unused files, not part of OpenSSL 0.9.7

author: markus <> 2002-09-03 09:21:21 +0000
committer: markus <> 2002-09-03 09:21:21 +0000
commit: 2a403cf17b91db1355403be2649b62a15f65d0b1 (patch)
tree: ccb7f731e62b49ca25d700356d1d89a66fce9fde /src/lib/libcrypto/rand
parent: 0417492a9cd47355e6322690a822134d099084b8 (diff)
download: openbsd-2a403cf17b91db1355403be2649b62a15f65d0b1.tar.gz
openbsd-2a403cf17b91db1355403be2649b62a15f65d0b1.tar.bz2
openbsd-2a403cf17b91db1355403be2649b62a15f65d0b1.zip
1 files changed, 0 insertions, 515 deletions
diff --git a/src/lib/libcrypto/rand/md_rand_munged.c b/src/lib/libcrypto/rand/md_rand_munged.c
deleted file mode 100644
index 1611bf335b..0000000000
--- a/src/lib/libcrypto/rand/md_rand_munged.c
+++ /dev/null
@@ -1,515 +0,0 @@
-/* crypto/rand/md_rand.c */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- * 
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to.  The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- * 
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- * 
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *    "This product includes cryptographic software written by
- *     Eric Young (eay@cryptsoft.com)"
- *    The word 'cryptographic' can be left out if the rouines from the library
- *    being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from 
- *    the apps directory (application code) you must include an acknowledgement:
- *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- * 
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- * 
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed.  i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-#include <stdio.h>
-#include <sys/types.h>
-#include <fcntl.h>
-#include <time.h>
-#include <string.h>
-#include "openssl/e_os.h"
-#include <openssl/crypto.h>
-#if !defined(USE_MD5_RAND) && !defined(USE_SHA1_RAND) && !defined(USE_MDC2_RAND) && !defined(USE_MD2_RAND)
-#if !defined(NO_SHA) && !defined(NO_SHA1)
-#define USE_SHA1_RAND
-#elif !defined(NO_MD5)
-#define USE_MD5_RAND
-#elif !defined(NO_MDC2) && !defined(NO_DES)
-#define USE_MDC2_RAND
-#elif !defined(NO_MD2)
-#define USE_MD2_RAND
-#else
-#error No message digest algorithm available
-#endif
-#endif
-/* Changed how the state buffer used.  I now attempt to 'wrap' such
- * that I don't run over the same locations the next time  go through
- * the 1023 bytes - many thanks to
- * Robert J. LeBlanc <rjl@renaissoft.com> for his comments
- */
-#if defined(USE_MD5_RAND)
-#include <openssl/md5.h>
-#define MD_DIGEST_LENGTH        MD5_DIGEST_LENGTH
-#define MD_CTX                  MD5_CTX
-#define MD_Init(a)              MD5_Init(a)
-#define MD_Update(a,b,c)        MD5_Update(a,b,c)
-#define MD_Final(a,b)           MD5_Final(a,b)
-#define MD(a,b,c)               MD5(a,b,c)
-#elif defined(USE_SHA1_RAND)
-#include <openssl/sha.h>
-#define MD_DIGEST_LENGTH        SHA_DIGEST_LENGTH
-#define MD_CTX                  SHA_CTX
-#define MD_Init(a)              SHA1_Init(a)
-#define MD_Update(a,b,c)        SHA1_Update(a,b,c)
-#define MD_Final(a,b)           SHA1_Final(a,b)
-#define MD(a,b,c)               SHA1(a,b,c)
-#elif defined(USE_MDC2_RAND)
-#include <openssl/mdc2.h>
-#define MD_DIGEST_LENGTH        MDC2_DIGEST_LENGTH
-#define MD_CTX                  MDC2_CTX
-#define MD_Init(a)              MDC2_Init(a)
-#define MD_Update(a,b,c)        MDC2_Update(a,b,c)
-#define MD_Final(a,b)           MDC2_Final(a,b)
-#define MD(a,b,c)               MDC2(a,b,c)
-#elif defined(USE_MD2_RAND)
-#include <openssl/md2.h>
-#define MD_DIGEST_LENGTH        MD2_DIGEST_LENGTH
-#define MD_CTX                  MD2_CTX
-#define MD_Init(a)              MD2_Init(a)
-#define MD_Update(a,b,c)        MD2_Update(a,b,c)
-#define MD_Final(a,b)           MD2_Final(a,b)
-#define MD(a,b,c)               MD2(a,b,c)
-#endif
-#include <openssl/rand.h>
-/* #define NORAND       1 */
-/* #define PREDICT      1 */
-#define STATE_SIZE      1023
-static int state_num=0,state_index=0;
-static unsigned char state[STATE_SIZE+MD_DIGEST_LENGTH];
-static unsigned char md[MD_DIGEST_LENGTH];
-static long md_count[2]={0,0};
-static double entropy=0;
-static int initialized=0;
-const char *RAND_version="RAND" OPENSSL_VERSION_PTEXT;
-static void ssleay_rand_cleanup(void);
-static void ssleay_rand_seed(const void *buf, int num);
-static void ssleay_rand_add(const void *buf, int num, double add_entropy);
-static int ssleay_rand_bytes(unsigned char *buf, int num);
-static int ssleay_rand_pseudo_bytes(unsigned char *buf, int num);
-RAND_METHOD rand_ssleay_meth={
-        ssleay_rand_seed,
-        ssleay_rand_bytes,
-        ssleay_rand_cleanup,
-        ssleay_rand_add,
-        ssleay_rand_pseudo_bytes,
-        }; 
