectivly the id is restricted to the lower 15 bits, thus
56 * yielding two different cycles by toggling the msb on and off.
57 * This avoids reuse issues caused by reseeding.
58 */
59
60 #include "opt_random_ip_id.h"
61 #include <sys/param.h>
62 #include <sys/time.h>
63 #include <sys/kernel.h>
64 #include <sys/random.h>
65
66 #if RANDOM_IP_ID
67 #define RU_OUT 180 /* Time after wich will be reseeded */
68 #define RU_MAX 30000 /* Uniq cycle, avoid blackjack prediction */
69 #define RU_GEN 2 /* Starting generator */
70 #define RU_N 32749 /* RU_N-1 = 2*2*3*2729 */
71 #define RU_AGEN 7 /* determine ru_a as RU_AGEN^(2*rand) */
72 #define RU_M 31104 /* RU_M = 2^7*3^5 - don't change */
73
74 #define PFAC_N 3
75 const static u_int16_t pfacts[PFAC_N] = {
76 2,
77 3,
78 2729
79 };
80
81 static u_int16_t ru_x;
82 static u_int16_t ru_seed, ru_seed2;
83 static u_int16_t ru_a, ru_b;
84 static u_int16_t ru_g;
85 static u_int16_t ru_counter = 0;
86 static u_int16_t ru_msb = 0;
87 static long ru_reseed;
88 static u_int32_t tmp; /* Storage for unused random */
89
90 static u_int16_t pmod(u_int16_t, u_int16_t, u_int16_t);
91 static void ip_initid(void);
92 u_int16_t ip_randomid(void);
93
94 /*
95 * Do a fast modular exponation, returned value will be in the range
96 * of 0 - (mod-1)
97 */
98
99 #ifdef __STDC__
100 static u_int16_t
101 pmod(u_int16_t gen, u_int16_t exp, u_int16_t mod)
102 #else
103 static u_int16_t
104 pmod(gen, exp, mod)
105 u_int16_t gen, exp, mod;
106 #endif
107 {
108 u_int16_t s, t, u;
109
110 s = 1;
111 t = gen;
112 u = exp;
113
114 while (u) {
115 if (u & 1)
116 s = (s*t) % mod;
117 u >>= 1;
118 t = (t*t) % mod;
119 }
120 return (s);
121 }
122
123 /*
124 * Initalizes the seed and chooses a suitable generator. Also toggles
125 * the msb flag. The msb flag is used to generate two distinct
126 * cycles of random numbers and thus avoiding reuse of ids.
127 *
128 * This function is called from id_randomid() when needed, an
129 * application does not have to worry about it.
130 */
131 static void
132 ip_initid(void)
133 {
134 u_int16_t j, i;
135 int noprime = 1;
136 struct timeval time;
137
138 getmicrouptime(&time);
139 read_random((void *) &tmp, sizeof(tmp));
140 ru_x = (tmp & 0xFFFF) % RU_M;
141
142 /* 15 bits of random seed */
143 ru_seed = (tmp >> 16) & 0x7FFF;
144 read_random((void *) &tmp, sizeof(tmp));
145 ru_seed2 = tmp & 0x7FFF;
146
147 read_random((void *) &tmp, sizeof(tmp));
148
149 /* Determine the LCG we use */
150 ru_b = (tmp & 0xfffe) | 1;
151 ru_a = pmod(RU_AGEN, (tmp >> 16) & 0xfffe, RU_M);
152 while (ru_b % 3 == 0)
153 ru_b += 2;
154
155 read_random((void *) &tmp, sizeof(tmp));
156 j = tmp % RU_N;
157 tmp = tmp >> 16;
158
159 /*
160 * Do a fast gcd(j,RU_N-1), so we can find a j with
161 * gcd(j, RU_N-1) == 1, giving a new generator for
162 * RU_GEN^j mod RU_N
163 */
164
165 while (noprime) {
166 for (i=0; i<PFAC_N; i++)
167 if (j%pfacts[i] == 0)
168 break;
169
170 if (i>=PFAC_N)
171 noprime = 0;
172 else
173 j = (j+1) % RU_N;
174 }
175
176 ru_g = pmod(RU_GEN,j,RU_N);
177 ru_counter = 0;
178
179 ru_reseed = time.tv_sec + RU_OUT;
180 ru_msb = ru_msb == 0x8000 ? 0 : 0x8000;
181 }
182
183 u_int16_t
184 ip_randomid(void)
185 {
186 int i, n;
187 struct timeval time;
188
189 getmicrouptime(&time);
190 if (ru_counter >= RU_MAX || time.tv_sec > ru_reseed)
191 ip_initid();
192
193 if (!tmp)
194 read_random((void *) &tmp, sizeof(tmp));
195
196 /* Skip a random number of ids */
197 n = tmp & 0x3; tmp = tmp >> 2;
198 if (ru_counter + n >= RU_MAX)
199 ip_initid();
200
201 for (i = 0; i <= n; i++)
202 /* Linear Congruential Generator */
203 ru_x = (ru_a*ru_x + ru_b) % RU_M;
204
205 ru_counter += i;
206
207 return (ru_seed ^ pmod(ru_g,ru_seed2 ^ ru_x,RU_N)) | ru_msb;
208 }
209
210 #endif /* RANDOM_IP_ID */