git: ec2942baf536 - stable/12 - Fortuna: Clean up reseeding key material to closer match FS&K

[David E. O'Brien]

The branch stable/12 has been updated by obrien:

URL: https://cgit.FreeBSD.org/src/commit/?id=ec2942baf536cde8298febc1787b7bf4ff97cd27

commit ec2942baf536cde8298febc1787b7bf4ff97cd27
Author:     Conrad Meyer <cem at FreeBSD.org>
AuthorDate: 2018-10-20 19:44:59 +0000
Commit:     David E. O'Brien <obrien at FreeBSD.org>
CommitDate: 2021-08-06 00:27:56 +0000

    Fortuna: Clean up reseeding key material to closer match FS&K
    
    When reseeding, only incorporate actual key material.  Do not include e.g.
    the derived key schedules or other AES context.
    
    I don't think the extra material was harmful here, just not beneficial.
    
    Reviewed by:    delphij, markm
    Approved by:    secteam (delphij)
    Sponsored by:   Dell EMC Isilon
    Differential Revision:  https://reviews.freebsd.org/D16934
    (cherry picked from commit 90545403e9d293efb0b843a75ad02361eadaae6d)
---
 sys/dev/random/fortuna.c | 3 ++-
 1 file changed, 2 insertions(+), 1 deletion(-)

diff --git a/sys/dev/random/fortuna.c b/sys/dev/random/fortuna.c
index c20cea2f21ae..d203c2f138a1 100644
--- a/sys/dev/random/fortuna.c
+++ b/sys/dev/random/fortuna.c
@@ -285,7 +285,8 @@ random_fortuna_reseed_internal(uint32_t *entropy_data, u_int blockcount)
 	 */
 	randomdev_hash_init(&context);
 	randomdev_hash_iterate(&context, zero_region, RANDOM_ZERO_BLOCKSIZE);
-	randomdev_hash_iterate(&context, &fortuna_state.fs_key, sizeof(fortuna_state.fs_key));
+	randomdev_hash_iterate(&context, &fortuna_state.fs_key.key.keyMaterial,
+	    fortuna_state.fs_key.key.keyLen / 8);
 	randomdev_hash_iterate(&context, entropy_data, RANDOM_KEYSIZE*blockcount);
 	randomdev_hash_finish(&context, hash);
 	randomdev_hash_init(&context);