-RAND_METHOD *RAND_SSLeay(void)
-        {
-        return(&rand_ssleay_meth);
-        }
-static void ssleay_rand_cleanup(void)
-        {
-        memset(state,0,sizeof(state));
-        state_num=0;
-        state_index=0;
-        memset(md,0,MD_DIGEST_LENGTH);
-        md_count[0]=0;
-        md_count[1]=0;
-        entropy=0;
-        }
-static void ssleay_rand_add(const void *buf, int num, double add)
-        {
-        int i,j,k,st_idx;
-        long md_c[2];
-        unsigned char local_md[MD_DIGEST_LENGTH];
-        MD_CTX m;
-#ifdef NORAND
-        return;
-#endif
-        /*
-         * (Based on the rand(3) manpage)
-         *
-         * The input is chopped up into units of 20 bytes (or less for
-         * the last block).  Each of these blocks is run through the hash
-         * function as follows:  The data passed to the hash function
-         * is the current 'md', the same number of bytes from the 'state'
-         * (the location determined by in incremented looping index) as
-         * the current 'block', the new key data 'block', and 'count'
-         * (which is incremented after each use).
-         * The result of this is kept in 'md' and also xored into the
-         * 'state' at the same locations that were used as input into the
-         * hash function.
-         */
-        CRYPTO_w_lock(CRYPTO_LOCK_RAND);
-        st_idx=state_index;
-        /* use our own copies of the counters so that even
-         * if a concurrent thread seeds with exactly the
-         * same data and uses the same subarray there's _some_
-         * difference */
-        md_c[0] = md_count[0];
-        md_c[1] = md_count[1];
-        memcpy(local_md, md, sizeof md);
-        /* state_index <= state_num <= STATE_SIZE */
-        state_index += num;
-        if (state_index >= STATE_SIZE)
-                {
-                state_index%=STATE_SIZE;
-                state_num=STATE_SIZE;
-                }
-        else if (state_num < STATE_SIZE)        
-                {
-                if (state_index > state_num)
-                        state_num=state_index;
-                }
-        /* state_index <= state_num <= STATE_SIZE */
-        /* state[st_idx], ..., state[(st_idx + num - 1) % STATE_SIZE]
-         * are what we will use now, but other threads may use them
-         * as well */
-        md_count[1] += (num / MD_DIGEST_LENGTH) + (num % MD_DIGEST_LENGTH > 0);
-        CRYPTO_w_unlock(CRYPTO_LOCK_RAND);
-        for (i=0; i<num; i+=MD_DIGEST_LENGTH)
-                {
-                j=(num-i);
-                j=(j > MD_DIGEST_LENGTH)?MD_DIGEST_LENGTH:j;
-                MD_Init(&m);
-                MD_Update(&m,local_md,MD_DIGEST_LENGTH);
-                k=(st_idx+j)-STATE_SIZE;
-                if (k > 0)
-                        {
-                        MD_Update(&m,&(state[st_idx]),j-k);
-                        MD_Update(&m,&(state[0]),k);
-                        }
-                else
-                        MD_Update(&m,&(state[st_idx]),j);
-                        
-                MD_Update(&m,buf,j);
-                MD_Update(&m,(unsigned char *)&(md_count[0]),sizeof(md_count));
-                MD_Final(md,&m);
-                md_count[1]++;
-                buf=(const char *)buf + j;
-                for (k=0; k<j; k++)
-                        {
-                        state[st_idx++]^=md[k];
-                        if (st_idx >= STATE_SIZE)
-                                {
-                                st_idx=0;
-                                st_num=STATE_SIZE;
-                                }
-                        }
-                }
-        memset((char *)&m,0,sizeof(m));
-        }
-static void ssleay_rand_bytes(unsigned char *buf, int num)
-        {
-        int i,j,k,st_num,st_idx;
-        MD_CTX m;
-        static int init=1;
-        unsigned long l;
-#ifdef DEVRANDOM
-        int fd;
-#endif
-#ifdef PREDICT
-        {
-        static unsigned char val=0;
-        for (i=0; i<num; i++)
-                buf[i]=val++;
-        return;
-        }
-#endif
-        CRYPTO_w_lock(CRYPTO_LOCK_RAND);
-        if (init)
-                {
-                CRYPTO_w_unlock(CRYPTO_LOCK_RAND);
-                /* put in some default random data, we need more than
-                 * just this */
-                RAND_seed(&m,sizeof(m));
-#ifndef MSDOS
-                l=getpid();
-                RAND_seed(&l,sizeof(l));
-                l=getuid();
-                RAND_seed(&l,sizeof(l));
-#endif
-                l=time(NULL);
-                RAND_seed(&l,sizeof(l));
-/* #ifdef DEVRANDOM */
-                /* 
-                 * Use a random entropy pool device.
