Windows: how to get high resolution time in PRNG

Sam Hartman hartmans at MIT.EDU
Tue Aug 9 16:09:03 EDT 2011 

Hi.
One of the reasons trunk doesn't build on windows is that the fortuna
code directly calls gettimeofday.
On windows, there is a relatively simple solution:

>From 1e79f99a4e39d5359442d64ec2d8452fd220366a Mon Sep 17 00:00:00 2001
From: Kevin Wasserman <kevin.wasserman at painless-security.com>
Date: Thu, 7 Jul 2011 11:42:59 -0400
Subject: [PATCH] gettimeofday -> krb5_crypto_us_timeofday

gettimeofday() is not available on windows.
Added comment explaining potential performance problem with
krb5_crypto_us_timeofday (it grabs a mutex) and how to resolve it.

Signed-off-by: Kevin Wasserman <kevin.wasserman at painless-security.com>
---
 src/lib/crypto/krb/prng_fortuna.c |    8 +++++++-
 1 files changed, 7 insertions(+), 1 deletions(-)

diff --git a/src/lib/crypto/krb/prng_fortuna.c b/src/lib/crypto/krb/prng_fortuna.c
index f559df7..446fd73 100644
--- a/src/lib/crypto/krb/prng_fortuna.c
+++ b/src/lib/crypto/krb/prng_fortuna.c
@@ -315,7 +315,13 @@ enough_time_passed(struct fortuna_state *st)
     struct timeval tv, *last = &st->last_reseed_time;
     krb5_boolean ok = FALSE;
 
-    gettimeofday(&tv, NULL);
+    /* We need to get the current time with RESEED_INTERVAL accuracy (currently 0.1sec).
+       The only exposed platform-independent function to do this is 
+       krb5_crypto_us_timeofday().  It has the unfortunate side-effect of grabbing 
+       a mutex to protect static data that is used to enforce 'never return the same 
+       time twice' semantics which we do not require.  If this is ever a performance 
+       issue, it would be trivial to fix by exposing get_time_now() from c_ustime.c */
+    krb5_crypto_us_timeofday(&tv.tv_sec, &tv.tv_usec);
 
     /* Check how much time has passed. */
     if (tv.tv_sec > last->tv_sec + 1)
-- 
1.7.4.1


Unfortunately, despite its name, krb5_crypto_us_timeofday is defined in
libkrb5 not libk5crypto.  On Windows, this is not a big deal: they are
the same dll.  However the above patch breaks the unix build.

How do we want to fix this?
Options include:

1) duplicating the code

2) Calling krb5_crypto_us_timeofday on Windows but not other platforms

3) Moving the implementation to libk5crypto but retaining a stub symbol
in libkrb5

4) Moving the implementation to the support library and maintaining a
stub in libkrb5

More information about the krbdev mailing list