-                 * Linux 1.3.x, OpenBSD, and FreeBSD have
-                 * this. Use /dev/urandom if you can
-                 * as /dev/random will block if it runs out
-                 * of random entries.
-                 */
-                if ((fd = open(DEVRANDOM, O_RDONLY)) != NULL)
-                        {
-                        unsigned char tmpbuf[32];
-                        read(fd, tmpbuf, sizeof(tmpbuf));
-                        /* we don't care how many bytes we read,
-                         * we will just copy the 'stack' if there is
-                         * nothing else :-) */
-                        /* the above comment is EVIL.  Security software
-                         * RELIES ON THESE PRIMITIVES HAVING MORE SECURE
-                         * BEHAVIOUR! Secure entropy is required in
-                         * many cases! */
-                        RAND_seed(tmpbuf,32);
-                        memset(tmpbuf,0,32);
-                        }
-/* #endif */
-#ifdef PURIFY
-                memset(state,0,STATE_SIZE);
-                memset(md,0,MD_DIGEST_LENGTH);
-#endif
-                CRYPTO_w_lock(CRYPTO_LOCK_RAND);
-                init=0;
-                }
-        st_idx=state_index;
-        st_num=state_num;
-        state_index+=num;
-        if (state_index > state_num)
-                state_index=(state_index%state_num);
-        CRYPTO_w_unlock(CRYPTO_LOCK_RAND);
-        while (num > 0)
-                {
-                j=(num >= MD_DIGEST_LENGTH/2)?MD_DIGEST_LENGTH/2:num;
-                num-=j;
-                MD_Init(&m);
-#ifndef GETPID_IS_MEANINGLESS
-                if (curr_pid) /* just in the first iteration to save time */
-                        {
-                        MD_Update(&m,(unsigned char*)&curr_pid,sizeof curr_pid);
-                        curr_pid = 0;
-                        }
-#endif
-                MD_Update(&m,&(local_md[MD_DIGEST_LENGTH/2]),MD_DIGEST_LENGTH/2);
-                MD_Update(&m,(unsigned char *)&(md_c[0]),sizeof(md_c));
-#ifndef PURIFY
-                MD_Update(&m,buf,j); /* purify complains */
-#endif
-                k=(st_idx+j)-st_num;
-                if (k > 0)
-                        {
-                        MD_Update(&m,&(state[st_idx]),j-k);
-                        MD_Update(&m,&(state[0]),k);
-                        }
-                else
-                        MD_Update(&m,&(state[st_idx]),j);
-                MD_Final(local_md,&m);
-                for (i=0; i<j; i++)
-                        {
-                        state[st_idx++]^=local_md[i]; /* may compete with other threads */
-                        *(buf++)=local_md[i+MD_DIGEST_LENGTH/2];
-                        if (st_idx >= st_num)
-                                st_idx=0;
-                        }
-                }
-        MD_Init(&m);
-        MD_Update(&m,(unsigned char *)&(md_c[0]),sizeof(md_c));
-        MD_Update(&m,local_md,MD_DIGEST_LENGTH);
-        CRYPTO_w_lock(CRYPTO_LOCK_RAND);
-        MD_Update(&m,md,MD_DIGEST_LENGTH);
-        MD_Final(md,&m);
-        CRYPTO_w_unlock(CRYPTO_LOCK_RAND);
-        memset(&m,0,sizeof(m));
-        if (ok)
-                return(1);
-        else
-                {
-                RANDerr(RAND_F_SSLEAY_RAND_BYTES,RAND_R_PRNG_NOT_SEEDED);
-                return(0);
-                }
-        }
-/* pseudo-random bytes that are guaranteed to be unique but not
-   unpredictable */
-static int ssleay_rand_pseudo_bytes(unsigned char *buf, int num) 
-        {
-        int ret, err;
-        ret = RAND_bytes(buf, num);
-        if (ret == 0)
-                {
-                err = ERR_peek_error();
-                if (ERR_GET_LIB(err) == ERR_LIB_RAND &&
-                    ERR_GET_REASON(err) == RAND_R_PRNG_NOT_SEEDED)
-                        (void)ERR_get_error();
-                }
-        return (ret);
-        }
-int RAND_status(void)
-        {
-        if (!initialized)
-                ssleay_rand_initialize();
-        return (entropy >= ENTROPY_NEEDED);
-        }
-#ifdef WINDOWS
-#include <windows.h>
-#include <openssl/rand.h>
-/*****************************************************************************
- * Initialisation function for the SSL random generator.  Takes the contents
- * of the screen as random seed.
- *
- * Created 960901 by Gertjan van Oosten, gertjan@West.NL, West Consulting B.V.
- *
- * Code adapted from
- * <URL:http://www.microsoft.com/kb/developr/win_dk/q97193.htm>;
- * the original copyright message is:
- *
- *   (C) Copyright Microsoft Corp. 1993.  All rights reserved.
- *
- *   You have a royalty-free right to use, modify, reproduce and
- *   distribute the Sample Files (and/or any modified version) in
- *   any way you find useful, provided that you agree that
- *   Microsoft has no warranty obligations or liability for any
- *   Sample Application Files which are modified.
- */
-/*
- * I have modified the loading of bytes via RAND_seed() mechanism since
- * the original would have been very very CPU intensive since RAND_seed()
- * does an MD5 per 16 bytes of input.  The cost to digest 16 bytes is the same
- * as that to digest 56 bytes.  So under the old system, a screen of
- * 1024*768*256 would have been CPU cost of approximately 49,000 56 byte MD5
- * digests or digesting 2.7 mbytes.  What I have put in place would
- * be 48 16k MD5 digests, or effectively 48*16+48 MD5 bytes or 816 kbytes
- * or about 3.5 times as much.
- * - eric 
- */
-void RAND_screen(void)
-{
-  HDC           hScrDC;         /* screen DC */
-  HDC           hMemDC;         /* memory DC */
-  HBITMAP       hBitmap;        /* handle for our bitmap */
-  HBITMAP       hOldBitmap;     /* handle for previous bitmap */
-  BITMAP        bm;             /* bitmap properties */
-  unsigned int  size;           /* size of bitmap */
-  char          *bmbits;        /* contents of bitmap */
-  int           w;              /* screen width */
-  int           h;              /* screen height */
-  int           y;              /* y-coordinate of screen lines to grab */
-  int           n = 16;         /* number of screen lines to grab at a time */
-  /* Create a screen DC and a memory DC compatible to screen DC */
-  hScrDC = CreateDC("DISPLAY", NULL, NULL, NULL);
-  hMemDC = CreateCompatibleDC(hScrDC);
-  /* Get screen resolution */
-  w = GetDeviceCaps(hScrDC, HORZRES);
-  h = GetDeviceCaps(hScrDC, VERTRES);
-  /* Create a bitmap compatible with the screen DC */
-  hBitmap = CreateCompatibleBitmap(hScrDC, w, n);
-  /* Select new bitmap into memory DC */
-  hOldBitmap = SelectObject(hMemDC, hBitmap);
-  /* Get bitmap properties */
-  GetObject(hBitmap, sizeof(BITMAP), (LPSTR)&bm);
-  size = (unsigned int)bm.bmWidthBytes * bm.bmHeight * bm.bmPlanes;
-  bmbits = Malloc(size);
-  if (bmbits) {
-    /* Now go through the whole screen, repeatedly grabbing n lines */
-    for (y = 0; y < h-n; y += n)
-        {
-        unsigned char md[MD_DIGEST_LENGTH];
-        /* Bitblt screen DC to memory DC */
-        BitBlt(hMemDC, 0, 0, w, n, hScrDC, 0, y, SRCCOPY);
-        /* Copy bitmap bits from memory DC to bmbits */
-        GetBitmapBits(hBitmap, size, bmbits);
-        /* Get the MD5 of the bitmap */
-        MD(bmbits,size,md);
-        /* Seed the random generator with the MD5 digest */
-        RAND_seed(md, MD_DIGEST_LENGTH);
-        }
-    Free(bmbits);
-  }
-  /* Select old bitmap back into memory DC */
-  hBitmap = SelectObject(hMemDC, hOldBitmap);
-  /* Clean up */
-  DeleteObject(hBitmap);
-  DeleteDC(hMemDC);
-  DeleteDC(hScrDC);
-}
-#endif
author	markus <>	2002-09-03 09:21:21 +0000
committer	markus <>	2002-09-03 09:21:21 +0000
commit	2a403cf17b91db1355403be2649b62a15f65d0b1 (patch)
tree	ccb7f731e62b49ca25d700356d1d89a66fce9fde /src/lib/libcrypto/rand
parent	0417492a9cd47355e6322690a822134d099084b8 (diff)
download	openbsd-2a403cf17b91db1355403be2649b62a15f65d0b1.tar.gz openbsd-2a403cf17b91db1355403be2649b62a15f65d0b1.tar.bz2 openbsd-2a403cf17b91db1355403be2649b62a15f65d0b1.zip

diff --git a/src/lib/libcrypto/rand/md_rand_munged.c b/src/lib/libcrypto/rand/md_rand_munged.c deleted file mode 100644 index 1611bf335b..0000000000 --- a/src/lib/libcrypto/rand/md_rand_munged.c +++ /dev/null
@@ -1,515 +0,0 @@
1	/* crypto/rand/md_rand.c */
2	/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
3	* All rights reserved.
4	*
5	* This package is an SSL implementation written
6	* by Eric Young (eay@cryptsoft.com).
7	* The implementation was written so as to conform with Netscapes SSL.
8	*
9	* This library is free for commercial and non-commercial use as long as
10	* the following conditions are aheared to. The following conditions
11	* apply to all code found in this distribution, be it the RC4, RSA,
12	* lhash, DES, etc., code; not just the SSL code. The SSL documentation
13	* included with this distribution is covered by the same copyright terms
14	* except that the holder is Tim Hudson (tjh@cryptsoft.com).
15	*
16	* Copyright remains Eric Young's, and as such any Copyright notices in
17	* the code are not to be removed.
18	* If this package is used in a product, Eric Young should be given attribution
19	* as the author of the parts of the library used.
20	* This can be in the form of a textual message at program startup or
21	* in documentation (online or textual) provided with the package.
22	*
23	* Redistribution and use in source and binary forms, with or without
24	* modification, are permitted provided that the following conditions
25	* are met:
26	* 1. Redistributions of source code must retain the copyright
27	* notice, this list of conditions and the following disclaimer.
28	* 2. Redistributions in binary form must reproduce the above copyright
29	* notice, this list of conditions and the following disclaimer in the
30	* documentation and/or other materials provided with the distribution.
31	* 3. All advertising materials mentioning features or use of this software
32	* must display the following acknowledgement:
33	* "This product includes cryptographic software written by
34	* Eric Young (eay@cryptsoft.com)"
35	* The word 'cryptographic' can be left out if the rouines from the library
36	* being used are not cryptographic related :-).
37	* 4. If you include any Windows specific code (or a derivative thereof) from
38	* the apps directory (application code) you must include an acknowledgement:
39	* "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
40	*
41	* THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
42	* ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
43	* IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
44	* ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
45	* FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
46	* DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
47	* OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
48	* HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
49	* LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
50	* OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
51	* SUCH DAMAGE.
52	*
53	* The licence and distribution terms for any publically available version or
54	* derivative of this code cannot be changed. i.e. this code cannot simply be
55	* copied and put under another distribution licence
56	* [including the GNU Public Licence.]
57	*/
58
59	#include <stdio.h>
60	#include <sys/types.h>
61	#include <fcntl.h>
62	#include <time.h>
63	#include <string.h>
64
65	#include "openssl/e_os.h"
66
67	#include <openssl/crypto.h>
68
69	#if !defined(USE_MD5_RAND) && !defined(USE_SHA1_RAND) && !defined(USE_MDC2_RAND) && !defined(USE_MD2_RAND)
70	#if !defined(NO_SHA) && !defined(NO_SHA1)
71	#define USE_SHA1_RAND
72	#elif !defined(NO_MD5)
73	#define USE_MD5_RAND
74	#elif !defined(NO_MDC2) && !defined(NO_DES)
75	#define USE_MDC2_RAND
76	#elif !defined(NO_MD2)
77	#define USE_MD2_RAND
78	#else
79	#error No message digest algorithm available
80	#endif
81	#endif
82
83	/* Changed how the state buffer used. I now attempt to 'wrap' such
84	* that I don't run over the same locations the next time go through
85	* the 1023 bytes - many thanks to
86	* Robert J. LeBlanc <rjl@renaissoft.com> for his comments
87	*/
88
89	#if defined(USE_MD5_RAND)
90	#include <openssl/md5.h>
91	#define MD_DIGEST_LENGTH MD5_DIGEST_LENGTH
92	#define MD_CTX MD5_CTX
93	#define MD_Init(a) MD5_Init(a)
94	#define MD_Update(a,b,c) MD5_Update(a,b,c)
95	#define MD_Final(a,b) MD5_Final(a,b)
96	#define MD(a,b,c) MD5(a,b,c)
97	#elif defined(USE_SHA1_RAND)
98	#include <openssl/sha.h>
99	#define MD_DIGEST_LENGTH SHA_DIGEST_LENGTH
100	#define MD_CTX SHA_CTX
101	#define MD_Init(a) SHA1_Init(a)
102	#define MD_Update(a,b,c) SHA1_Update(a,b,c)
103	#define MD_Final(a,b) SHA1_Final(a,b)
104	#define MD(a,b,c) SHA1(a,b,c)
105	#elif defined(USE_MDC2_RAND)
106	#include <openssl/mdc2.h>
107	#define MD_DIGEST_LENGTH MDC2_DIGEST_LENGTH
108	#define MD_CTX MDC2_CTX
109	#define MD_Init(a) MDC2_Init(a)
110	#define MD_Update(a,b,c) MDC2_Update(a,b,c)
111	#define MD_Final(a,b) MDC2_Final(a,b)
112	#define MD(a,b,c) MDC2(a,b,c)
113	#elif defined(USE_MD2_RAND)
114	#include <openssl/md2.h>
115	#define MD_DIGEST_LENGTH MD2_DIGEST_LENGTH
116	#define MD_CTX MD2_CTX
117	#define MD_Init(a) MD2_Init(a)
118	#define MD_Update(a,b,c) MD2_Update(a,b,c)
119	#define MD_Final(a,b) MD2_Final(a,b)
120	#define MD(a,b,c) MD2(a,b,c)
121	#endif
122
123	#include <openssl/rand.h>
124
125	/* #define NORAND 1 */
126	/* #define PREDICT 1 */
127
128	#define STATE_SIZE 1023
129	static int state_num=0,state_index=0;
130	static unsigned char state[STATE_SIZE+MD_DIGEST_LENGTH];
131	static unsigned char md[MD_DIGEST_LENGTH];
132	static long md_count[2]={0,0};
133	static double entropy=0;
134	static int initialized=0;
135
136	const char *RAND_version="RAND" OPENSSL_VERSION_PTEXT;
137
138	static void ssleay_rand_cleanup(void);
139	static void ssleay_rand_seed(const void *buf, int num);
140	static void ssleay_rand_add(const void *buf, int num, double add_entropy);
141	static int ssleay_rand_bytes(unsigned char *buf, int num);
142	static int ssleay_rand_pseudo_bytes(unsigned char *buf, int num);
143
144	RAND_METHOD rand_ssleay_meth={
145	ssleay_rand_seed,
146	ssleay_rand_bytes,
147	ssleay_rand_cleanup,
148	ssleay_rand_add,
149	ssleay_rand_pseudo_bytes,
150	};
151
152	RAND_METHOD *RAND_SSLeay(void)
153	{
154	return(&rand_ssleay_meth);
155	}
156
157	static void ssleay_rand_cleanup(void)
158	{
159	memset(state,0,sizeof(state));
160	state_num=0;
161	state_index=0;
162	memset(md,0,MD_DIGEST_LENGTH);
163	md_count[0]=0;
164	md_count[1]=0;
165	entropy=0;
166	}
167
168	static void ssleay_rand_add(const void *buf, int num, double add)
169	{
170	int i,j,k,st_idx;
171	long md_c[2];
172	unsigned char local_md[MD_DIGEST_LENGTH];
173	MD_CTX m;
174
175	#ifdef NORAND
176	return;
177	#endif
178
179	/*
180	* (Based on the rand(3) manpage)
181	*
182	* The input is chopped up into units of 20 bytes (or less for
183	* the last block). Each of these blocks is run through the hash
184	* function as follows: The data passed to the hash function
185	* is the current 'md', the same number of bytes from the 'state'
186	* (the location determined by in incremented looping index) as
187	* the current 'block', the new key data 'block', and 'count'
188	* (which is incremented after each use).
189	* The result of this is kept in 'md' and also xored into the
190	* 'state' at the same locations that were used as input into the
191	* hash function.
192	*/
193
194	CRYPTO_w_lock(CRYPTO_LOCK_RAND);
195	st_idx=state_index;
196
197	/* use our own copies of the counters so that even
198	* if a concurrent thread seeds with exactly the
199	* same data and uses the same subarray there's _some_
200	* difference */
201	md_c[0] = md_count[0];
202	md_c[1] = md_count[1];
203
204	memcpy(local_md, md, sizeof md);
205
206	/* state_index <= state_num <= STATE_SIZE */
207	state_index += num;
208	if (state_index >= STATE_SIZE)
209	{
210	state_index%=STATE_SIZE;
211	state_num=STATE_SIZE;
212	}
213	else if (state_num < STATE_SIZE)
214	{
215	if (state_index > state_num)
216	state_num=state_index;
217	}
218	/* state_index <= state_num <= STATE_SIZE */
219
220	/* state[st_idx], ..., state[(st_idx + num - 1) % STATE_SIZE]
221	* are what we will use now, but other threads may use them
222	* as well */
223
224	md_count[1] += (num / MD_DIGEST_LENGTH) + (num % MD_DIGEST_LENGTH > 0);
225
226	CRYPTO_w_unlock(CRYPTO_LOCK_RAND);
227
228	for (i=0; i<num; i+=MD_DIGEST_LENGTH)
229	{
230	j=(num-i);
231	j=(j > MD_DIGEST_LENGTH)?MD_DIGEST_LENGTH:j;
232
233	MD_Init(&m);
234	MD_Update(&m,local_md,MD_DIGEST_LENGTH);
235	k=(st_idx+j)-STATE_SIZE;
236	if (k > 0)
237	{
238	MD_Update(&m,&(state[st_idx]),j-k);
239	MD_Update(&m,&(state[0]),k);
240	}
241	else
242	MD_Update(&m,&(state[st_idx]),j);
243
244	MD_Update(&m,buf,j);
245	MD_Update(&m,(unsigned char *)&(md_count[0]),sizeof(md_count));
246	MD_Final(md,&m);
247	md_count[1]++;
248
249	buf=(const char *)buf + j;
250
251	for (k=0; k<j; k++)
252	{
253	state[st_idx++]^=md[k];
254	if (st_idx >= STATE_SIZE)
255	{
256	st_idx=0;
257	st_num=STATE_SIZE;
258	}
259	}
260	}
261	memset((char *)&m,0,sizeof(m));
262	}
263
264	static void ssleay_rand_bytes(unsigned char *buf, int num)
265	{
266	int i,j,k,st_num,st_idx;
267	MD_CTX m;
268	static int init=1;
269	unsigned long l;
270	#ifdef DEVRANDOM
271	int fd;
272	#endif
273
274	#ifdef PREDICT
275	{
276	static unsigned char val=0;
277
278	for (i=0; i<num; i++)
279	buf[i]=val++;
280	return;
281	}
282	#endif
283
284	CRYPTO_w_lock(CRYPTO_LOCK_RAND);
285
286	if (init)
287	{
288	CRYPTO_w_unlock(CRYPTO_LOCK_RAND);
289	/* put in some default random data, we need more than
290	* just this */
291	RAND_seed(&m,sizeof(m));
292	#ifndef MSDOS
293	l=getpid();
294	RAND_seed(&l,sizeof(l));
295	l=getuid();
296	RAND_seed(&l,sizeof(l));
297	#endif
298	l=time(NULL);
299	RAND_seed(&l,sizeof(l));
300
301	/* #ifdef DEVRANDOM */
302	/*
303	* Use a random entropy pool device.
304	* Linux 1.3.x, OpenBSD, and FreeBSD have
305	* this. Use /dev/urandom if you can
306	* as /dev/random will block if it runs out
307	* of random entries.
308	*/
309	if ((fd = open(DEVRANDOM, O_RDONLY)) != NULL)
310	{
311	unsigned char tmpbuf[32];
312
313	read(fd, tmpbuf, sizeof(tmpbuf));
314	/* we don't care how many bytes we read,
315	* we will just copy the 'stack' if there is
316	* nothing else :-) */
317	/* the above comment is EVIL. Security software
318	* RELIES ON THESE PRIMITIVES HAVING MORE SECURE
319	* BEHAVIOUR! Secure entropy is required in
320	* many cases! */
321	RAND_seed(tmpbuf,32);
322	memset(tmpbuf,0,32);
323	}
324	/* #endif */
325	#ifdef PURIFY
326	memset(state,0,STATE_SIZE);
327	memset(md,0,MD_DIGEST_LENGTH);
328	#endif
329	CRYPTO_w_lock(CRYPTO_LOCK_RAND);
330	init=0;
331	}
332
333	st_idx=state_index;
334	st_num=state_num;
335	state_index+=num;
336	if (state_index > state_num)
337	state_index=(state_index%state_num);
338
339	CRYPTO_w_unlock(CRYPTO_LOCK_RAND);
340
341	while (num > 0)
342	{
343	j=(num >= MD_DIGEST_LENGTH/2)?MD_DIGEST_LENGTH/2:num;
344	num-=j;
345	MD_Init(&m);
346	#ifndef GETPID_IS_MEANINGLESS
347	if (curr_pid) /* just in the first iteration to save time */
348	{
349	MD_Update(&m,(unsigned char*)&curr_pid,sizeof curr_pid);
350	curr_pid = 0;
351	}
352	#endif
353	MD_Update(&m,&(local_md[MD_DIGEST_LENGTH/2]),MD_DIGEST_LENGTH/2);
354	MD_Update(&m,(unsigned char *)&(md_c[0]),sizeof(md_c));
355	#ifndef PURIFY
356	MD_Update(&m,buf,j); /* purify complains */
357	#endif
358	k=(st_idx+j)-st_num;
359	if (k > 0)
360	{
361	MD_Update(&m,&(state[st_idx]),j-k);
362	MD_Update(&m,&(state[0]),k);
363	}
364	else
365	MD_Update(&m,&(state[st_idx]),j);
366	MD_Final(local_md,&m);
367
368	for (i=0; i<j; i++)
369	{
370	state[st_idx++]^=local_md[i]; /* may compete with other threads */
371	*(buf++)=local_md[i+MD_DIGEST_LENGTH/2];
372	if (st_idx >= st_num)
373	st_idx=0;
374	}
375	}
376
377	MD_Init(&m);
378	MD_Update(&m,(unsigned char *)&(md_c[0]),sizeof(md_c));
379	MD_Update(&m,local_md,MD_DIGEST_LENGTH);
380	CRYPTO_w_lock(CRYPTO_LOCK_RAND);
381	MD_Update(&m,md,MD_DIGEST_LENGTH);
382	MD_Final(md,&m);
383	CRYPTO_w_unlock(CRYPTO_LOCK_RAND);
384
385	memset(&m,0,sizeof(m));
386	if (ok)
387	return(1);
388	else
389	{
390	RANDerr(RAND_F_SSLEAY_RAND_BYTES,RAND_R_PRNG_NOT_SEEDED);
391	return(0);
392	}
393	}
394
395	/* pseudo-random bytes that are guaranteed to be unique but not
396	unpredictable */
397	static int ssleay_rand_pseudo_bytes(unsigned char *buf, int num)
398	{
399	int ret, err;
400
401	ret = RAND_bytes(buf, num);
402	if (ret == 0)
403	{
404	err = ERR_peek_error();
405	if (ERR_GET_LIB(err) == ERR_LIB_RAND &&
406	ERR_GET_REASON(err) == RAND_R_PRNG_NOT_SEEDED)
407	(void)ERR_get_error();
408	}
409	return (ret);
410	}
411
412	int RAND_status(void)
413	{
414	if (!initialized)
415	ssleay_rand_initialize();
416	return (entropy >= ENTROPY_NEEDED);
417	}
418
419	#ifdef WINDOWS
420	#include <windows.h>
421	#include <openssl/rand.h>
422
423	/*****************************************************************************
424	* Initialisation function for the SSL random generator. Takes the contents
425	* of the screen as random seed.
426	*
427	* Created 960901 by Gertjan van Oosten, gertjan@West.NL, West Consulting B.V.
428	*
429	* Code adapted from
430	* <URL:http://www.microsoft.com/kb/developr/win_dk/q97193.htm>;
431	* the original copyright message is:
432	*
433	* (C) Copyright Microsoft Corp. 1993. All rights reserved.
434	*
435	* You have a royalty-free right to use, modify, reproduce and
436	* distribute the Sample Files (and/or any modified version) in
437	* any way you find useful, provided that you agree that
438	* Microsoft has no warranty obligations or liability for any
439	* Sample Application Files which are modified.
440	*/
441	/*
442	* I have modified the loading of bytes via RAND_seed() mechanism since
443	* the original would have been very very CPU intensive since RAND_seed()
444	* does an MD5 per 16 bytes of input. The cost to digest 16 bytes is the same
445	* as that to digest 56 bytes. So under the old system, a screen of
446	* 1024768256 would have been CPU cost of approximately 49,000 56 byte MD5
447	* digests or digesting 2.7 mbytes. What I have put in place would
448	* be 48 16k MD5 digests, or effectively 48*16+48 MD5 bytes or 816 kbytes
449	* or about 3.5 times as much.
450	* - eric
451	*/
452	void RAND_screen(void)
453	{
454	HDC hScrDC; /* screen DC */
455	HDC hMemDC; /* memory DC */
456	HBITMAP hBitmap; /* handle for our bitmap */
457	HBITMAP hOldBitmap; /* handle for previous bitmap */
458	BITMAP bm; /* bitmap properties */
459	unsigned int size; /* size of bitmap */
460	char bmbits; / contents of bitmap */
461	int w; /* screen width */
462	int h; /* screen height */
463	int y; /* y-coordinate of screen lines to grab */
464	int n = 16; /* number of screen lines to grab at a time */
465
466	/* Create a screen DC and a memory DC compatible to screen DC */
467	hScrDC = CreateDC("DISPLAY", NULL, NULL, NULL);
468	hMemDC = CreateCompatibleDC(hScrDC);
469
470	/* Get screen resolution */
471	w = GetDeviceCaps(hScrDC, HORZRES);
472	h = GetDeviceCaps(hScrDC, VERTRES);
473
474	/* Create a bitmap compatible with the screen DC */
475	hBitmap = CreateCompatibleBitmap(hScrDC, w, n);
476
477	/* Select new bitmap into memory DC */
478	hOldBitmap = SelectObject(hMemDC, hBitmap);
479
480	/* Get bitmap properties */
481	GetObject(hBitmap, sizeof(BITMAP), (LPSTR)&bm);
482	size = (unsigned int)bm.bmWidthBytes * bm.bmHeight * bm.bmPlanes;
483
484	bmbits = Malloc(size);
485	if (bmbits) {
486	/* Now go through the whole screen, repeatedly grabbing n lines */
487	for (y = 0; y < h-n; y += n)
488	{
489	unsigned char md[MD_DIGEST_LENGTH];
490
491	/* Bitblt screen DC to memory DC */
492	BitBlt(hMemDC, 0, 0, w, n, hScrDC, 0, y, SRCCOPY);
493
494	/* Copy bitmap bits from memory DC to bmbits */
495	GetBitmapBits(hBitmap, size, bmbits);
496
497	/* Get the MD5 of the bitmap */
498	MD(bmbits,size,md);
499
500	/* Seed the random generator with the MD5 digest */
501	RAND_seed(md, MD_DIGEST_LENGTH);
502	}
503
504	Free(bmbits);
505	}
506
507	/* Select old bitmap back into memory DC */
508	hBitmap = SelectObject(hMemDC, hOldBitmap);
509
510	/* Clean up */
511	DeleteObject(hBitmap);
512	DeleteDC(hMemDC);
513	DeleteDC(hScrDC);
514	}
515	#endif